@depup/memorystore 1.6.7-depup.0

package/.travis.yml

@@ -0,0 +1,10 @@
+language: node_js
+
+node_js:
+  - "10"
+  - "12"
+  - "14"
+
+cache:
+  directories:
+    - node_modules

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2017 Rocco Musolino
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,32 @@
+# @depup/memorystore
+
+> Dependency-bumped version of [memorystore](https://www.npmjs.com/package/memorystore)
+
+Generated by [DepUp](https://github.com/depup/npm) -- all production
+dependencies bumped to latest versions.
+
+## Installation
+
+```bash
+npm install @depup/memorystore
+```
+
+| Field | Value |
+|-------|-------|
+| Original | [memorystore](https://www.npmjs.com/package/memorystore) @ 1.6.7 |
+| Processed | 2026-03-19 |
+| Smoke test | passed |
+| Deps updated | 2 |
+
+## Dependency Changes
+
+| Dependency | From | To |
+|------------|------|-----|
+| debug | ^4.3.0 | ^4.4.3 |
+| lru-cache | ^4.0.3 | ^11.2.7 |
+
+---
+
+Source: https://github.com/depup/npm | Original: https://www.npmjs.com/package/memorystore
+
+License inherited from the original package.

package/changes.json

@@ -0,0 +1,14 @@
+{
+  "bumped": {
+    "debug": {
+      "from": "^4.3.0",
+      "to": "^4.4.3"
+    },
+    "lru-cache": {
+      "from": "^4.0.3",
+      "to": "^11.2.7"
+    }
+  },
+  "timestamp": "2026-03-19T03:03:01.071Z",
+  "totalUpdated": 2
+}

package/index.d.ts

@@ -0,0 +1,81 @@
+import expressSession, {
+	MemoryStore as ExpressMemoryStore,
+} from "express-session";
+
+interface MemoryStoreOptions {
+	/**
+	 * Define how long MemoryStore will check for expired.
+	 * The period is in ms. The automatic check is disabled by default!
+	 * Not setting this is kind of silly, since that's the whole purpose of
+	 * this lib.
+	 */
+	checkPeriod?: number;
+	/**
+	 * The maximum size of the cache, checked by applying the length
+	 * function to all values in the cache. It defaults to `Infinity`.
+	 */
+	max?: number;
+	/**
+	 * Session TTL (expiration) in milliseconds.
+	 * Defaults to `session.maxAge` (if set), or one day.
+	 */
+	ttl?: number | ((options: any, sess: any, sessionId: any) => number);
+	/**
+	 * Function that is called on sessions when they are dropped from the
+	 * cache. This can be handy if you want to close file descriptors or do
+	 * other cleanup tasks when sessions are no longer accessible. It's
+	 * called before actually removing the item from the internal cache, so
+	 * if you want to immediately put it back in, you'll have to do that in
+	 * a `nextTick` or `setTimeout` callback or it won't do anything.
+	 */
+	dispose?: (key: any, value: any) => void;
+	/**
+	 * By default, if you set a `maxAge`, it'll only actually pull stale
+	 * items out of the cache when you `get(key)`. (That is, it's not
+	 * pre-emptively doing a setTimeout or anything.) If you set
+	 * `stale:true`, it'll return the stale value before deleting it. If
+	 * you don't set this, then it'll return undefined when you try to get
+	 * a stale entry, as if it had already been deleted.
+	 */
+	stale?: boolean;
+	/**
+	 * By default, if you set a `dispose()` method, then it'll be called
+	 * whenever a `set()` operation overwrites an existing key. If you set
+	 * this option, `dispose()` will only be called when a key falls out of
+	 * the cache, not when it is overwritten.
+	 */
+	noDisposeOnSet?: boolean;
+	/**
+	 * An object compatible with Javascript's JSON to override the
+	 * serializer used.
+	 */
+	serializer?: {
+		stringify: (arg: object) => string;
+		parse: (str: string) => object;
+	};
+}
+
+declare class MemoryStore extends ExpressMemoryStore {
+	constructor(options: MemoryStoreOptions);
+	/** method to start the automatic check for expired. */
+	startInterval(): void;
+	/** method to clear the automatic check for expired. */
+	stopInterval(): void;
+	/** use to manually remove only the expired entries from the store. */
+	prune(): void;
+}
+
+/**
+ * Sample usage:
+ * ```
+ * import session from 'express-session';
+ * import createMemoryStore from 'memorystore';
+ * const MemoryStore = createMemoryStore(session);
+ * ...
+ * app.use(session({ store: new MemoryStore({ ...options }) }));
+ * ```
+ */
+declare function createMemoryStore(
+	session: typeof expressSession
+): typeof MemoryStore;
+export = createMemoryStore;

