Gathering detailed insights and metrics for @casual-simulation/rate-limit-redis
Gathering detailed insights and metrics for @casual-simulation/rate-limit-redis
Casual Open Simulation for the Web
Installations
npm install @casual-simulation/rate-limit-redisDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Node Version
18.20.7
NPM Version
lerna/8.0.0/node@v18.20.7+x64 (linux)
Score
71.8
Supply Chain
99.3
Quality
82.9
Maintenance
100
Vulnerability
100
License
Releases
340
Languages
9
TypeScript
JavaScript
TeX
Vue
CSS
HTML
Shell
SCSS
Dockerfile
TypeScript (67.12%)
JavaScript (27.4%)
TeX (3.8%)
Vue (1.24%)
CSS (0.27%)
HTML (0.1%)
Shell (0.04%)
SCSS (0.02%)
Dockerfile (0.01%)
Developer
Download Statistics
Total Downloads
13,669
Last Day
4
Last Week
9
Last Month
160
Last Year
4,878
GitHub Statistics
NOASSERTION License
53 Stars
14,101 Commits
10 Forks
7 Watchers
268 Branches
13 Contributors
Updated on Jun 30, 2025
Bundle Size
2.48 kB
Minified
0.99 kB
Minified + Gzipped
Maintainers
2
Package Meta Information
Latest Version
3.4.0
Package Id
@casual-simulation/rate-limit-redis@3.4.0
Unpacked Size
25.56 kB
Size
8.01 kB
File Count
20
NPM Version
lerna/8.0.0/node@v18.20.7+x64 (linux)
Node Version
18.20.7
Published on
Apr 05, 2025
Total Downloads
Cumulative downloads
Total Downloads
13,669
Dev Dependencies
4
rate-limit-redis
rate-limit-redis 
A redis store for the
express-rate-limit
middleware.
Installation
From the npm registry:
1# Using npm 2> npm install rate-limit-redis 3# Using yarn or pnpm 4> yarn/pnpm add rate-limit-redis
From Github Releases:
1# Using npm 2> npm install https://github.com/wyattjoh/rate-limit-redis/releases/download/v{version}/rate-limit-redis.tgz 3# Using yarn or pnpm 4> yarn/pnpm add https://github.com/wyattjoh/rate-limit-redis/releases/download/v{version}/rate-limit-redis.tgz
Replace {version} with the version of the package that you want to your, e.g.:
3.0.0.
Usage
Importing
This library is provided in ESM as well as CJS forms, and works with both Javascript and Typescript projects.
This package requires you to use Node 14 or above.
Import it in a CommonJS project (type: commonjs or no type field in
package.json) as follows:
1const RedisStore = require('rate-limit-redis');
Import it in a ESM project (type: module in package.json) as follows:
1import RedisStore from 'rate-limit-redis';
Examples
To use it with a node-redis client:
1import rateLimit from 'express-rate-limit';
2import RedisStore from 'rate-limit-redis';
3import { createClient } from 'redis';
4
5// Create a `node-redis` client
6const client = createClient({
7 // ... (see https://github.com/redis/node-redis/blob/master/docs/client-configuration.md)
8});
9// Then connect to the Redis server
10await client.connect();
11
12// Create and use the rate limiter
13const limiter = rateLimit({
14 // Rate limiter configuration
15 windowMs: 15 * 60 * 1000, // 15 minutes
16 max: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
17 standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
18 legacyHeaders: false, // Disable the `X-RateLimit-*` headers
19
20 // Redis store configuration
21 store: new RedisStore({
22 sendCommand: (...args: string[]) => client.sendCommand(args),
23 }),
24});
25app.use(limiter);To use it with a ioredis client:
1import rateLimit from 'express-rate-limit';
2import RedisStore from 'rate-limit-redis';
3import RedisClient from 'ioredis';
4
5// Create a `ioredis` client
6const client = new RedisClient();
7// ... (see https://github.com/luin/ioredis#connect-to-redis)
8
9// Create and use the rate limiter
10const limiter = rateLimit({
11 // Rate limiter configuration
12 windowMs: 15 * 60 * 1000, // 15 minutes
13 max: 100, // Limit each IP to 100 requests per `window` (here, per 15 minutes)
14 standardHeaders: true, // Return rate limit info in the `RateLimit-*` headers
15 legacyHeaders: false, // Disable the `X-RateLimit-*` headers
16
17 // Redis store configuration
18 store: new RedisStore({
19 // @ts-expect-error - Known issue: the `call` function is not present in @types/ioredis
20 sendCommand: (...args: string[]) => client.call(...args),
21 }),
22});
23app.use(limiter);Configuration
sendCommand
The function used to send commands to Redis. The function signature is as follows:
1(...args: string[]) => Promise<number> | number
The raw command sending function varies from library to library; some are given below:
| Library | Function |
|---|---|
node-redis | async (...args: string[]) => client.sendCommand(args) |
ioredis | async (...args: string[]) => client.call(...args) |
handy-redis | async (...args: string[]) => client.nodeRedis.sendCommand(args) |
tedis | async (...args: string[]) => client.command(...args) |
redis-fast-driver | async (...args: string[]) => client.rawCallAsync(args) |
yoredis | async (...args: string[]) => (await client.callMany([args]))[0] |
noderis | async (...args: string[]) => client.callRedis(...args) |
prefix
The text to prepend to the key in Redis.
