@joint-ops/hitlimit-bun 1.0.1 → 1.0.3

package/README.md

@@ -17,23 +17,23 @@
 **hitlimit-bun uses Bun's native SQLite** - no FFI overhead, no Node.js polyfills.
 
 ```
-┌────────────────────────────────────────────────────────────────┐
-│                                                                │
-│  bun:sqlite         ████████████████████████████  95,000 ops/s │
-│  better-sqlite3     ██████████░░░░░░░░░░░░░░░░░░  35,000 ops/s │
-│                                                                │
-│  bun:sqlite is 2.7x faster because it's truly native           │
-│                                                                │
-└────────────────────────────────────────────────────────────────┘
+┌─────────────────────────────────────────────────────────────────┐
+│                                                                 │
+│  bun:sqlite         ████████████████████████████  520,000 ops/s │
+│  better-sqlite3     ██████████████████░░░░░░░░░░  400,000 ops/s │
+│                                                                 │
+│  bun:sqlite is 30% faster with zero FFI overhead                │
+│                                                                 │
+└─────────────────────────────────────────────────────────────────┘
 ```
 
 - **Bun Native** - Built specifically for Bun's runtime, not a Node.js port
-- **2.7x Faster SQLite** - Native bun:sqlite vs Node.js better-sqlite3
-- **95,000+ ops/sec** - With bun:sqlite persistence
+- **7.2M ops/sec** - Memory store performance
+- **520K ops/sec** - With bun:sqlite persistence
 - **Zero Config** - Works out of the box with sensible defaults
 - **Elysia Plugin** - First-class Elysia framework integration
 - **TypeScript First** - Full type safety and IntelliSense support
-- **Tiny Footprint** - Only ~5KB minified, no bloat
+- **Tiny Footprint** - ~23KB total, zero runtime dependencies
 
 ## Installation
 

package/dist/core/config.d.ts

@@ -0,0 +1,3 @@
+import type { HitLimitOptions, HitLimitStore, KeyGenerator, ResolvedConfig } from '@joint-ops/hitlimit-types';
+export declare function resolveConfig<TRequest>(options: HitLimitOptions<TRequest>, defaultStore: HitLimitStore, defaultKey: KeyGenerator<TRequest>): ResolvedConfig<TRequest>;
+//# sourceMappingURL=config.d.ts.map

package/dist/core/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/core/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,eAAe,EACf,aAAa,EACb,YAAY,EACZ,cAAc,EACf,MAAM,2BAA2B,CAAA;AAGlC,wBAAgB,aAAa,CAAC,QAAQ,EACpC,OAAO,EAAE,eAAe,CAAC,QAAQ,CAAC,EAClC,YAAY,EAAE,aAAa,EAC3B,UAAU,EAAE,YAAY,CAAC,QAAQ,CAAC,GACjC,cAAc,CAAC,QAAQ,CAAC,CAiB1B"}

package/dist/core/headers.d.ts

@@ -0,0 +1,3 @@
+import type { HitLimitInfo, HeadersConfig } from '@joint-ops/hitlimit-types';
+export declare function buildHeaders(info: HitLimitInfo, config: Required<HeadersConfig>, allowed: boolean): Record<string, string>;
+//# sourceMappingURL=headers.d.ts.map

package/dist/core/headers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"headers.d.ts","sourceRoot":"","sources":["../../src/core/headers.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAA;AAE5E,wBAAgB,YAAY,CAC1B,IAAI,EAAE,YAAY,EAClB,MAAM,EAAE,QAAQ,CAAC,aAAa,CAAC,EAC/B,OAAO,EAAE,OAAO,GACf,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAoBxB"}

package/dist/core/limiter.d.ts

@@ -0,0 +1,3 @@
+import type { HitLimitResult, ResolvedConfig } from '@joint-ops/hitlimit-types';
+export declare function checkLimit<TRequest>(config: ResolvedConfig<TRequest>, req: TRequest): Promise<HitLimitResult>;
+//# sourceMappingURL=limiter.d.ts.map

package/dist/core/limiter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"limiter.d.ts","sourceRoot":"","sources":["../../src/core/limiter.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAgB,cAAc,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAA;AAK7F,wBAAsB,UAAU,CAAC,QAAQ,EACvC,MAAM,EAAE,cAAc,CAAC,QAAQ,CAAC,EAChC,GAAG,EAAE,QAAQ,GACZ,OAAO,CAAC,cAAc,CAAC,CAiDzB"}

package/dist/core/response.d.ts

@@ -0,0 +1,3 @@
+import type { HitLimitInfo, ResponseConfig, ResponseFormatter } from '@joint-ops/hitlimit-types';
+export declare function buildBody(response: ResponseConfig | ResponseFormatter, info: HitLimitInfo): Record<string, any>;
+//# sourceMappingURL=response.d.ts.map

package/dist/core/response.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"response.d.ts","sourceRoot":"","sources":["../../src/core/response.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,YAAY,EAAE,cAAc,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAA;AAEhG,wBAAgB,SAAS,CACvB,QAAQ,EAAE,cAAc,GAAG,iBAAiB,EAC5C,IAAI,EAAE,YAAY,GACjB,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAWrB"}