package/index.js

@@ -0,0 +1 @@
+module.exports = require('./lib/memorystore.js')

package/lib/memorystore.js

@@ -0,0 +1,295 @@
+/*!
+ * memorystore
+ * Copyright(c) 2020 Rocco Musolino <@roccomuso>
+ * MIT Licensed
+ */
+
+var debug = require('debug')('memorystore')
+var LRU = require('lru-cache')
+var util = require('util')
+
+/**
+ * One day in milliseconds.
+ */
+
+var oneDay = 86400000
+
+function getTTL (options, sess, sid) {
+  if (typeof options.ttl === 'number') return options.ttl
+  if (typeof options.ttl === 'function') return options.ttl(options, sess, sid)
+  if (options.ttl) throw new TypeError('`options.ttl` must be a number or function.')
+
+  var maxAge = (sess && sess.cookie) ? sess.cookie.maxAge : null
+  return (typeof maxAge === 'number'
+    ? Math.floor(maxAge)
+    : oneDay)
+}
+
+function prune (store) {
+  debug('Pruning expired entries')
+  store.forEach(function (value, key) {
+    store.get(key)
+  })
+}
+
+var defer = typeof setImmediate === 'function'
+  ? setImmediate
+  : function (fn) { process.nextTick(fn.bind.apply(fn, arguments)) }
+
+/**
+ * Return the `MemoryStore` extending `express`'s session Store.
+ *
+ * @param {object} express session
+ * @return {Function}
+ * @api public
+ */
+
+module.exports = function (session) {
+  /**
+   * Express's session Store.
+   */
+
+  var Store = session.Store
+
+  /**
+   * Initialize MemoryStore with the given `options`.
+   *
+   * @param {Object} options
+   * @api public
+   */
+
+  function MemoryStore (options) {
+    if (!(this instanceof MemoryStore)) {
+      throw new TypeError('Cannot call MemoryStore constructor as a function')
+    }
+
+    options = options || {}
+    Store.call(this, options)
+
+    this.options = {}
+    this.options.checkPeriod = options.checkPeriod
+    this.options.max = options.max || Infinity
+    this.options.ttl = options.ttl
+    this.options.dispose = options.dispose
+    this.options.stale = options.stale
+    this.options.noDisposeOnSet = options.noDisposeOnSet
+
+    this.serializer = options.serializer || JSON
+    this.store = LRU(this.options)
+    debug('Init MemoryStore')
+
+    this.startInterval()
+  }
+
+  /**
+   * Inherit from `Store`.
+   */
+
+  util.inherits(MemoryStore, Store)
+
+  /**
+   * Attempt to fetch session by the given `sid`.
+   *
+   * @param {String} sid
+   * @param {Function} fn
+   * @api public
+   */
+
+  MemoryStore.prototype.get = function (sid, fn) {
+    var store = this.store
+
+    debug('GET "%s"', sid)
+
+    var data = store.get(sid)
+    if (!data) return fn()
+
+    debug('GOT %s', data)
+    var err = null
+    var result
+    try {
+      result = this.serializer.parse(data)
+    } catch (er) {
+      err = er
+    }
+
+    fn && defer(fn, err, result)
+  }
+
+  /**
+   * Commit the given `sess` object associated with the given `sid`.
+   *
+   * @param {String} sid
+   * @param {Session} sess
+   * @param {Function} fn
+   * @api public
+   */
+
+  MemoryStore.prototype.set = function (sid, sess, fn) {
+    var store = this.store
+
+    var ttl = getTTL(this.options, sess, sid)
+    try {
+      var jsess = this.serializer.stringify(sess)
+    } catch (err) {
+      fn && defer(fn, err)
+    }
+
+    store.set(sid, jsess, ttl)
+    debug('SET "%s" %s ttl:%s', sid, jsess, ttl)
+    fn && defer(fn, null)
+  }
+
+  /**
