npm - express-rate-limit - Versions diffs - 7.0.0 → 7.0.2 - Mend

express-rate-limit 7.0.0 → 7.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/changelog.md CHANGED Viewed

@@ -6,6 +6,19 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to
 [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+## [7.0.2](https://github.com/express-rate-limit/express-rate-limit/releases/tag/v7.0.2)
+### Added
+- Added `cluster-memory-store` to the readme and made a couple of other minor
+  clarifications.
+## [7.0.1](https://github.com/express-rate-limit/express-rate-limit/releases/tag/v7.0.1)
+### Added
+- Added `rate-limit-postgresql` to the `stores` list in the readme.
 ## [7.0.0](https://github.com/express-rate-limit/express-rate-limit/releases/tag/v7.0.0)
 ### Breaking
@@ -356,6 +369,7 @@ Note: 6.5.0 was not released due to CI automation issues.
 ### Added
+- Support external stores (from version 2.3.0) onwards.
 - A `limiter.resetKey()` method to reset the hit counter for a particular client
 ### Changes

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "express-rate-limit",
-	"version": "7.0.0",
+	"version": "7.0.2",
 	"description": "Basic IP rate-limiting middleware for Express. Use to limit repeated requests to public APIs and/or endpoints such as password reset.",
 	"author": {
 		"name": "Nathan Friedly",
@@ -76,28 +76,27 @@
 		"express": "^4 || ^5"
 	},
 	"devDependencies": {
-    "@express-rate-limit/prettier": "1.1.0",
-    "@express-rate-limit/tsconfig": "1.0.0",
-    "@jest/globals": "29.6.4",
-    "@types/express": "4.17.17",
-    "@types/jest": "29.5.4",
-    "@types/node": "20.5.9",
-    "@types/supertest": "2.0.12",
-    "cross-env": "7.0.3",
-    "del-cli": "5.1.0",
-    "dts-bundle-generator": "8.0.1",
-    "esbuild": "0.19.2",
-    "express": "4.18.2",
-    "husky": "8.0.3",
-    "jest": "29.6.4",
-    "lint-staged": "14.0.1",
-    "npm-run-all": "4.1.5",
-    "ratelimit-header-parser": "0.1.0",
-    "supertest": "6.3.3",
-    "ts-jest": "29.1.1",
-    "ts-node": "10.9.1",
-    "typescript": "5.2.2",
-    "xo": "0.56.0"
+		"@express-rate-limit/prettier": "1.1.0",
+		"@express-rate-limit/tsconfig": "1.0.0",
+		"@jest/globals": "29.6.4",
+		"@types/express": "4.17.17",
+		"@types/jest": "29.5.4",
+		"@types/node": "20.5.9",
+		"@types/supertest": "2.0.12",
+		"del-cli": "5.1.0",
+		"dts-bundle-generator": "8.0.1",
+		"esbuild": "0.19.2",
+		"express": "4.18.2",
+		"husky": "8.0.3",
+		"jest": "29.6.4",
+		"lint-staged": "14.0.1",
+		"npm-run-all": "4.1.5",
+		"ratelimit-header-parser": "0.1.0",
+		"supertest": "6.3.3",
+		"ts-jest": "29.1.1",
+		"ts-node": "10.9.1",
+		"typescript": "5.2.2",
+		"xo": "0.56.0"
 	},
 	"xo": {
 		"prettier": true,

