Today we’re rolling out three focused upgrades that harden real-world deployments and reduce latency across agent workflows and WordPress automations.
What’s new
– Async Job Runner (Django + Redis + RQ)
– Priority queues (high/default/low), per-queue concurrency, and exponential backoff retries
– Idempotent tasks via dedup keys to prevent duplicate API calls
– Structured job metadata (trace_id, tenant_id, user_id) for cross-service correlation
– HMAC-Signed Webhooks
– SHA-256 signatures using per-tenant secrets; replay protection with timestamp windows
– Middleware verifies signature and freshness before queueing downstream work
– Ready-made verifiers for Python, Node, and PHP
– WordPress Plugin v0.7
– Non-blocking fetch via background tasks for content generation and sync
– Connection health checks and signature verification for inbound webhooks
– Admin UI for mapping post types to agent workflows; improved error surfacing
Why it matters
– Lower tail latency for long-running LLM calls and tool chains
– Safer cross-system automation (no silent duplicates, no spoofed callbacks)
– Cleaner ops: every job is traceable, retryable, and observable
Implementation notes
– Job Runner
– Stack: Django, Redis, RQ, rq-scheduler
– Defaults: max_retries=5 with jittered backoff (base=2s, cap=2m)
– Failure policy: dead-letter queue with reason codes and payload snapshots (PII redacted)
– Webhooks
– Header: X-AIGLA-Signature: t=epoch_ms,v1=hex_hmac
– Verification: hmac_sha256(secret, t + “.” + raw_body)
– Reject if clock skew > 5 minutes or signature mismatch
– WordPress v0.7
– Background processing using Action Scheduler
– Filters: aigla_before_enqueue, aigla_after_complete for custom logic
– Minimal required PHP 8.0; tested on WP 6.5+
Performance impact (staging benchmarks)
– 92% reduction in p95 response time for editor-triggered automations (2.4s → 0.19s) by offloading to queues
– 0.00% duplicate webhook processing in soak tests (10M events) with dedup + signatures
– 37% faster end-to-end content sync using batched updates and parallel jobs
Upgrade path
– Backend: run migrations, set AIGLA_REDIS_URL, deploy workers per queue
– Webhooks: rotate secrets, enable signature checks, update upstream senders to include timestamps
– WordPress: update to v0.7, run health check in plugin settings, confirm webhook endpoint status = Verified
Monitoring
– New dashboards: queue depth, retry rate, dead-letter rate, webhook verify failures
– Alerts: high retry percentage (>5%/5m), signature failures (>10/min), queue depth SLA breaches
What’s next
– Multi-region worker pools with work stealing
– Agent sandbox timeouts with budget-aware tool execution
– WordPress “safe publish” mode with preflight validation
If you need help migrating to the signed webhooks or configuring queues, reach out. These changes are live for new projects today; existing projects can enable them via the settings panel.
These are excellent, production-focused updates; the idempotency and retry logic for the async runner are particularly welcome. How are jobs handled if they fail after all retries are exhausted?