package/dist/core/utils.d.ts

@@ -0,0 +1,2 @@
+export declare function parseWindow(window: string | number): number;
+//# sourceMappingURL=utils.d.ts.map

package/dist/core/utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"utils.d.ts","sourceRoot":"","sources":["../../src/core/utils.ts"],"names":[],"mappings":"AAOA,wBAAgB,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,CAO3D"}

package/dist/elysia.d.ts

@@ -0,0 +1,38 @@
+import { Elysia } from 'elysia';
+import type { HitLimitOptions } from '@joint-ops/hitlimit-types';
+export interface ElysiaHitLimitOptions extends HitLimitOptions<{
+    request: Request;
+}> {
+    sqlitePath?: string;
+}
+export declare function hitlimit(options?: ElysiaHitLimitOptions): Elysia<"", {
+    decorator: {};
+    store: {};
+    derive: {};
+    resolve: {};
+}, {
+    typebox: {};
+    error: {};
+}, {
+    schema: {};
+    standaloneSchema: {};
+    macro: {};
+    macroFn: {};
+    parser: {};
+    response: {
+        200: Response;
+    };
+}, {}, {
+    derive: {};
+    resolve: {};
+    schema: {};
+    standaloneSchema: {};
+    response: {};
+}, {
+    derive: {};
+    resolve: {};
+    schema: {};
+    standaloneSchema: {};
+    response: {};
+}>;
+//# sourceMappingURL=elysia.d.ts.map

package/dist/elysia.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"elysia.d.ts","sourceRoot":"","sources":["../src/elysia.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAA;AAC/B,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAA;AAKhE,MAAM,WAAW,qBAAsB,SAAQ,eAAe,CAAC;IAAE,OAAO,EAAE,OAAO,CAAA;CAAE,CAAC;IAClF,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB;AAMD,wBAAgB,QAAQ,CAAC,OAAO,GAAE,qBAA0B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2C3D"}

