redis-otp-manager 0.1.0 → 0.2.2

package/LICENSE

@@ -1,21 +1,21 @@
-MIT License
-
-Copyright (c) 2026 Vijay prakash
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
+MIT License
+
+Copyright (c) 2026 Vijay prakash
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -1,18 +1,21 @@
 # redis-otp-manager
 
-Lightweight, Redis-backed OTP manager for Node.js apps.
+Lightweight, Redis-backed OTP manager for Node.js and NestJS apps.
 
-## Current MVP
+## Current Features
 
-This first implementation includes:
+This package currently includes:
 - OTP generation
 - OTP verification
 - SHA-256 OTP hashing
 - Redis-compatible storage adapter
 - In-memory adapter for tests
 - Intent-aware key strategy
+- Conservative identifier normalization
 - Rate limiting
+- Optional resend cooldown
 - Max-attempt protection
+- NestJS module integration via `redis-otp-manager/nest`
 
 ## Install
 
@@ -20,6 +23,12 @@ This first implementation includes:
 npm install redis-otp-manager
 ```
 
+For NestJS apps, also install the Nest peer dependencies used by your app:
+
+```bash
+npm install @nestjs/common @nestjs/core reflect-metadata rxjs
+```
+
 ## Quality Checks
 
 ```bash
@@ -37,11 +46,12 @@ const otp = new OTPManager({
   store: new RedisAdapter(redisClient),
   ttl: 300,
   maxAttempts: 5,
+  resendCooldown: 45,
   rateLimit: {
     window: 60,
     max: 3,
   },
-  devMode: process.env.NODE_ENV !== "production",
+  devMode: false,
 });
 
 const generated = await otp.generate({
@@ -58,6 +68,64 @@ await otp.verify({
 });
 ```
 
+## NestJS
+
+Import the Nest integration from the dedicated subpath so non-Nest users do not pull Nest dependencies.
+
+```ts
+import { Module } from "@nestjs/common";
+import { createClient } from "redis";
+import { OTPManager, RedisAdapter } from "redis-otp-manager";
+import { OTPModule, InjectOTPManager } from "redis-otp-manager/nest";
+
+const redisClient = createClient({ url: process.env.REDIS_URL });
+
+@Module({
+  imports: [
+    OTPModule.forRoot({
+      store: new RedisAdapter(redisClient),
+      ttl: 300,
+      maxAttempts: 5,
+      resendCooldown: 45,
+      rateLimit: {
+        window: 60,
+        max: 3,
+      },
+      isGlobal: true,
+    }),
+  ],
+})
+export class AppModule {}
+```
+
+Async setup is also supported:
+
+```ts
+OTPModule.forRootAsync({
+  isGlobal: true,
+  inject: [ConfigService],
+  useFactory: (config: ConfigService) => ({
+    store: new RedisAdapter(createClient({ url: config.getOrThrow("REDIS_URL") })),
+    ttl: 300,
+    maxAttempts: 5,
+    resendCooldown: 45,
+  }),
+});
+```
+
+Inject in services:
+
+```ts
+import { Injectable } from "@nestjs/common";
+import { OTPManager } from "redis-otp-manager";
+import { InjectOTPManager } from "redis-otp-manager/nest";
+
+@Injectable()
+export class AuthService {
+  constructor(@InjectOTPManager() private readonly otpManager: OTPManager) {}
+}
+```
+
 ## API
 
 ### `new OTPManager(options)`
@@ -67,15 +135,26 @@ type OTPManagerOptions = {
   store: StoreAdapter;
   ttl: number;
   maxAttempts: number;
+  resendCooldown?: number;
   rateLimit?: {
     window: number;
     max: number;
   };
   devMode?: boolean;
   otpLength?: number;
+  identifierNormalization?: {
+    trim?: boolean;
+    lowercase?: boolean;
+    preserveCaseFor?: string[];
+  };
 };
 ```
 
