Gathering detailed insights and metrics for aedes-persistence-mongodb
Gathering detailed insights and metrics for aedes-persistence-mongodb
Installations
npm install aedes-persistence-mongodbScore
51.4
Supply Chain
98.3
Quality
79.4
Maintenance
100
Vulnerability
98.2
License
Releases
26
Contributors
15
![dependabot-preview[bot]](https://avatars.githubusercontent.com/in/2141?v=4){kind=avatar}
![lgtm-com[bot]](https://avatars.githubusercontent.com/in/17324?v=4){kind=avatar}
Developer
moscajs
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
>=14.0.0
Typescript Support
No
Node Version
16.18.1
NPM Version
8.19.2
Statistics
14 Stars
192 Commits
16 Forks
12 Watching
4 Branches
15 Contributors
Updated on 21 Apr 2024
Bundle Size
828.93 kB
Minified
224.28 kB
Minified + Gzipped
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
333,402
Last day
-5.9%
351
Compared to previous day
Last week
14.7%
1,930
Compared to previous week
Last month
-11.2%
7,199
Compared to previous month
Last year
-18.3%
75,884
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
aedes-persistence-mongodb
Aedes persistence, backed by MongoDB.
See aedes-persistence for the full API, and Aedes for usage.
Install
npm i aedes aedes-persistence-mongodb --save
API
aedesPersistenceMongoDB([opts])
Creates a new instance of aedes-persistence-mongodb.
It accepts a connections string url or you can pass your existing db object. Also, you can choose to set a ttl (time to live) for your subscribers or packets. This option will help you to empty your db from keeping useless data.
Options
url: The MongoDB connection urlmongoOptions: Extra options to pass to MongoDB driver (see node-mongodb-native)ttl: Used to set a ttl (time to live) to documents stored in collectionspackets: Could be an integer value that specify the ttl in seconds of all packets collections or an Object that specifies for each collection its ttl in seconds. Packets collections are:incoming,outgoing,retained,will.susbscriptions: Set a ttl (in seconds)
db: Existing MongoDB instance (if nourloption is specified)dropExistingIndexes: Flag used to drop any existing index previously created on collections (except default index_id)ttlAfterDisconnected: Flag used to enable alternative behavior of the subscription ttl, the subscription will expire based on time since client last disconnected from the broker instead of time since the subscription was created.
When changing ttl durations or switching on/off ttlAfterDisconnected on an existing database, dropExistingIndexes needs to be set to true for ttl indexes to be updated.
Examples
1aedesPersistenceMongoDB({
2 url: 'mongodb://127.0.0.1/aedes-test', // Optional when you pass db object
3 // Optional mongo options
4 mongoOptions: {
5 auth: {
6 user: 'username',
7 password: 'password'
8 }
9 },
10 // Optional ttl settings
11 ttl: {
12 packets: 300, // Number of seconds
13 subscriptions: 300,
14 }
15})With the previous configuration all packets will have a ttl of 300 seconds. You can also provide different ttl settings for each collection:
1ttl: { 2 packets: { 3 incoming: 100, 4 outgoing: 100, 5 will: 300, 6 retained: -1 7 }, // Number of seconds 8 subscriptions: 300, 9}
If you want a specific collection to be persistent just set a ttl of -1 or null or undefined.
If you want to reuse an existing MongoDb instance just set the db option:
1aedesPersistenceMongoDB({
2 db:db
3})With mongoose:
1aedesPersistenceMongoDB({
2 db: mongoose.connection.useDb('myDbName').db
3})License
MIT
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 0 commits out of 20 are checked with a SAST tool
Reason
Found 9/23 approved changesets -- score normalized to 3
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/moscajs/aedes-persistence-mongodb/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/moscajs/aedes-persistence-mongodb/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/moscajs/aedes-persistence-mongodb/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/moscajs/aedes-persistence-mongodb/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/moscajs/aedes-persistence-mongodb/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/moscajs/aedes-persistence-mongodb/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/moscajs/aedes-persistence-mongodb/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/moscajs/aedes-persistence-mongodb/codeql.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:29
- Info: 0 out of 6 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:16
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:17
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Warn: no topLevel permission defined: .github/workflows/codeql.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Score
4.2
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More