+   * Destroy the session associated with the given `sid`.
+   *
+   * @param {String} sid
+   * @api public
+   */
+
+  MemoryStore.prototype.destroy = function (sid, fn) {
+    var store = this.store
+
+    if (Array.isArray(sid)) {
+      sid.forEach(function (s) {
+        debug('DEL "%s"', s)
+        store.del(s)
+      })
+    } else {
+      debug('DEL "%s"', sid)
+      store.del(sid)
+    }
+    fn && defer(fn, null)
+  }
+
+  /**
+   * Refresh the time-to-live for the session with the given `sid`.
+   *
+   * @param {String} sid
+   * @param {Session} sess
+   * @param {Function} fn
+   * @api public
+   */
+
+  MemoryStore.prototype.touch = function (sid, sess, fn) {
+    var store = this.store
+
+    var ttl = getTTL(this.options, sess, sid)
+
+    debug('EXPIRE "%s" ttl:%s', sid, ttl)
+    var err = null
+    if (store.get(sid) !== undefined) {
+      try {
+        var s = this.serializer.parse(store.get(sid))
+        s.cookie = sess.cookie
+        store.set(sid, this.serializer.stringify(s), ttl)
+      } catch (e) {
+        err = e
+      }
+    }
+    fn && defer(fn, err)
+  }
+
+  /**
+   * Fetch all sessions' ids
+   *
+   * @param {Function} fn
+   * @api public
+   */
+
+  MemoryStore.prototype.ids = function (fn) {
+    var store = this.store
+
+    var Ids = store.keys()
+    debug('Getting IDs: %s', Ids)
+    fn && defer(fn, null, Ids)
+  }
+
+  /**
+   * Fetch all sessions
+   *
+   * @param {Function} fn
+   * @api public
+   */
+
+  MemoryStore.prototype.all = function (fn) {
+    var store = this.store
+    var self = this
+
+    debug('Fetching all sessions')
+    var err = null
+    var result = {}
+    try {
+      store.forEach(function (val, key) {
+        result[key] = self.serializer.parse(val)
+      })
+    } catch (e) {
+      err = e
+    }
+    fn && defer(fn, err, result)
+  }
+
+  /**
+   * Delete all sessions from the store
+   *
+   * @param {Function} fn
+   * @api public
+   */
+
+  MemoryStore.prototype.clear = function (fn) {
+    var store = this.store
+    debug('delete all sessions from the store')
+    store.reset()
+    fn && defer(fn, null)
+  }
+
+  /**
+   * Get the count of all sessions in the store
+   *
+   * @param {Function} fn
+   * @api public
+   */
+
+  MemoryStore.prototype.length = function (fn) {
+    var store = this.store
+    debug('getting length', store.itemCount)
+    fn && defer(fn, null, store.itemCount)
+  }
+
+  /**
+   * Start the check interval
+   * @api public
+   */
+
+  MemoryStore.prototype.startInterval = function () {
+    var self = this
+    var ms = this.options.checkPeriod
+    if (ms && typeof ms === 'number') {
+      clearInterval(this._checkInterval)
+      debug('starting periodic check for expired sessions')
+      this._checkInterval = setInterval(function () {
+        prune(self.store) // iterates over the entire cache proactively pruning old entries
+      }, Math.floor(ms)).unref()
+    }
+  }
+
+  /**
+   * Stop the check interval
+   * @api public
+   */
+
+  MemoryStore.prototype.stopInterval = function () {
+    debug('stopping periodic check for expired sessions')
+    clearInterval(this._checkInterval)
+  }
+
+  /**
+   * Remove only expired entries from the store
+   * @api public
+   */
+
+  MemoryStore.prototype.prune = function () {
+    prune(this.store)
+  }
+
+  return MemoryStore
+}