+Normalization is backward-compatible and conservative by default:
+- identifiers are trimmed
+- identifiers are lowercased for most channels
+- `sms` and `token` preserve case by default
+
 ### `generate(input)`
 
 ```ts
@@ -114,6 +193,15 @@ Returns `true` or throws a typed error.
 - `OTPExpiredError`
 - `OTPInvalidError`
 - `OTPMaxAttemptsExceededError`
+- `OTPResendCooldownError`
+
+## Safer Production Defaults
+
+- `devMode: false`
+- `otpLength: 8` for higher-risk flows
+- `maxAttempts: 3`
+- `resendCooldown: 30` or higher to reduce abuse
+- keep Redis private and behind authenticated network access
 
 ## Key Design
 
@@ -121,12 +209,27 @@ Returns `true` or throws a typed error.
 otp:{intent}:{type}:{identifier}
 attempts:{intent}:{type}:{identifier}
 rate:{type}:{identifier}
+cooldown:{intent}:{type}:{identifier}
+```
+
+## Release Automation
+
+Publishing on every `main` merge is not recommended for npm packages because npm versions are immutable. The safer setup is:
+- merge to `main` runs CI only
+- publish happens when you push a version tag like `v0.2.0`
+
+Required GitHub secrets:
+- `NPM_TOKEN`
+
+Tag-based publish:
+
+```bash
+git tag v0.2.0
+git push origin v0.2.0
 ```
 
 ## Next Roadmap
 
-- NestJS module and decorator
-- alphanumeric tokens
+- atomic Redis verification
 - hooks/events
-- email token helpers
-
+- analytics and observability

package/dist/core/otp.service.js

@@ -1,7 +1,8 @@
 import { generateNumericOtp } from "./otp.generator.js";
 import { hashOtp, verifyOtpHash } from "./otp.hash.js";
-import { OTPExpiredError, OTPInvalidError, OTPMaxAttemptsExceededError, } from "../errors/otp.errors.js";
-import { buildAttemptsKey, buildOtpKey, buildRateLimitKey, } from "../utils/key-builder.js";
+import { OTPExpiredError, OTPInvalidError, OTPMaxAttemptsExceededError, OTPResendCooldownError, } from "../errors/otp.errors.js";
+import { buildAttemptsKey, buildCooldownKey, buildOtpKey, buildRateLimitKey, } from "../utils/key-builder.js";
+import { normalizePayloadIdentifier } from "../utils/identifier-normalizer.js";
 import { assertWithinRateLimit } from "../utils/rate-limiter.js";
 export class OTPManager {
     options;
@@ -15,14 +16,25 @@ export class OTPManager {
     }
     async generate(input) {
         validatePayload(input);
-        const otpKey = buildOtpKey(input);
-        const attemptsKey = buildAttemptsKey(input);
-        const rateLimitKey = buildRateLimitKey(input);
+        const normalizedInput = normalizePayloadIdentifier(input, this.options.identifierNormalization);
+        const otpKey = buildOtpKey(normalizedInput);
+        const attemptsKey = buildAttemptsKey(normalizedInput);
+        const rateLimitKey = buildRateLimitKey(normalizedInput);
+        const cooldownKey = buildCooldownKey(normalizedInput);
+        if (this.options.resendCooldown) {
+            const cooldownActive = await this.options.store.get(cooldownKey);
+            if (cooldownActive) {
+                throw new OTPResendCooldownError();
+            }
+        }
         await assertWithinRateLimit(this.options.store, rateLimitKey, this.options.rateLimit);
         const otp = generateNumericOtp(this.options.otpLength);
         const hashedOtp = hashOtp(otp);
         await this.options.store.set(otpKey, hashedOtp, this.options.ttl);
         await this.options.store.del(attemptsKey);
+        if (this.options.resendCooldown) {
+            await this.options.store.set(cooldownKey, "1", this.options.resendCooldown);
+        }
         return {
             expiresIn: this.options.ttl,
             otp: this.options.devMode ? otp : undefined,
@@ -30,11 +42,12 @@ export class OTPManager {
     }
     async verify(input) {
         validatePayload(input);
+        const normalizedInput = normalizePayloadIdentifier(input, this.options.identifierNormalization);
         if (!input.otp || !input.otp.trim()) {
             throw new TypeError("OTP must be a non-empty string.");
         }
-        const otpKey = buildOtpKey(input);
-        const attemptsKey = buildAttemptsKey(input);
+        const otpKey = buildOtpKey(normalizedInput);
+        const attemptsKey = buildAttemptsKey(normalizedInput);
         const storedHash = await this.options.store.get(otpKey);
         if (!storedHash) {
             throw new OTPExpiredError();
@@ -65,6 +78,10 @@ function validateManagerOptions(options) {
         (!Number.isInteger(options.otpLength) || options.otpLength <= 0)) {
         throw new TypeError("otpLength must be a positive integer when provided.");
     }
+    if (options.resendCooldown !== undefined &&
+        (!Number.isInteger(options.resendCooldown) || options.resendCooldown <= 0)) {
+        throw new TypeError("resendCooldown must be a positive integer when provided.");
+    }
     if (options.rateLimit) {
         if (!Number.isInteger(options.rateLimit.window) || options.rateLimit.window <= 0) {
             throw new TypeError("rateLimit.window must be a positive integer.");
@@ -73,6 +90,20 @@ function validateManagerOptions(options) {
             throw new TypeError("rateLimit.max must be a positive integer.");
         }
     }
+    if (options.identifierNormalization) {
+        const { trim, lowercase, preserveCaseFor } = options.identifierNormalization;
+        if (trim !== undefined && typeof trim !== "boolean") {
+            throw new TypeError("identifierNormalization.trim must be a boolean.");
+        }
+        if (lowercase !== undefined && typeof lowercase !== "boolean") {
+            throw new TypeError("identifierNormalization.lowercase must be a boolean.");
+        }
+        if (preserveCaseFor !== undefined &&
+            (!Array.isArray(preserveCaseFor) ||
+                preserveCaseFor.some((channel) => typeof channel !== "string" || !channel.trim()))) {
+            throw new TypeError("identifierNormalization.preserveCaseFor must be an array of non-empty strings.");
+        }
+    }
 }
 function validatePayload(input) {
     if (!input.type || !input.type.trim()) {