package/dist/elysia.js

@@ -0,0 +1,211 @@
+// @bun
+// src/stores/sqlite.ts
+import { Database } from "bun:sqlite";
+
+class BunSqliteStore {
+  db;
+  hitStmt;
+  getStmt;
+  resetStmt;
+  cleanupTimer;
+  constructor(options = {}) {
+    this.db = new Database(options.path ?? ":memory:");
+    this.db.exec(`
+      CREATE TABLE IF NOT EXISTS hitlimit (
+        key TEXT PRIMARY KEY,
+        count INTEGER NOT NULL,
+        reset_at INTEGER NOT NULL
+      )
+    `);
+    this.hitStmt = this.db.prepare(`
+      INSERT INTO hitlimit (key, count, reset_at) VALUES (?1, 1, ?2)
+      ON CONFLICT(key) DO UPDATE SET
+        count = CASE WHEN reset_at <= ?3 THEN 1 ELSE count + 1 END,
+        reset_at = CASE WHEN reset_at <= ?3 THEN ?2 ELSE reset_at END
+    `);
+    this.getStmt = this.db.prepare("SELECT count, reset_at FROM hitlimit WHERE key = ?");
+    this.resetStmt = this.db.prepare("DELETE FROM hitlimit WHERE key = ?");
+    this.cleanupTimer = setInterval(() => {
+      this.db.prepare("DELETE FROM hitlimit WHERE reset_at <= ?").run(Date.now());
+    }, 60000);
+  }
+  hit(key, windowMs, _limit) {
+    const now = Date.now();
+    const resetAt = now + windowMs;
+    this.hitStmt.run(key, resetAt, now);
+    const row = this.getStmt.get(key);
+    return { count: row.count, resetAt: row.reset_at };
+  }
+  reset(key) {
+    this.resetStmt.run(key);
+  }
+  shutdown() {
+    clearInterval(this.cleanupTimer);
+    this.db.close();
+  }
+}
+function sqliteStore(options) {
+  return new BunSqliteStore(options);
+}
+
+// src/elysia.ts
+import { Elysia } from "elysia";
+
+// src/core/utils.ts
+var UNITS = {
+  s: 1000,
+  m: 60 * 1000,
+  h: 60 * 60 * 1000,
+  d: 24 * 60 * 60 * 1000
+};
+function parseWindow(window) {
+  if (typeof window === "number")
+    return window;
+  const match = window.match(/^(\d+)(s|m|h|d)$/);
+  if (!match)
+    throw new Error(`Invalid window format: ${window}`);
+  return parseInt(match[1]) * UNITS[match[2]];
+}
+
+// src/core/config.ts
+function resolveConfig(options, defaultStore, defaultKey) {
+  return {
+    limit: options.limit ?? 100,
+    windowMs: parseWindow(options.window ?? "1m"),
+    key: options.key ?? defaultKey,
+    tiers: options.tiers,
+    tier: options.tier,
+    response: options.response ?? { hitlimit: true, message: "Whoa there! Rate limit exceeded." },
+    headers: {
+      standard: options.headers?.standard ?? true,
+      legacy: options.headers?.legacy ?? true,
+      retryAfter: options.headers?.retryAfter ?? true
+    },
+    store: options.store ?? defaultStore,
+    onStoreError: options.onStoreError ?? (() => "allow"),
+    skip: options.skip
+  };
+}
+
+// src/core/headers.ts
+function buildHeaders(info, config, allowed) {
+  const headers = {};
+  if (config.standard) {
+    headers["RateLimit-Limit"] = String(info.limit);
+    headers["RateLimit-Remaining"] = String(info.remaining);
+    headers["RateLimit-Reset"] = String(Math.ceil(info.resetAt / 1000));
+  }
+  if (config.legacy) {
+    headers["X-RateLimit-Limit"] = String(info.limit);
+    headers["X-RateLimit-Remaining"] = String(info.remaining);
+    headers["X-RateLimit-Reset"] = String(Math.ceil(info.resetAt / 1000));
+  }
+  if (!allowed && config.retryAfter) {
+    headers["Retry-After"] = String(info.resetIn);
+  }
+  return headers;
+}
+
+// src/core/response.ts
+function buildBody(response, info) {
+  if (typeof response === "function") {
+    return response(info);
+  }
+  return {
+    ...response,
+    limit: info.limit,
+    remaining: info.remaining,
+    resetIn: info.resetIn
+  };
+}
+
+// src/core/limiter.ts
+async function checkLimit(config, req) {
+  const key = await config.key(req);
+  let limit = config.limit;
+  let windowMs = config.windowMs;
+  let tierName;
+  if (config.tier && config.tiers) {
+    tierName = await config.tier(req);
+    const tierConfig = config.tiers[tierName];
+    if (tierConfig) {
+      limit = tierConfig.limit;
+      if (tierConfig.window) {
+        windowMs = parseWindow(tierConfig.window);
+      }
+    }
+  }
+  if (limit === Infinity) {
+    return {
+      allowed: true,
+      info: { limit, remaining: Infinity, resetIn: 0, resetAt: 0, key, tier: tierName },
+      headers: {},
+      body: {}
+    };
+  }
+  const result = await config.store.hit(key, windowMs, limit);
+  const now = Date.now();
+  const resetIn = Math.max(0, Math.ceil((result.resetAt - now) / 1000));
+  const remaining = Math.max(0, limit - result.count);
+  const allowed = result.count <= limit;
+  const info = {
+    limit,
+    remaining,
+    resetIn,
+    resetAt: result.resetAt,
+    key,
+    tier: tierName
+  };
+  return {
+    allowed,
+    info,
+    headers: buildHeaders(info, config.headers, allowed),
+    body: allowed ? {} : buildBody(config.response, info)
+  };
+}
+
+// src/elysia.ts
+function getDefaultKey(_ctx) {
+  return "unknown";
+}
+function hitlimit(options = {}) {
+  const store = options.store ?? sqliteStore({ path: options.sqlitePath });
+  const config = resolveConfig(options, store, getDefaultKey);
+  return new Elysia({ name: "hitlimit" }).onBeforeHandle({ as: "global" }, async ({ request, set }) => {
+    const ctx = { request };
+    if (config.skip) {
+      const shouldSkip = await config.skip(ctx);
+      if (shouldSkip) {
+        return;
+      }
+    }
+    try {
+      const result = await checkLimit(config, ctx);
+      Object.entries(result.headers).forEach(([key, value]) => {
+        set.headers[key] = value;
+      });
+      if (!result.allowed) {
+        set.status = 429;
+        return new Response(JSON.stringify(result.body), {
+          status: 429,
+          headers: {
+            "Content-Type": "application/json",
+            ...result.headers
+          }
+        });
+      }
+    } catch (error) {
+      const action = await config.onStoreError(error, ctx);
+      if (action === "deny") {
+        set.status = 429;
+        return new Response(JSON.stringify({ hitlimit: true, message: "Rate limit error" }), {
+          status: 429,
+          headers: { "Content-Type": "application/json" }
+        });
+      }
+    }
+  });
+}
+export {
+  hitlimit
+};

package/dist/index.d.ts

@@ -0,0 +1,21 @@
+import type { HitLimitOptions } from '@joint-ops/hitlimit-types';
+export type { HitLimitOptions, HitLimitInfo, HitLimitResult, HitLimitStore, StoreResult, TierConfig, HeadersConfig, ResolvedConfig, KeyGenerator, TierResolver, SkipFunction, StoreErrorHandler, ResponseFormatter, ResponseConfig } from '@joint-ops/hitlimit-types';
+export { DEFAULT_LIMIT, DEFAULT_WINDOW, DEFAULT_WINDOW_MS, DEFAULT_MESSAGE } from '@joint-ops/hitlimit-types';
+export { sqliteStore } from './stores/sqlite.js';
+export { checkLimit } from './core/limiter.js';
+export interface BunHitLimitOptions extends HitLimitOptions<Request> {
+    sqlitePath?: string;
+}
+type BunServer = {
+    requestIP(req: Request): {
+        address: string;
+    } | null;
+};
+type FetchHandler = (req: Request, server: BunServer) => Response | Promise<Response>;
+export declare function hitlimit(options: BunHitLimitOptions, handler: FetchHandler): (req: Request, server: BunServer) => Response | Promise<Response>;
+export interface HitLimiter {
+    check(req: Request, server: BunServer): Response | null | Promise<Response | null>;
+    reset(key: string): Promise<void> | void;
+}
+export declare function createHitLimit(options?: BunHitLimitOptions): HitLimiter;
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAA;AAIhE,YAAY,EAAE,eAAe,EAAE,YAAY,EAAE,cAAc,EAAE,aAAa,EAAE,WAAW,EAAE,UAAU,EAAE,aAAa,EAAE,cAAc,EAAE,YAAY,EAAE,YAAY,EAAE,YAAY,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAA;AACrQ,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,iBAAiB,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAA;AAC7G,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAA;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAA;AAE9C,MAAM,WAAW,kBAAmB,SAAQ,eAAe,CAAC,OAAO,CAAC;IAClE,UAAU,CAAC,EAAE,MAAM,CAAA;CACpB;AAED,KAAK,SAAS,GAAG;IAAE,SAAS,CAAC,GAAG,EAAE,OAAO,GAAG;QAAE,OAAO,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI,CAAA;CAAE,CAAA;AAExE,KAAK,YAAY,GAAG,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,KAAK,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAA;AAMrF,wBAAgB,QAAQ,CACtB,OAAO,EAAE,kBAAkB,EAC3B,OAAO,EAAE,YAAY,GACpB,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,KAAK,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAkLnE;AAED,MAAM,WAAW,UAAU;IACzB,KAAK,CAAC,GAAG,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,GAAG,QAAQ,GAAG,IAAI,GAAG,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAA;IAClF,KAAK,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAA;CACzC;AAED,wBAAgB,cAAc,CAAC,OAAO,GAAE,kBAAuB,GAAG,UAAU,CAsF3E"}