package/package.json

@@ -0,0 +1,66 @@
+{
+  "name": "@depup/memorystore",
+  "version": "1.6.7-depup.0",
+  "description": "express-session full featured MemoryStore layer without leaks! (with updated dependencies)",
+  "main": "index.js",
+  "types": "index.d.ts",
+  "scripts": {
+    "test": "mocha --check-leaks --bail --no-exit test/"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/roccomuso/memorystore.git"
+  },
+  "engines": {
+    "node": ">=0.10"
+  },
+  "keywords": [
+    "memorystore",
+    "depup",
+    "updated-dependencies",
+    "security",
+    "latest",
+    "patched",
+    "express-session",
+    "session",
+    "memory",
+    "store",
+    "noleak",
+    "ram"
+  ],
+  "author": "Rocco Musolino (roccomuso)",
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/roccomuso/memorystore/issues"
+  },
+  "homepage": "https://github.com/roccomuso/memorystore#readme",
+  "dependencies": {
+    "debug": "^4.4.3",
+    "lru-cache": "^11.2.7"
+  },
+  "devDependencies": {
+    "mocha": "9.2.0"
+  },
+  "standard": {
+    "env": [
+      "mocha"
+    ]
+  },
+  "depup": {
+    "changes": {
+      "debug": {
+        "from": "^4.3.0",
+        "to": "^4.4.3"
+      },
+      "lru-cache": {
+        "from": "^4.0.3",
+        "to": "^11.2.7"
+      }
+    },
+    "depsUpdated": 2,
+    "originalPackage": "memorystore",
+    "originalVersion": "1.6.7",
+    "processedAt": "2026-03-19T03:03:03.740Z",
+    "smokeTest": "passed"
+  }
+}