package/dist/core/otp.types.d.ts

@@ -13,6 +13,11 @@ export interface RateLimitConfig {
     window: number;
     max: number;
 }
+export interface IdentifierNormalizationConfig {
+    trim?: boolean;
+    lowercase?: boolean;
+    preserveCaseFor?: OTPChannel[];
+}
 export interface OTPManagerOptions {
     store: StoreAdapter;
     ttl: number;
@@ -20,6 +25,8 @@ export interface OTPManagerOptions {
     rateLimit?: RateLimitConfig;
     devMode?: boolean;
     otpLength?: number;
+    resendCooldown?: number;
+    identifierNormalization?: IdentifierNormalizationConfig;
 }
 export interface GenerateOTPResult {
     expiresIn: number;

package/dist/errors/otp.errors.d.ts

@@ -14,3 +14,6 @@ export declare class OTPInvalidError extends OTPError {
 export declare class OTPMaxAttemptsExceededError extends OTPError {
     constructor(message?: string);
 }
+export declare class OTPResendCooldownError extends OTPError {
+    constructor(message?: string);
+}

package/dist/errors/otp.errors.js

@@ -26,3 +26,8 @@ export class OTPMaxAttemptsExceededError extends OTPError {
         super(message, "OTP_MAX_ATTEMPTS_EXCEEDED");
     }
 }
+export class OTPResendCooldownError extends OTPError {
+    constructor(message = "OTP resend cooldown is active.") {
+        super(message, "OTP_RESEND_COOLDOWN");
+    }
+}

