npmpackage.info

Gathering detailed insights and metrics for ratelimiter

Other packages similar to ratelimiter

async-ratelimiter

1.6.1

Rate limit made simple, easy, async.

nest-ratelimiter

0.4.0

Distributed consistent flexible NestJS rate limiter based on Redis

node-ratelimiter

3.1.0

Abstract rate limiter storing its data in redis or memory

@types/ratelimiter

3.4.6

TypeScript definitions for ratelimiter

Gathering detailed insights and metrics for ratelimiter

ratelimiter - 3.4.1 | npmpackage.info

ratelimiter

Abstract rate limiter for nodejs

3.4.1

723

JavaScript

22,378,087 1.6

Installations

npm install ratelimiter

Developer Guide

BETA

Typescript

No

Module System

N/A

Node Version

6.9.1

NPM Version

5.5.1 Pull Requests

Open

6

Total

37

Closed

15

Merged

16

Issues

Open

5

Total

32

Closed

27

Releases

Unable to fetch releases

Languages

JavaScript

Makefile

JavaScript (98.9%)

Makefile (1.1%)

Developer

visionmedia

Download Statistics

Total Downloads

22,378,087

Last Day

42,317

Last Week

200,182

Last Month

757,417

Last Year

13,812,398

GitHub Statistics

723 Stars

125 Commits

62 Forks

12 Watchers

12 Branches

18 Contributors

Updated on Jul 17, 2025

Maintainers

View All 18 Contributors

Package Meta Information

Latest Version

3.4.1

Package Id

ratelimiter@3.4.1

Size

4.90 kB

NPM Version

5.5.1

Node Version

6.9.1

Published on

Feb 24, 2020

Total Downloads

Cumulative downloads

Total Downloads

22,378,087

Last Day

135.3%

42,317

Compared to previous day

Last Week

22%

200,182

Compared to previous week

Last Month

-9.7%

757,417

Compared to previous month

Last Year

367.9%

13,812,398

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dev Dependencies

async ioredis mocha redis should

ratelimiter

Rate limiter for Node.js backed by Redis.

NOTE: Promise version available at async-ratelimiter.

Release Notes

v3.4.1 - #55 by @barwin - Remove splice operation.

v3.3.1 - #51 - Remove tidy option as it's always true.

v3.3.0 - #47 by @penghap - Add tidy option to clean old records upon saving new records. Drop support in node 4.

v3.2.0 - #44 by @xdmnl - Return accurate reset time for each limited call.

v3.1.0 - #40 by @ronjouch - Add reset milliseconds to the result object.

v3.0.2 - #33 by @promag - Use sorted set to limit with moving window.

v2.2.0 - #30 by @kp96 - Race condition when using async.times.

v2.1.3 - #22 by @coderhaoxin - Dev dependencies versions bump.

v2.1.2 - #17 by @waleedsamy - Add Travis CI support.

v2.1.1 - #13 by @kwizzn - Fixes out-of-sync TTLs after running decr().

v2.1.0 - #12 by @luin - Adding support for ioredis.

v2.0.1 - #9 by @ruimarinho - Update redis commands to use array notation.

v2.0.0 - API CHANGE - Change remaining to include current call instead of decreasing it. Decreasing caused an off-by-one problem and caller could not distinguish between last legit call and a rejected call.

Requirements

Redis 2.6.12+
Node 6.0.0+

Installation

$ npm install ratelimiter

Example

Example Connect middleware implementation limiting against a user._id:

1var id = req.user._id;
2var limit = new Limiter({ id: id, db: db });
3limit.get(function(err, limit){
4  if (err) return next(err);
5
6  res.set('X-RateLimit-Limit', limit.total);
7  res.set('X-RateLimit-Remaining', limit.remaining - 1);
8  res.set('X-RateLimit-Reset', limit.reset);
9
10  // all good
11  debug('remaining %s/%s %s', limit.remaining - 1, limit.total, id);
12  if (limit.remaining) return next();
13
14  // not good
15  var delta = (limit.reset * 1000) - Date.now() | 0;
16  var after = limit.reset - (Date.now() / 1000) | 0;
17  res.set('Retry-After', after);
18  res.send(429, 'Rate limit exceeded, retry in ' + ms(delta, { long: true }));
19});

Result Object

total - max value
remaining - number of calls left in current duration without decreasing current get
reset - time since epoch in seconds at which the rate limiting period will end (or already ended)
resetMs - time since epoch in milliseconds at which the rate limiting period will end (or already ended)

Options

id - the identifier to limit against (typically a user id)
db - redis connection instance
max - max requests within duration [2500]
duration - of limit in milliseconds [3600000]

License

MIT

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

2

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Fuzzing

Determines if the project uses fuzzing.

0

License

Determines if the project has defined a license.

0

Security-Policy

Determines if the project has published a security policy.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

1.6

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More