package/test/store.js

@@ -0,0 +1,304 @@
+var assert = require('assert')
+
+// express-session way
+var MemoryStore = require('../')({Store: function () {}})
+var session = {MemoryStore: MemoryStore}
+
+describe('MemoryStore', function (done) {
+  afterEach(function () {
+    // runs after each test in this block
+    this.store.stopInterval()
+  })
+
+  it('constructor should use default options', function (done) {
+    this.store = new session.MemoryStore()
+    var store = this.store
+    assert.ok(store.options, 'should have an option object')
+    assert.equal(store.options.max, Infinity, 'max option should be Infinity')
+    assert.equal(store.options.checkPeriod, undefined, 'checkPeriod undefined by default')
+    assert.ok(store.store, 'should have the LRU cache store')
+    assert.equal(store._checkInterval, undefined, 'should not have the pruning loop')
+    done()
+  })
+
+  it('should set options', function (done) {
+    this.store = new session.MemoryStore({
+      max: 10,
+      checkPeriod: 10 * 1000,
+      ttl: 36000,
+      dispose: null,
+      stale: true
+    })
+    var store = this.store
+    assert.equal(store.options.max, 10, 'should set the max option')
+    assert.equal(store.options.checkPeriod, 10 * 1000, 'should set checkPeriod')
+    assert.equal(store.options.ttl, 36000, 'should set the TTL')
+    assert.equal(store.options.dispose, null, 'should set dispose')
+    assert.equal(store.options.stale, true, 'should set stale')
+    done()
+  })
+
+  it('should not set the interval to check for expired entries by default', function (done) {
+    this.store = new session.MemoryStore()
+    var store = this.store
+    assert.equal(store._checkInterval, undefined, 'should not exists')
+    done()
+  })
+
+  it('should only contain 10 items', function (done) {
+    this.store = new session.MemoryStore({max: 10})
+    var store = this.store
+
+    for (var i = 0; i < 15; i++) {
+      store.set(i, {cookie: { expires: new Date((new Date()).valueOf() + 60 * 10 * 1000) }})
+    }
+
+    store.length(function (err, length) {
+      if (err) return done(err)
+      assert.equal(length, 10)
+      done()
+    })
+  })
+
+  it('should delete the first item', function (done) {
+    this.store = new session.MemoryStore({max: 10})
+    var store = this.store
+
+    for (var i = 0; i < 15; i++) {
+      store.set(i, {cookie: { expires: new Date((new Date()).valueOf() + 60 * 10 * 1000) }})
+    }
+
+    store.destroy(14)
+
+    store.length(function (err, length) {
+      if (err) return done(err)
+      assert.equal(length, 9)
+      done()
+    })
+  })
+
+  it('should delete the last item', function (done) {
+    this.store = new session.MemoryStore({max: 10})
+    var store = this.store
+
+    for (var i = 0; i < 10; i++) {
+      store.set(i, {cookie: { expires: new Date((new Date()).valueOf() + 60 * 10 * 1000) }})
+    }
+
+    store.destroy(0)
+    store.destroy(1)
+
+    store.length(function (err, length) {
+      if (err) return done(err)
+      assert.equal(length, 8)
+    })
+
+    for (i = 10; i < 12; i++) {
+      store.set(i, {cookie: { expires: new Date((new Date()).valueOf() + 60 * 10 * 1000) }})
+    }
+
+    store.length(function (err, length) {
+      if (err) return done(err)
+      assert.equal(length, 10)
+      done()
+    })
+  })
+
+  it('should set and get a sample entry', function (done) {
+    this.store = new session.MemoryStore()
+    var store = this.store
+
+    store.set('hello', {cookie: {}, sample: true})
+    store.get('hello', function (err, val) {
+      if (err) return done(err)
+      assert.equal(val.sample, true, 'set and got expected value')
+      done()
+    })
+  })
+
+  it('should set TTL from cookie.maxAge', function (done) {
+    this.store = new session.MemoryStore()
+    var store = this.store
+
+    store.set('hello', {cookie: {maxAge: 400}, sample: true})
+    store.get('hello', function (err, val) {
+      if (err) return done(err)
+      assert.equal(val.sample, true, 'entry should be valid')
+    })
+    setTimeout(function () {
+      store.get('hello', function (err, val) {
+        if (err) return done(err)
+        assert.equal(val, undefined, 'entry should be expired')
+        done()
+      })
+    }, 500)
+  })
+
+  it('should not get empty entry', function (done) {
+    this.store = new session.MemoryStore()
+    var store = this.store
+
+    store.get('', function (err, val) {
+      if (err) return done(err)
+      assert.equal(val, undefined)
+      done()
+    })
+  })
+
+  it('should not get a deleted entry', function (done) {