package/dist/index.js

@@ -0,0 +1,429 @@
+// @bun
+// src/stores/sqlite.ts
+import { Database } from "bun:sqlite";
+
+class BunSqliteStore {
+  db;
+  hitStmt;
+  getStmt;
+  resetStmt;
+  cleanupTimer;
+  constructor(options = {}) {
+    this.db = new Database(options.path ?? ":memory:");
+    this.db.exec(`
+      CREATE TABLE IF NOT EXISTS hitlimit (
+        key TEXT PRIMARY KEY,
+        count INTEGER NOT NULL,
+        reset_at INTEGER NOT NULL
+      )
+    `);
+    this.hitStmt = this.db.prepare(`
+      INSERT INTO hitlimit (key, count, reset_at) VALUES (?1, 1, ?2)
+      ON CONFLICT(key) DO UPDATE SET
+        count = CASE WHEN reset_at <= ?3 THEN 1 ELSE count + 1 END,
+        reset_at = CASE WHEN reset_at <= ?3 THEN ?2 ELSE reset_at END
+    `);
+    this.getStmt = this.db.prepare("SELECT count, reset_at FROM hitlimit WHERE key = ?");
+    this.resetStmt = this.db.prepare("DELETE FROM hitlimit WHERE key = ?");
+    this.cleanupTimer = setInterval(() => {
+      this.db.prepare("DELETE FROM hitlimit WHERE reset_at <= ?").run(Date.now());
+    }, 60000);
+  }
+  hit(key, windowMs, _limit) {
+    const now = Date.now();
+    const resetAt = now + windowMs;
+    this.hitStmt.run(key, resetAt, now);
+    const row = this.getStmt.get(key);
+    return { count: row.count, resetAt: row.reset_at };
+  }
+  reset(key) {
+    this.resetStmt.run(key);
+  }
+  shutdown() {
+    clearInterval(this.cleanupTimer);
+    this.db.close();
+  }
+}
+function sqliteStore(options) {
+  return new BunSqliteStore(options);
+}
+
+// src/core/utils.ts
+var UNITS = {
+  s: 1000,
+  m: 60 * 1000,
+  h: 60 * 60 * 1000,
+  d: 24 * 60 * 60 * 1000
+};
+function parseWindow(window) {
+  if (typeof window === "number")
+    return window;
+  const match = window.match(/^(\d+)(s|m|h|d)$/);
+  if (!match)
+    throw new Error(`Invalid window format: ${window}`);
+  return parseInt(match[1]) * UNITS[match[2]];
+}
+
+// src/core/config.ts
+function resolveConfig(options, defaultStore, defaultKey) {
+  return {
+    limit: options.limit ?? 100,
+    windowMs: parseWindow(options.window ?? "1m"),
+    key: options.key ?? defaultKey,
+    tiers: options.tiers,
+    tier: options.tier,
+    response: options.response ?? { hitlimit: true, message: "Whoa there! Rate limit exceeded." },
+    headers: {
+      standard: options.headers?.standard ?? true,
+      legacy: options.headers?.legacy ?? true,
+      retryAfter: options.headers?.retryAfter ?? true
+    },
+    store: options.store ?? defaultStore,
+    onStoreError: options.onStoreError ?? (() => "allow"),
+    skip: options.skip
+  };
+}
+
+// ../types/dist/index.js
+var DEFAULT_LIMIT = 100;
+var DEFAULT_WINDOW = "1m";
+var DEFAULT_WINDOW_MS = 60000;
+var DEFAULT_MESSAGE = "Whoa there! Rate limit exceeded.";
+// src/core/headers.ts
+function buildHeaders(info, config, allowed) {
+  const headers = {};
+  if (config.standard) {
+    headers["RateLimit-Limit"] = String(info.limit);
+    headers["RateLimit-Remaining"] = String(info.remaining);
+    headers["RateLimit-Reset"] = String(Math.ceil(info.resetAt / 1000));
+  }
+  if (config.legacy) {
+    headers["X-RateLimit-Limit"] = String(info.limit);
+    headers["X-RateLimit-Remaining"] = String(info.remaining);
+    headers["X-RateLimit-Reset"] = String(Math.ceil(info.resetAt / 1000));
+  }
+  if (!allowed && config.retryAfter) {
+    headers["Retry-After"] = String(info.resetIn);
+  }
+  return headers;
+}
+
+// src/core/response.ts
+function buildBody(response, info) {
+  if (typeof response === "function") {
+    return response(info);
+  }
+  return {
+    ...response,
+    limit: info.limit,
+    remaining: info.remaining,
+    resetIn: info.resetIn
+  };
+}
+
+// src/core/limiter.ts
+async function checkLimit(config, req) {
+  const key = await config.key(req);
+  let limit = config.limit;
+  let windowMs = config.windowMs;
+  let tierName;
+  if (config.tier && config.tiers) {
+    tierName = await config.tier(req);
+    const tierConfig = config.tiers[tierName];
+    if (tierConfig) {
+      limit = tierConfig.limit;
+      if (tierConfig.window) {
+        windowMs = parseWindow(tierConfig.window);
+      }
+    }
+  }
+  if (limit === Infinity) {
+    return {
+      allowed: true,
+      info: { limit, remaining: Infinity, resetIn: 0, resetAt: 0, key, tier: tierName },
+      headers: {},
+      body: {}
+    };
+  }
+  const result = await config.store.hit(key, windowMs, limit);
+  const now = Date.now();
+  const resetIn = Math.max(0, Math.ceil((result.resetAt - now) / 1000));
+  const remaining = Math.max(0, limit - result.count);
+  const allowed = result.count <= limit;
+  const info = {
+    limit,
+    remaining,
+    resetIn,
+    resetAt: result.resetAt,
+    key,
+    tier: tierName
+  };
+  return {
+    allowed,
+    info,
+    headers: buildHeaders(info, config.headers, allowed),
+    body: allowed ? {} : buildBody(config.response, info)