package/readme.md CHANGED Viewed

@@ -34,14 +34,18 @@ The default `MemoryStore` is probably fine.
 ### API Rate Limit Enforcement
-You may want to switch to a different [store](#store), especially if you have
-multiple servers or processes (for example, with the
-[node:cluster](https://nodejs.org/api/cluster.html) module). Using an external
-data store to syhcnronize hits
-([redis](https://npmjs.com/package/rate-limit-redis),
-[memcached](https://npmjs.org/package/rate-limit-memcached), [etc.](#store))
-guarentees the expected result even if some requests get handled by different
-servers/processes or a server is restarted.
+The default `MemoryStore` stores the hit counts for clients in memory, and is
+thus unsuitable for use when running multiple servers or processes.
+If you have multiple processes on a single server (via the
+[node:cluster](https://nodejs.org/api/cluster.html) module), the
+[`cluster-memory-store`](https://npmjs.com/package/@express-rate-limit/cluster-memory-store)
+will keep them all in sync without needing an external data store.
+If you have multiple servers, or want to maintain state across app restarts, use
+an external data store such as
+[redis](https://npmjs.com/package/rate-limit-redis),
+[memcached](https://npmjs.org/package/rate-limit-memcached), [etc.](#store).
 ### Alternate Rate Limiters
@@ -422,17 +426,6 @@ const limiter = rateLimit({
 })
 ```
-### `onLimitReached`
-> `function`
-A (sync/async) function that accepts the Express `req` and `res` objects that is
-called the on the request where a client has just exceeded their rate limit.
-This method was
-[deprecated in v6](https://github.com/express-rate-limit/express-rate-limit/releases/v6.0.0) -
-Please use a custom `handler` that checks the number of hits instead.
 ### `skip`
 > `function`
@@ -524,13 +517,15 @@ By default, the [`memory-store`](source/memory-store.ts) is used.
 Here is a list of external stores:
-| Name                                                                                   | Description                                                                                           | Legacy/Modern       |
-| -------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------- | ------------------- |
-| [`memory-store`](source/memory-store.ts)                                               | _(default)_ Simple in-memory option. Does not share state when app has multiple processes or servers. | Modern as of v6.0.0 |
-| [`rate-limit-redis`](https://npmjs.com/package/rate-limit-redis)                       | A [Redis](http://redis.io/)-backed store, more suitable for large or demanding deployments.           | Modern as of v3.0.0 |
-| [`rate-limit-memcached`](https://npmjs.org/package/rate-limit-memcached)               | A [Memcached](https://memcached.org/)-backed store.                                                   | Legacy              |
-| [`rate-limit-mongo`](https://www.npmjs.com/package/rate-limit-mongo)                   | A [MongoDB](https://www.mongodb.com/)-backed store.                                                   | Legacy              |
-| [`precise-memory-rate-limit`](https://www.npmjs.com/package/precise-memory-rate-limit) | A memory store similar to the built-in one, except that it stores a distinct timestamp for each key.  | Modern as of v2.0.0 |
+| Name                                                                                         | Description                                                                                                                                   | Legacy/Modern       |
+| -------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- |
+| [`memory-store`](source/memory-store.ts)                                                     | _(default)_ Simple in-memory option. Does not share state when app has multiple processes or servers.                                         | Modern as of v6.0.0 |
+| [`cluster-memory-store`](https://npmjs.com/package/@express-rate-limit/cluster-memory-store) | A memory-store wrapper that shares state across all processes on a server via the [node:cluster](https://nodejs.org/api/cluster.html) module. | Modern              |
+| [`rate-limit-redis`](https://npmjs.com/package/rate-limit-redis)                             | A [Redis](http://redis.io/)-backed store, more suitable for large or demanding deployments.                                                   | Modern as of v3.0.0 |
+| [`rate-limit-memcached`](https://npmjs.org/package/rate-limit-memcached)                     | A [Memcached](https://memcached.org/)-backed store.                                                                                           | Modern as of v1.0.0 |
+| [`rate-limit-mongo`](https://www.npmjs.com/package/rate-limit-mongo)                         | A [MongoDB](https://www.mongodb.com/)-backed store.                                                                                           | Legacy              |
+| [`precise-memory-rate-limit`](https://www.npmjs.com/package/precise-memory-rate-limit)       | A memory store similar to the built-in one, except that it stores a distinct timestamp for each key.                                          | Modern as of v2.0.0 |
+| [`rate-limit-postgresql`](https://www.npmjs.com/package/@acpr/rate-limit-postgresql)         | A [PostgreSQL](https://www.postgresql.org/)-backed store.                                                                                     | Modern as of v1.1.0 |
 Take a look at
 [this guide](https://github.com/express-rate-limit/express-rate-limit/wiki/Creating-Your-Own-Store)
@@ -553,8 +548,11 @@ The property name can be configured with the configuration option
 ### `resetKey(key)`
 Resets the rate limiting for a given key. An example use case is to allow users
-to complete a captcha or whatever to reset their rate limit, then call this
-method.
+to complete a captcha to reset their rate limit, then call this function.
+### `getKey(key)`
+Retrieves the hit count and reset time from the store for a given key.
 ## Issues and Contributing