+    this.store = new session.MemoryStore()
+    var store = this.store
+
+    store.set('foo', {cookie: {}})
+    store.get('foo', function (err, val) {
+      if (err) return done(err)
+      assert.ok(val, 'entry exists')
+      store.destroy('foo')
+      store.get('foo', function (err, val) {
+        if (err) return done(err)
+        assert.equal(val, undefined, 'entry actually deleted')
+        done()
+      })
+    })
+  })
+
+  it('should not get an expired entry', function (done) {
+    this.store = new session.MemoryStore()
+    var store = this.store
+
+    store.set('hello', {cookie: {maxAge: 200}, sample: true})
+    setTimeout(function () {
+      store.get('hello', function (err, val) {
+        if (err) return done(err)
+        assert.equal(val, undefined, 'entry should be expired')
+        done()
+      })
+    }, 300)
+  })
+
+  it('should enable automatic prune for expired entries', function (done) {
+    this.store = new session.MemoryStore({checkPeriod: 300})
+    var store = this.store
+
+    store.set('foo', {cookie: {maxAge: 150}})
+    store.set('bar', {cookie: {maxAge: 150}})
+    store.length(function (err, count) {
+      if (err) return done(err)
+      assert.equal(count, 2, 'should count 2 entries')
+    })
+    setTimeout(function () {
+      store.length(function (err, count) {
+        if (err) return done(err)
+        assert.equal(count, 0, 'expired entries should be pruned')
+        done()
+      })
+    }, 500)
+  })
+
+  it('automatic check for expired entries should be disabled', function (done) {
+    this.store = new session.MemoryStore()
+    var store = this.store
+
+    store.set('foo', {cookie: {maxAge: 150}})
+    store.set('bar', {cookie: {maxAge: 150}})
+    store.length(function (err, count) {
+      if (err) return done(err)
+      assert.equal(count, 2, 'should count 2 entries')
+    })
+    setTimeout(function () {
+      store.length(function (err, count) {
+        if (err) return done(err)
+        assert.equal(count, 2, 'expired entries should not be pruned')
+        done()
+      })
+    }, 500)
+  })
+
+  it('should touch a given entry', function (done) {
+    this.store = new session.MemoryStore()
+    var store = this.store
+
+    store.set('hei', {cookie: {maxAge: 50}})
+    store.touch('hei', {cookie: {maxAge: 300}})
+    setTimeout(function () {
+      store.get('hei', function (err, val) {
+        if (err) return done(err)
+        assert.ok(val, 'entry should be touched')
+        done()
+      })
+    }, 200)
+  })
+
+  it('should fetch all entries Ids', function (done) {
+    this.store = new session.MemoryStore()
+    var store = this.store
+
+    var k = 10
+    var i = 0
+    for (i = 0; i < k; i++) { store.set('sess' + i, {cookie: {maxAge: 1000}}) }
+
+    store.ids(function (err, ids) {
+      if (err) return done(err)
+      assert.ok(Array.isArray(ids), 'ids should be an Array')
+      i = 10
+      ids.forEach(function (sid) {
+        assert.equal(sid, 'sess' + (--i), 'got expected key')
+      })
+      done()
+    })
+  })
+
+  it('should fetch all entries values', function (done) {
+    this.store = new session.MemoryStore()
+    var store = this.store
+
+    var k = 10
+    var i = 0
+    for (i = 0; i < k; i++) { store.set('sess-' + i, {cookie: {maxAge: 1000}, i: i}) }
+
+    store.all(function (err, all) {
+      if (err) return done(err)
+      assert.equal(typeof all, 'object', 'all should be an Object')
+      Object.keys(all).forEach(function (sid) {
+        var v = sid.split('-')[1]
+        assert.equal(all[sid].i, v, 'got expected value')
+      })
+      done()
+    })
+  })
+
+  it('should count all entries in the store', function (done) {
+    this.store = new session.MemoryStore()
+    var store = this.store
+
+    var k = 10
+    var i = 0
+    for (i = 0; i < k; i++) { store.set(i, {cookie: {maxAge: 1000}}) }
+
+    store.length(function (err, n) {
+      if (err) return done(err)
+      assert.equal(n, k, 'Got expected lenght')
+      done()
+    })
+  })
+
+  it('should delete all entries from the store', function (done) {
+    this.store = new session.MemoryStore()
+    var store = this.store
+
+    var k = 10
+    var i = 0
+    for (i = 0; i < k; i++) { store.set(i, {cookie: {maxAge: 1000}}) }
+
+    store.length(function (err, n) {
+      if (err) return done(err)
+      assert.equal(n, k, 'store is not empty')
+    })
+    store.clear()
+    store.length(function (err, n) {
+      if (err) return done(err)
+      assert.equal(n, 0, 'store should be empty')
+      done()
+    })
+  })
+})