+  };
+}
+
+// src/index.ts
+function getDefaultKey(req, server) {
+  return server.requestIP(req)?.address || "unknown";
+}
+function hitlimit(options, handler) {
+  const store = options.store ?? sqliteStore({ path: options.sqlitePath });
+  const config = resolveConfig(options, store, () => "unknown");
+  const hasSkip = !!config.skip;
+  const hasTiers = !!(config.tier && config.tiers);
+  const standardHeaders = config.headers.standard;
+  const legacyHeaders = config.headers.legacy;
+  const retryAfterHeader = config.headers.retryAfter;
+  const limit = config.limit;
+  const windowMs = config.windowMs;
+  const response = config.response;
+  const customKey = options.key;
+  const blockedBody = JSON.stringify(response);
+  if (!hasSkip && !hasTiers) {
+    return async (req, server) => {
+      try {
+        const key = customKey ? await customKey(req) : getDefaultKey(req, server);
+        const result = await store.hit(key, windowMs, limit);
+        const allowed = result.count <= limit;
+        if (!allowed) {
+          const headers = { "Content-Type": "application/json" };
+          const resetIn = Math.ceil((result.resetAt - Date.now()) / 1000);
+          if (standardHeaders) {
+            headers["RateLimit-Limit"] = String(limit);
+            headers["RateLimit-Remaining"] = "0";
+            headers["RateLimit-Reset"] = String(resetIn);
+          }
+          if (legacyHeaders) {
+            headers["X-RateLimit-Limit"] = String(limit);
+            headers["X-RateLimit-Remaining"] = "0";
+            headers["X-RateLimit-Reset"] = String(Math.ceil(result.resetAt / 1000));
+          }
+          if (retryAfterHeader) {
+            headers["Retry-After"] = String(resetIn);
+          }
+          return new Response(blockedBody, { status: 429, headers });
+        }
+        const res = await handler(req, server);
+        if (standardHeaders || legacyHeaders) {
+          const resetIn = Math.ceil((result.resetAt - Date.now()) / 1000);
+          const remaining = Math.max(0, limit - result.count);
+          const newHeaders = new Headers(res.headers);
+          if (standardHeaders) {
+            newHeaders.set("RateLimit-Limit", String(limit));
+            newHeaders.set("RateLimit-Remaining", String(remaining));
+            newHeaders.set("RateLimit-Reset", String(resetIn));
+          }
+          if (legacyHeaders) {
+            newHeaders.set("X-RateLimit-Limit", String(limit));
+            newHeaders.set("X-RateLimit-Remaining", String(remaining));
+            newHeaders.set("X-RateLimit-Reset", String(Math.ceil(result.resetAt / 1000)));
+          }
+          return new Response(res.body, {
+            status: res.status,
+            statusText: res.statusText,
+            headers: newHeaders
+          });
+        }
+        return res;
+      } catch (error) {
+        const action = await config.onStoreError(error, req);
+        if (action === "deny") {
+          return new Response('{"hitlimit":true,"message":"Rate limit error"}', {
+            status: 429,
+            headers: { "Content-Type": "application/json" }
+          });
+        }
+        return handler(req, server);
+      }
+    };
+  }
+  return async (req, server) => {
+    if (hasSkip) {
+      const shouldSkip = await config.skip(req);
+      if (shouldSkip) {
+        return handler(req, server);
+      }
+    }
+    try {
+      const key = customKey ? await customKey(req) : getDefaultKey(req, server);
+      let effectiveLimit = limit;
+      let effectiveWindowMs = windowMs;
+      if (hasTiers) {
+        const tierName = await config.tier(req);
+        const tierConfig = config.tiers[tierName];
+        if (tierConfig) {
+          effectiveLimit = tierConfig.limit;
+          if (tierConfig.window) {
+            effectiveWindowMs = parseWindow2(tierConfig.window);
+          }
+        }
+      }
+      if (effectiveLimit === Infinity) {
+        return handler(req, server);
+      }
+      const result = await store.hit(key, effectiveWindowMs, effectiveLimit);
+      const allowed = result.count <= effectiveLimit;
+      if (!allowed) {
+        const headers = { "Content-Type": "application/json" };
+        const resetIn = Math.ceil((result.resetAt - Date.now()) / 1000);
+        if (standardHeaders) {
+          headers["RateLimit-Limit"] = String(effectiveLimit);
+          headers["RateLimit-Remaining"] = "0";
+          headers["RateLimit-Reset"] = String(resetIn);
+        }
+        if (legacyHeaders) {
+          headers["X-RateLimit-Limit"] = String(effectiveLimit);
+          headers["X-RateLimit-Remaining"] = "0";
+          headers["X-RateLimit-Reset"] = String(Math.ceil(result.resetAt / 1000));
+        }
+        if (retryAfterHeader) {
+          headers["Retry-After"] = String(resetIn);
+        }
+        return new Response(blockedBody, { status: 429, headers });