Defaults to rl:.
resetExpiryOnChange
Whether to reset the expiry for a particular key whenever its hit count changes.
Defaults to false.
License
MIT © Wyatt Johnson
No vulnerabilities found.
Reason
30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yml:11
Reason
project is fuzzed
Details
- Info: TypeScriptPropertyBasedTesting integration found: src/expect/src/__tests__/__arbitraries__/sharedSettings.ts:9
- Info: TypeScriptPropertyBasedTesting integration found: src/expect/src/__tests__/matchers-toContain.property.test.ts:9
- Info: TypeScriptPropertyBasedTesting integration found: src/expect/src/__tests__/matchers-toContainEqual.property.test.ts:9
- Info: TypeScriptPropertyBasedTesting integration found: src/expect/src/__tests__/matchers-toEqual.property.test.ts:9
- Info: TypeScriptPropertyBasedTesting integration found: src/expect/src/__tests__/matchers-toStrictEqual.property.test.ts:10
- Info: TypeScriptPropertyBasedTesting integration found: src/expect/src/diff-sequences/__tests__/index.property.test.ts:9
- Info: TypeScriptPropertyBasedTesting integration found: src/expect/src/__tests__/__arbitraries__/sharedSettings.ts:9
- Info: TypeScriptPropertyBasedTesting integration found: src/expect/src/__tests__/matchers-toContain.property.test.ts:9
- Info: TypeScriptPropertyBasedTesting integration found: src/expect/src/__tests__/matchers-toContainEqual.property.test.ts:9
- Info: TypeScriptPropertyBasedTesting integration found: src/expect/src/__tests__/matchers-toEqual.property.test.ts:9
- Info: TypeScriptPropertyBasedTesting integration found: src/expect/src/__tests__/matchers-toStrictEqual.property.test.ts:10
- Info: TypeScriptPropertyBasedTesting integration found: src/expect/src/diff-sequences/__tests__/index.property.test.ts:9
Reason
license file detected
Details
- Info: project has a license file: LICENSE.txt:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
binaries present in source code
Details
- Warn: binary detected: src/aux-server/aux-web/shared/static/gltf-draco/draco_decoder.wasm:1
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/continuous-integration-workflow.yml:1
- Warn: no topLevel permission defined: .github/workflows/copy-ab1-files.yml:1
- Warn: no topLevel permission defined: .github/workflows/deploy.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Info: no jobLevel write permissions found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/continuous-integration-workflow.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/continuous-integration-workflow.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/continuous-integration-workflow.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/continuous-integration-workflow.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/continuous-integration-workflow.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/continuous-integration-workflow.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/continuous-integration-workflow.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/continuous-integration-workflow.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/continuous-integration-workflow.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/continuous-integration-workflow.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/continuous-integration-workflow.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/continuous-integration-workflow.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/continuous-integration-workflow.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/continuous-integration-workflow.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/continuous-integration-workflow.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/continuous-integration-workflow.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/copy-ab1-files.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/copy-ab1-files.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/copy-ab1-files.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/copy-ab1-files.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/deploy.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/deploy.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/release.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/release.yml/develop?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:183: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/release.yml/develop?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/release.yml/develop?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:199: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/release.yml/develop?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:205: update your workflow using https://app.stepsecurity.io/secureworkflow/casual-simulation/casualos/release.yml/develop?enable=pin