package/dist/index.d.ts

@@ -1,5 +1,5 @@
 export { OTPManager } from "./core/otp.service.js";
 export { RedisAdapter } from "./adapters/redis.adapter.js";
 export { MemoryAdapter } from "./adapters/memory.adapter.js";
-export type { GenerateOTPInput, GenerateOTPResult, OTPManagerOptions, OTPPayload, RateLimitConfig, StoreAdapter, VerifyOTPInput, } from "./core/otp.types.js";
-export { OTPError, OTPExpiredError, OTPInvalidError, OTPMaxAttemptsExceededError, OTPRateLimitExceededError, } from "./errors/otp.errors.js";
+export type { GenerateOTPInput, GenerateOTPResult, IdentifierNormalizationConfig, OTPManagerOptions, OTPPayload, RateLimitConfig, StoreAdapter, VerifyOTPInput, } from "./core/otp.types.js";
+export { OTPError, OTPExpiredError, OTPInvalidError, OTPMaxAttemptsExceededError, OTPRateLimitExceededError, OTPResendCooldownError, } from "./errors/otp.errors.js";

package/dist/index.js

@@ -1,4 +1,4 @@
 export { OTPManager } from "./core/otp.service.js";
 export { RedisAdapter } from "./adapters/redis.adapter.js";
 export { MemoryAdapter } from "./adapters/memory.adapter.js";
-export { OTPError, OTPExpiredError, OTPInvalidError, OTPMaxAttemptsExceededError, OTPRateLimitExceededError, } from "./errors/otp.errors.js";
+export { OTPError, OTPExpiredError, OTPInvalidError, OTPMaxAttemptsExceededError, OTPRateLimitExceededError, OTPResendCooldownError, } from "./errors/otp.errors.js";

package/dist/integrations/nest/index.d.ts

@@ -0,0 +1,3 @@
+export { OTPModule, OTP_MANAGER_OPTIONS, } from "./otp.module.js";
+export { InjectOTPManager } from "./otp.decorator.js";
+export type { OTPModuleAsyncOptions, OTPModuleOptions, } from "./otp.module.js";

package/dist/integrations/nest/index.js

@@ -0,0 +1,2 @@
+export { OTPModule, OTP_MANAGER_OPTIONS, } from "./otp.module.js";
+export { InjectOTPManager } from "./otp.decorator.js";

package/dist/integrations/nest/otp.decorator.d.ts

@@ -0,0 +1,2 @@
+import { Inject } from "@nestjs/common";
+export declare function InjectOTPManager(): ReturnType<typeof Inject>;

package/dist/integrations/nest/otp.decorator.js

@@ -0,0 +1,5 @@
+import { Inject } from "@nestjs/common";
+import { OTPManager } from "../../core/otp.service.js";
+export function InjectOTPManager() {
+    return Inject(OTPManager);
+}

package/dist/integrations/nest/otp.module.d.ts

@@ -0,0 +1,15 @@
+import type { DynamicModule, ModuleMetadata } from "@nestjs/common";
+import type { OTPManagerOptions } from "../../core/otp.types.js";
+export declare const OTP_MANAGER_OPTIONS: unique symbol;
+export interface OTPModuleOptions extends OTPManagerOptions {
+    isGlobal?: boolean;
+}
+export interface OTPModuleAsyncOptions extends Pick<ModuleMetadata, "imports"> {
+    inject?: Array<string | symbol | Function>;
+    isGlobal?: boolean;
+    useFactory: (...args: any[]) => Promise<OTPManagerOptions> | OTPManagerOptions;
+}
+export declare class OTPModule {
+    static forRoot(options: OTPModuleOptions): DynamicModule;
+    static forRootAsync(options: OTPModuleAsyncOptions): DynamicModule;
+}