+      }
+      const res = await handler(req, server);
+      if (standardHeaders || legacyHeaders) {
+        const resetIn = Math.ceil((result.resetAt - Date.now()) / 1000);
+        const remaining = Math.max(0, effectiveLimit - result.count);
+        const newHeaders = new Headers(res.headers);
+        if (standardHeaders) {
+          newHeaders.set("RateLimit-Limit", String(effectiveLimit));
+          newHeaders.set("RateLimit-Remaining", String(remaining));
+          newHeaders.set("RateLimit-Reset", String(resetIn));
+        }
+        if (legacyHeaders) {
+          newHeaders.set("X-RateLimit-Limit", String(effectiveLimit));
+          newHeaders.set("X-RateLimit-Remaining", String(remaining));
+          newHeaders.set("X-RateLimit-Reset", String(Math.ceil(result.resetAt / 1000)));
+        }
+        return new Response(res.body, {
+          status: res.status,
+          statusText: res.statusText,
+          headers: newHeaders
+        });
+      }
+      return res;
+    } catch (error) {
+      const action = await config.onStoreError(error, req);
+      if (action === "deny") {
+        return new Response('{"hitlimit":true,"message":"Rate limit error"}', {
+          status: 429,
+          headers: { "Content-Type": "application/json" }
+        });
+      }
+      return handler(req, server);
+    }
+  };
+}
+function createHitLimit(options = {}) {
+  const store = options.store ?? sqliteStore({ path: options.sqlitePath });
+  const config = resolveConfig(options, store, () => "unknown");
+  const hasSkip = !!config.skip;
+  const hasTiers = !!(config.tier && config.tiers);
+  const standardHeaders = config.headers.standard;
+  const legacyHeaders = config.headers.legacy;
+  const retryAfterHeader = config.headers.retryAfter;
+  const limit = config.limit;
+  const windowMs = config.windowMs;
+  const response = config.response;
+  const customKey = options.key;
+  const blockedBody = JSON.stringify(response);
+  return {
+    async check(req, server) {
+      if (hasSkip) {
+        const shouldSkip = await config.skip(req);
+        if (shouldSkip) {
+          return null;
+        }
+      }
+      try {
+        const key = customKey ? await customKey(req) : getDefaultKey(req, server);
+        let effectiveLimit = limit;
+        let effectiveWindowMs = windowMs;
+        if (hasTiers) {
+          const tierName = await config.tier(req);
+          const tierConfig = config.tiers[tierName];
+          if (tierConfig) {
+            effectiveLimit = tierConfig.limit;
+            if (tierConfig.window) {
+              effectiveWindowMs = parseWindow2(tierConfig.window);
+            }
+          }
+        }
+        if (effectiveLimit === Infinity) {
+          return null;
+        }
+        const result = await store.hit(key, effectiveWindowMs, effectiveLimit);
+        const allowed = result.count <= effectiveLimit;
+        if (!allowed) {
+          const headers = { "Content-Type": "application/json" };
+          const resetIn = Math.ceil((result.resetAt - Date.now()) / 1000);
+          if (standardHeaders) {
+            headers["RateLimit-Limit"] = String(effectiveLimit);
+            headers["RateLimit-Remaining"] = "0";
+            headers["RateLimit-Reset"] = String(resetIn);
+          }
+          if (legacyHeaders) {
+            headers["X-RateLimit-Limit"] = String(effectiveLimit);
+            headers["X-RateLimit-Remaining"] = "0";
+            headers["X-RateLimit-Reset"] = String(Math.ceil(result.resetAt / 1000));
+          }
+          if (retryAfterHeader) {
+            headers["Retry-After"] = String(resetIn);
+          }
+          return new Response(blockedBody, { status: 429, headers });
+        }
+        return null;
+      } catch (error) {
+        const action = await config.onStoreError(error, req);
+        if (action === "deny") {
+          return new Response('{"hitlimit":true,"message":"Rate limit error"}', {
+            status: 429,
+            headers: { "Content-Type": "application/json" }
+          });
+        }
+        return null;
+      }
+    },
+    reset(key) {
+      return store.reset(key);
+    }
+  };
+}
+function parseWindow2(window) {
+  if (typeof window === "number")
+    return window;
+  const match = window.match(/^(\d+)(ms|s|m|h|d)$/);
+  if (!match)
+    return 60000;
+  const value = parseInt(match[1], 10);
+  const unit = match[2];
+  switch (unit) {
+    case "ms":
+      return value;
+    case "s":
+      return value * 1000;
+    case "m":
+      return value * 60 * 1000;
+    case "h":
+      return value * 60 * 60 * 1000;
+    case "d":
+      return value * 24 * 60 * 60 * 1000;
+    default:
+      return 60000;
+  }
+}
+export {
+  sqliteStore,
+  hitlimit,
+  createHitLimit,
+  checkLimit,
+  DEFAULT_WINDOW_MS,
+  DEFAULT_WINDOW,
+  DEFAULT_MESSAGE,
+  DEFAULT_LIMIT
+};