- Warn: containerImage not pinned by hash: .aws/docker/Dockerfile:1: pin your Docker image by updating ubuntu:latest to ubuntu:latest@sha256:b59d21599a2b151e23eea5f6602f4af4d7d31c4e236d22bf0b62b86d2e386b8f
- Warn: containerImage not pinned by hash: .gitpod.Dockerfile:1: pin your Docker image by updating gitpod/workspace-full to gitpod/workspace-full@sha256:b1195dfae7ee9a12a89d195247c3e1357cc6a18360a41473dbec67525ef434e2
- Warn: containerImage not pinned by hash: Dockerfile:1: pin your Docker image by updating node:18 to node:18@sha256:c6ae79e38498325db67193d391e6ec1d224d96c693a8a4d943498556716d3783
- Warn: containerImage not pinned by hash: Dockerfile.arm32:1: pin your Docker image by updating arm32v7/node:18 to arm32v7/node:18@sha256:e70189843d421096d80e781543fede6491c0f550ab2f5d9d8cec75d1d5090dbf
- Warn: containerImage not pinned by hash: Dockerfile.arm64:1: pin your Docker image by updating arm64v8/node:18 to arm64v8/node:18@sha256:0de23204bc92518ee14a2f59606452dc5f1fcc929b3d4968af1f8b18e8ea57c3
- Warn: containerImage not pinned by hash: src/aux-proxy/Dockerfile:1: pin your Docker image by updating node:11 to node:11@sha256:67ca28addce8ae818b144114a9376a6603aba09069b7313618d37b38584abba1
- Warn: containerImage not pinned by hash: src/aux-redirector/Dockerfile:1: pin your Docker image by updating node:11 to node:11@sha256:67ca28addce8ae818b144114a9376a6603aba09069b7313618d37b38584abba1
- Warn: downloadThenRun not pinned by hash: .aws/docker/Dockerfile:52
- Warn: npmCommand not pinned by hash: .gitpod.Dockerfile:16
- Warn: downloadThenRun not pinned by hash: Dockerfile:15
- Warn: npmCommand not pinned by hash: Dockerfile:17
- Warn: npmCommand not pinned by hash: Dockerfile:18
- Warn: npmCommand not pinned by hash: Dockerfile.arm64:16
- Warn: npmCommand not pinned by hash: Dockerfile.arm64:17
- Warn: npmCommand not pinned by hash: src/aux-proxy/Dockerfile:7
- Warn: npmCommand not pinned by hash: src/aux-redirector/Dockerfile:7
- Warn: downloadThenRun not pinned by hash: .aws/ami/install-nodejs.sh:6
- Warn: npmCommand not pinned by hash: .aws/ami/install-nodejs.sh:17
- Warn: pipCommand not pinned by hash: install.sh:121
- Warn: pipCommand not pinned by hash: install.sh:177
- Warn: npmCommand not pinned by hash: .github/workflows/release.yml:61
- Warn: npmCommand not pinned by hash: .github/workflows/release.yml:79
- Info: 0 out of 14 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 4 third-party GitHubAction dependencies pinned
- Info: 0 out of 7 containerImage dependencies pinned
- Info: 0 out of 3 downloadThenRun dependencies pinned
- Info: 0 out of 10 npmCommand dependencies pinned
- Info: 0 out of 2 pipCommand dependencies pinned
Reason
29 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
- Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
- Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
- Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-36jr-mh4h-2g58
- Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-vxvm-qww3-2fh7
- Warn: Project is vulnerable to: GHSA-h7cp-r72f-jxh6
- Warn: Project is vulnerable to: GHSA-v62p-rq8g-8h59
- Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-vg6x-rcgg-rjx6
- Warn: Project is vulnerable to: GHSA-x574-m823-4x7w
- Warn: Project is vulnerable to: GHSA-4r4m-qw57-chr8
- Warn: Project is vulnerable to: GHSA-xcj6-pq6g-qj4x
- Warn: Project is vulnerable to: GHSA-356w-63v5-8wf4
- Warn: Project is vulnerable to: GHSA-859w-5945-r5v3
- Warn: Project is vulnerable to: GHSA-5j4c-8p2g-v4jx
- Warn: Project is vulnerable to: GHSA-g3ch-rx76-35fx
- Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v
- Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h
Score
4.7
/10
Last Scanned on 2025-06-23
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More