package/dist/integrations/nest/otp.module.js

@@ -0,0 +1,89 @@
+var __esDecorate = (this && this.__esDecorate) || function (ctor, descriptorIn, decorators, contextIn, initializers, extraInitializers) {
+    function accept(f) { if (f !== void 0 && typeof f !== "function") throw new TypeError("Function expected"); return f; }
+    var kind = contextIn.kind, key = kind === "getter" ? "get" : kind === "setter" ? "set" : "value";
+    var target = !descriptorIn && ctor ? contextIn["static"] ? ctor : ctor.prototype : null;
+    var descriptor = descriptorIn || (target ? Object.getOwnPropertyDescriptor(target, contextIn.name) : {});
+    var _, done = false;
+    for (var i = decorators.length - 1; i >= 0; i--) {
+        var context = {};
+        for (var p in contextIn) context[p] = p === "access" ? {} : contextIn[p];
+        for (var p in contextIn.access) context.access[p] = contextIn.access[p];
+        context.addInitializer = function (f) { if (done) throw new TypeError("Cannot add initializers after decoration has completed"); extraInitializers.push(accept(f || null)); };
+        var result = (0, decorators[i])(kind === "accessor" ? { get: descriptor.get, set: descriptor.set } : descriptor[key], context);
+        if (kind === "accessor") {
+            if (result === void 0) continue;
+            if (result === null || typeof result !== "object") throw new TypeError("Object expected");
+            if (_ = accept(result.get)) descriptor.get = _;
+            if (_ = accept(result.set)) descriptor.set = _;
+            if (_ = accept(result.init)) initializers.unshift(_);
+        }
+        else if (_ = accept(result)) {
+            if (kind === "field") initializers.unshift(_);
+            else descriptor[key] = _;
+        }
+    }
+    if (target) Object.defineProperty(target, contextIn.name, descriptor);
+    done = true;
+};
+var __runInitializers = (this && this.__runInitializers) || function (thisArg, initializers, value) {
+    var useValue = arguments.length > 2;
+    for (var i = 0; i < initializers.length; i++) {
+        value = useValue ? initializers[i].call(thisArg, value) : initializers[i].call(thisArg);
+    }
+    return useValue ? value : void 0;
+};
+import { Module } from "@nestjs/common";
+import { OTPManager } from "../../core/otp.service.js";
+export const OTP_MANAGER_OPTIONS = Symbol("OTP_MANAGER_OPTIONS");
+let OTPModule = (() => {
+    let _classDecorators = [Module({})];
+    let _classDescriptor;
+    let _classExtraInitializers = [];
+    let _classThis;
+    var OTPModule = class {
+        static { _classThis = this; }
+        static {
+            const _metadata = typeof Symbol === "function" && Symbol.metadata ? Object.create(null) : void 0;
+            __esDecorate(null, _classDescriptor = { value: _classThis }, _classDecorators, { kind: "class", name: _classThis.name, metadata: _metadata }, null, _classExtraInitializers);
+            OTPModule = _classThis = _classDescriptor.value;
+            if (_metadata) Object.defineProperty(_classThis, Symbol.metadata, { enumerable: true, configurable: true, writable: true, value: _metadata });
+            __runInitializers(_classThis, _classExtraInitializers);
+        }
+        static forRoot(options) {
+            const managerProvider = createManagerProvider(options);
+            return {
+                module: OTPModule,
+                global: options.isGlobal ?? false,
+                providers: [managerProvider],
+                exports: [OTPManager],
+            };
+        }
+        static forRootAsync(options) {
+            const optionsProvider = {
+                provide: OTP_MANAGER_OPTIONS,
+                inject: options.inject ?? [],
+                useFactory: options.useFactory,
+            };
+            const managerProvider = {
+                provide: OTPManager,
+                inject: [OTP_MANAGER_OPTIONS],
+                useFactory: (resolvedOptions) => new OTPManager(resolvedOptions),
+            };
+            return {
+                module: OTPModule,
+                global: options.isGlobal ?? false,
+                imports: options.imports ?? [],
+                providers: [optionsProvider, managerProvider],
+                exports: [OTPManager],
+            };
+        }
+    };
+    return OTPModule = _classThis;
+})();
+export { OTPModule };
+function createManagerProvider(options) {
+    return {
+        provide: OTPManager,
+        useValue: new OTPManager(options),
+    };
+}