package/dist/loggers/console.d.ts

@@ -0,0 +1,4 @@
+import type { HitLimitLogger } from '@joint-ops/hitlimit-types';
+export declare function consoleLogger(): HitLimitLogger;
+export declare function silentLogger(): HitLimitLogger;
+//# sourceMappingURL=console.d.ts.map

package/dist/loggers/console.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"console.d.ts","sourceRoot":"","sources":["../../src/loggers/console.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAA;AAE/D,wBAAgB,aAAa,IAAI,cAAc,CAO9C;AAED,wBAAgB,YAAY,IAAI,cAAc,CAO7C"}

package/dist/stores/memory.d.ts

@@ -0,0 +1,3 @@
+import type { HitLimitStore } from '@joint-ops/hitlimit-types';
+export declare function memoryStore(): HitLimitStore;
+//# sourceMappingURL=memory.d.ts.map

package/dist/stores/memory.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"memory.d.ts","sourceRoot":"","sources":["../../src/stores/memory.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAe,MAAM,2BAA2B,CAAA;AA+D3E,wBAAgB,WAAW,IAAI,aAAa,CAE3C"}

package/dist/stores/memory.js

@@ -0,0 +1,41 @@
+// @bun
+// src/stores/memory.ts
+class MemoryStore {
+  hits = new Map;
+  hit(key, windowMs, _limit) {
+    const entry = this.hits.get(key);
+    if (entry !== undefined) {
+      entry.count++;
+      return { count: entry.count, resetAt: entry.resetAt };
+    }
+    const now = Date.now();
+    const resetAt = now + windowMs;
+    const timeoutId = setTimeout(() => {
+      this.hits.delete(key);
+    }, windowMs);
+    if (typeof timeoutId.unref === "function") {
+      timeoutId.unref();
+    }
+    this.hits.set(key, { count: 1, resetAt, timeoutId });
+    return { count: 1, resetAt };
+  }
+  reset(key) {
+    const entry = this.hits.get(key);
+    if (entry) {
+      clearTimeout(entry.timeoutId);
+      this.hits.delete(key);
+    }
+  }
+  shutdown() {
+    for (const [, entry] of this.hits) {
+      clearTimeout(entry.timeoutId);
+    }
+    this.hits.clear();
+  }
+}
+function memoryStore() {
+  return new MemoryStore;
+}
+export {
+  memoryStore
+};

package/dist/stores/redis.d.ts

@@ -0,0 +1,7 @@
+import type { HitLimitStore } from '@joint-ops/hitlimit-types';
+export interface RedisStoreOptions {
+    url?: string;
+    keyPrefix?: string;
+}
+export declare function redisStore(options?: RedisStoreOptions): HitLimitStore;
+//# sourceMappingURL=redis.d.ts.map

package/dist/stores/redis.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"redis.d.ts","sourceRoot":"","sources":["../../src/stores/redis.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAe,MAAM,2BAA2B,CAAA;AAG3E,MAAM,WAAW,iBAAiB;IAChC,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,SAAS,CAAC,EAAE,MAAM,CAAA;CACnB;AA2CD,wBAAgB,UAAU,CAAC,OAAO,CAAC,EAAE,iBAAiB,GAAG,aAAa,CAErE"}

