Gathering detailed insights and metrics for @keyv/valkey
Gathering detailed insights and metrics for @keyv/valkey
Installations
npm install @keyv/valkeyDeveloper
Developer Guide
BETA
Module System
ESM
Min. Node Version
>= 18
Typescript Support
Yes
Node Version
20.17.0
NPM Version
10.9.0
Statistics
2,637 Stars
1,390 Commits
146 Forks
19 Watching
2 Branches
65 Contributors
Updated on 28 Nov 2024
Languages
TypeScript (99.05%)
CSS (0.39%)
Shell (0.39%)
JavaScript (0.17%)
Total Downloads
Cumulative downloads
Total Downloads
3,030
Last day
-93.5%
18
Compared to previous day
Last week
-39.3%
551
Compared to previous week
Last month
841.2%
2,739
Compared to previous month
Last year
0%
3,030
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Dev Dependencies
6
Versions
Simple key-value storage with support for multiple backends
How to Use the Keyv Mono Repo
Keyv and its storage adapters are in this mono repo and there are details below on how to use this repository. In addtion we have a couple of other documents for review:
- CODE_OF_CONDUCT - Our code of conduct
- CONTRIBUTING - How to contribute to this project
- SECURITY - Security guidelines and supported versions
Getting Started
Keyv is a simple key-value storage system that supports multiple backends. It's designed to be a simple and consistent way to work with key-value stores.
To learn how to use Keyv, check out the keyv README. To learn how to use a specific storage adapter, check out the README for that adapter under Storage Adapters.
Open a Pull Request
You can contribute changes to this repo by opening a pull request:
- After forking this repository to your Git account, make the proposed changes on your forked branch.
- Run tests and linting locally.
- Install and run Docker if you aren't already. NOTE: on docker set
enable host networkingto true as it is required for the tests in redis clustering. - Run
pnpm test:services:start, allow for the services to come up. - Run
pnpm test.
- Install and run Docker if you aren't already. NOTE: on docker set
- Commit your changes and push them to your forked repository.
- Navigate to the main
keyvrepository and select the Pull Requests tab. - Click the New pull request button, then select the option "Compare across forks"
- Leave the base branch set to main. Set the compare branch to your forked branch, and open the pull request.
- Once your pull request is created, ensure that all checks have passed and that your branch has no conflicts with the base branch. If there are any issues, resolve these changes in your local repository, and then commit and push them to git.
- Similarly, respond to any reviewer comments or requests for changes by making edits to your local repository and pushing them to Git.
- Once the pull request has been reviewed, those with write access to the branch will be able to merge your changes into the
keyvrepository.
If you need more information on the steps to create a pull request, you can find a detailed walkthrough in the Github documentation
Post an Issue
To post an issue, navigate to the "Issues" tab in the main repository, and then select "New Issue." Enter a clear title describing the issue, as well as a description containing additional relevant information. Also select the label that best describes your issue type. For a bug report, for example, create an issue with the label "bug." In the description field, Be sure to include replication steps, as well as any relevant error messages.
If you're reporting a security violation, be sure to check out the project's security policy.
Please also refer to our Code of Conduct for more information on how to report issues.
Ask a Question
To ask a question, create an issue with the label "question." In the issue description, include the related code and any context that can help us answer your question.
Request the Addition of a Storage Adapter
To request a new storage adapter, create an issue with the label "storage adapter." In the issue description, include any relevant information about the storage adapter that you would like to be added.
Once this request has been submitted in "issues" we will give it 30-60 days for any upvotes to take place. If there is little interest in the request, it will be closed.
If there is already an adapter that you would like to add, please post an issue with the label "storage adapter" and include the name of the adapter you would like to add with the description and any relevant information.
Packages in this Repository
- keyv: Simple key-value storage with support for multiple backends
- test-suite: Test suite for Keyv API compliance
Storage Adapters
- etcd: Etcd storage adapter
- memcache: Memcache storage adapter
- mongo: MongoDB storage adapter
- mysql: MySQL/MariaDB storage adapter
- postgres: PostgreSQL storage adapter
- redis: Redis storage adapter
- valkey: Valkey (Open Source Redis) storage adapter
- sqlite: SQLite storage adapter
- tiered: Tiered storage adapter to manage local and remote storage as one
Compression Adapters
Third-party Storage Adapters
Here are the storage adapters that are not in this repository but compatible with Keyv.
- quick-lru - Simple "Least Recently Used" (LRU) cache
- keyv-file - File system storage adapter for Keyv
- keyv-dynamodb - DynamoDB storage adapter for Keyv
- keyv-lru - LRU storage adapter for Keyv
- keyv-null - Null storage adapter for Keyv
- keyv-firestore – Firebase Cloud Firestore adapter for Keyv
- keyv-mssql - Microsoft Sql Server adapter for Keyv
- keyv-azuretable - Azure Table Storage/API adapter for Keyv
- keyv-arango - ArangoDB storage adapter for Keyv
- keyv-momento - Momento storage adapter for Keyv
- @resolid/keyv-sqlite - A new SQLite storage adapter for Keyv
License
MIT © Jared Wray
No vulnerabilities found.
Reason
30 commit(s) and 18 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
SAST tool is run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Info: all commits (25) are checked with a SAST tool
Reason
Found 1/30 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:28
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:29
- Warn: no topLevel permission defined: .github/workflows/codecov.yaml:1
- Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1
- Warn: no topLevel permission defined: .github/workflows/deploy-website.yml:1
- Warn: no topLevel permission defined: .github/workflows/tests.yaml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codecov.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/jaredwray/keyv/codecov.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codecov.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/jaredwray/keyv/codecov.yaml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/codecov.yaml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/jaredwray/keyv/codecov.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/jaredwray/keyv/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/jaredwray/keyv/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/jaredwray/keyv/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/jaredwray/keyv/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-website.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/jaredwray/keyv/deploy-website.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-website.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/jaredwray/keyv/deploy-website.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy-website.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/jaredwray/keyv/deploy-website.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/jaredwray/keyv/tests.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/jaredwray/keyv/tests.yaml/main?enable=pin
- Warn: containerImage not pinned by hash: packages/postgres/Dockerfile.ssl:1: pin your Docker image by updating postgres:latest to postgres:latest@sha256:994cc3113ce004ae73df11f0dbc5088cbe6bb0da1691dd7e6f55474202a4f211
- Warn: npmCommand not pinned by hash: .github/workflows/codecov.yaml:25
- Warn: npmCommand not pinned by hash: .github/workflows/deploy-website.yml:30
- Warn: npmCommand not pinned by hash: .github/workflows/tests.yaml:25
- Info: 0 out of 10 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 0 out of 3 npmCommand dependencies pinned
- Info: 0 out of 1 containerImage dependencies pinned
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
- Warn: branch protection not enabled for branch 'v4'
Score
5.6
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More