package/dist/utils/identifier-normalizer.d.ts

@@ -0,0 +1,2 @@
+import type { IdentifierNormalizationConfig, OTPPayload } from "../core/otp.types.js";
+export declare function normalizePayloadIdentifier(payload: OTPPayload, config?: IdentifierNormalizationConfig): OTPPayload;

package/dist/utils/identifier-normalizer.js

@@ -0,0 +1,27 @@
+const DEFAULT_IDENTIFIER_NORMALIZATION = {
+    trim: true,
+    lowercase: true,
+    preserveCaseFor: ["sms", "token"],
+};
+export function normalizePayloadIdentifier(payload, config) {
+    const resolvedConfig = resolveNormalizationConfig(config);
+    let identifier = payload.identifier;
+    if (resolvedConfig.trim) {
+        identifier = identifier.trim();
+    }
+    const preserveCase = resolvedConfig.preserveCaseFor.includes(payload.type);
+    if (resolvedConfig.lowercase && !preserveCase) {
+        identifier = identifier.toLowerCase();
+    }
+    return {
+        ...payload,
+        identifier,
+    };
+}
+function resolveNormalizationConfig(config) {
+    return {
+        ...DEFAULT_IDENTIFIER_NORMALIZATION,
+        ...config,
+        preserveCaseFor: config?.preserveCaseFor ?? DEFAULT_IDENTIFIER_NORMALIZATION.preserveCaseFor,
+    };
+}

package/dist/utils/key-builder.d.ts

@@ -2,3 +2,4 @@ import type { OTPPayload } from "../core/otp.types.js";
 export declare function buildOtpKey(payload: OTPPayload): string;
 export declare function buildAttemptsKey(payload: OTPPayload): string;
 export declare function buildRateLimitKey(payload: OTPPayload): string;
+export declare function buildCooldownKey(payload: OTPPayload): string;

package/dist/utils/key-builder.js

@@ -10,3 +10,6 @@ export function buildAttemptsKey(payload) {
 export function buildRateLimitKey(payload) {
     return `rate:${payload.type}:${payload.identifier}`;
 }
+export function buildCooldownKey(payload) {
+    return `cooldown:${normalizeIntent(payload.intent)}:${payload.type}:${payload.identifier}`;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "redis-otp-manager",
-  "version": "0.1.0",
+  "version": "0.2.2",
   "description": "Lightweight, Redis-backed OTP manager for Node.js apps",
   "repository": {
     "type": "git",
@@ -19,6 +19,10 @@
     ".": {
       "types": "./dist/index.d.ts",
       "import": "./dist/index.js"
+    },
+    "./nest": {
+      "types": "./dist/integrations/nest/index.d.ts",
+      "import": "./dist/integrations/nest/index.js"
     }
   },
   "files": [
@@ -37,6 +41,7 @@
     "otp",
     "redis",
     "nodejs",
+    "nestjs",
     "authentication",
     "security",
     "verification",
@@ -49,17 +54,36 @@
     "access": "public"
   },
   "peerDependencies": {
-    "redis": "^4.0.0 || ^5.0.0"
+    "@nestjs/common": "^10.0.0 || ^11.0.0",
+    "@nestjs/core": "^10.0.0 || ^11.0.0",
+    "redis": "^4.0.0 || ^5.0.0",
+    "reflect-metadata": "^0.1.12 || ^0.2.0",
+    "rxjs": "^7.0.0"
   },
   "peerDependenciesMeta": {
+    "@nestjs/common": {
+      "optional": true
+    },
+    "@nestjs/core": {
+      "optional": true
+    },
     "redis": {
       "optional": true
+    },
+    "reflect-metadata": {
+      "optional": true
+    },
+    "rxjs": {
+      "optional": true
     }
   },
   "devDependencies": {
+    "@nestjs/common": "^11.1.17",
+    "@nestjs/core": "^11.1.17",
     "@types/node": "^24.0.0",
+    "reflect-metadata": "^0.2.2",
+    "rxjs": "^7.8.2",
     "tsx": "^4.19.0",
     "typescript": "^5.8.0"
   }
-}
-
+}