package/dist/stores/redis.js

@@ -0,0 +1,37 @@
+// @bun
+// src/stores/redis.ts
+import Redis from "ioredis";
+
+class RedisStore {
+  redis;
+  prefix;
+  constructor(options = {}) {
+    this.redis = new Redis(options.url ?? "redis://localhost:6379");
+    this.prefix = options.keyPrefix ?? "hitlimit:";
+  }
+  async hit(key, windowMs, _limit) {
+    const redisKey = this.prefix + key;
+    const now = Date.now();
+    const results = await this.redis.multi().incr(redisKey).pttl(redisKey).exec();
+    const count = results[0][1];
+    let ttl = results[1][1];
+    if (ttl < 0) {
+      await this.redis.pexpire(redisKey, windowMs);
+      ttl = windowMs;
+    }
+    const resetAt = now + ttl;
+    return { count, resetAt };
+  }
+  async reset(key) {
+    await this.redis.del(this.prefix + key);
+  }
+  async shutdown() {
+    await this.redis.quit();
+  }
+}
+function redisStore(options) {
+  return new RedisStore(options);
+}
+export {
+  redisStore
+};

package/dist/stores/sqlite.d.ts

@@ -0,0 +1,6 @@
+import type { HitLimitStore } from '@joint-ops/hitlimit-types';
+export interface SqliteStoreOptions {
+    path?: string;
+}
+export declare function sqliteStore(options?: SqliteStoreOptions): HitLimitStore;
+//# sourceMappingURL=sqlite.d.ts.map

package/dist/stores/sqlite.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sqlite.d.ts","sourceRoot":"","sources":["../../src/stores/sqlite.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAe,MAAM,2BAA2B,CAAA;AAE3E,MAAM,WAAW,kBAAkB;IACjC,IAAI,CAAC,EAAE,MAAM,CAAA;CACd;AAuDD,wBAAgB,WAAW,CAAC,OAAO,CAAC,EAAE,kBAAkB,GAAG,aAAa,CAEvE"}

package/dist/stores/sqlite.js

@@ -0,0 +1,52 @@
+// @bun
+// src/stores/sqlite.ts
+import { Database } from "bun:sqlite";
+
+class BunSqliteStore {
+  db;
+  hitStmt;
+  getStmt;
+  resetStmt;
+  cleanupTimer;
+  constructor(options = {}) {
+    this.db = new Database(options.path ?? ":memory:");
+    this.db.exec(`
+      CREATE TABLE IF NOT EXISTS hitlimit (
+        key TEXT PRIMARY KEY,
+        count INTEGER NOT NULL,
+        reset_at INTEGER NOT NULL
+      )
+    `);
+    this.hitStmt = this.db.prepare(`
+      INSERT INTO hitlimit (key, count, reset_at) VALUES (?1, 1, ?2)
+      ON CONFLICT(key) DO UPDATE SET
+        count = CASE WHEN reset_at <= ?3 THEN 1 ELSE count + 1 END,
+        reset_at = CASE WHEN reset_at <= ?3 THEN ?2 ELSE reset_at END
+    `);
+    this.getStmt = this.db.prepare("SELECT count, reset_at FROM hitlimit WHERE key = ?");
+    this.resetStmt = this.db.prepare("DELETE FROM hitlimit WHERE key = ?");
+    this.cleanupTimer = setInterval(() => {
+      this.db.prepare("DELETE FROM hitlimit WHERE reset_at <= ?").run(Date.now());
+    }, 60000);
+  }
+  hit(key, windowMs, _limit) {
+    const now = Date.now();
+    const resetAt = now + windowMs;
+    this.hitStmt.run(key, resetAt, now);
+    const row = this.getStmt.get(key);
+    return { count: row.count, resetAt: row.reset_at };
+  }
+  reset(key) {
+    this.resetStmt.run(key);
+  }
+  shutdown() {
+    clearInterval(this.cleanupTimer);
+    this.db.close();
+  }
+}
+function sqliteStore(options) {
+  return new BunSqliteStore(options);
+}
+export {
+  sqliteStore
+};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@joint-ops/hitlimit-bun",
-  "version": "1.0.1",
+  "version": "1.0.3",
   "description": "Fast Bun-native rate limiting for Bun.serve & Elysia - API throttling with bun:sqlite, high performance request limiting",
   "author": {
     "name": "Shayan M Hussain",
@@ -93,6 +93,11 @@
       "types": "./dist/stores/redis.d.ts",
       "bun": "./dist/stores/redis.js",
       "import": "./dist/stores/redis.js"
+    },
+    "./stores/sqlite": {
+      "types": "./dist/stores/sqlite.d.ts",
+      "bun": "./dist/stores/sqlite.js",
+      "import": "./dist/stores/sqlite.js"
     }
   },
   "files": [
@@ -100,13 +105,13 @@
   ],
   "sideEffects": false,
   "scripts": {
-    "build": "bun build ./src/index.ts ./src/elysia.ts ./src/stores/memory.ts ./src/stores/redis.ts --outdir=./dist --target=bun && tsc --emitDeclarationOnly",
+    "build": "bun build ./src/index.ts ./src/elysia.ts ./src/stores/memory.ts ./src/stores/redis.ts ./src/stores/sqlite.ts --outdir=./dist --target=bun --external=elysia --external=ioredis --external=@sinclair/typebox && tsc --emitDeclarationOnly",
     "clean": "rm -rf dist",
     "test": "bun test",
     "test:watch": "bun test --watch"
   },
   "dependencies": {
-    "@joint-ops/hitlimit-types": "1.0.1"
+    "@joint-ops/hitlimit-types": "1.0.3"
   },
   "peerDependencies": {
     "elysia": ">=1.0.0",