Gathering detailed insights and metrics for telegraf-session-local
Gathering detailed insights and metrics for telegraf-session-local
Telegraf local sessions middleware with multiple supported storage types (Memory/FileSync/FileAsync/...) using lowdb
Installations
npm install telegraf-session-localDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>=12
Node Version
18.13.0
NPM Version
9.3.1
Score
71
Supply Chain
98.4
Quality
77.2
Maintenance
100
Vulnerability
99.6
License
Releases
8
Languages
1
JavaScript
JavaScript (100%)
Developer
Download Statistics
Total Downloads
168,949
Last Day
60
Last Week
1,071
Last Month
4,343
Last Year
44,710
GitHub Statistics
MIT License
92 Stars
139 Commits
10 Forks
3 Watchers
18 Branches
4 Contributors
Updated on May 12, 2025
Bundle Size
91.89 kB
Minified
30.68 kB
Minified + Gzipped
Maintainers
2
Package Meta Information
Latest Version
2.1.1
Package Id
telegraf-session-local@2.1.1
Unpacked Size
24.33 kB
Size
7.51 kB
File Count
6
NPM Version
9.3.1
Node Version
18.13.0
Published on
Jan 29, 2023
Total Downloads
Cumulative downloads
Total Downloads
168,949
Last Day
1.7%
60
Compared to previous day
Last Week
25.7%
1,071
Compared to previous week
Last Month
-10.7%
4,343
Compared to previous month
Last Year
47.9%
44,710
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Telegraf Session local
Middleware for locally stored sessions & database
⚡️ Features
-
Any type of storage:
Memory,FileSync,FileAsync, ... (implement your own) -
Any format you want:
JSON,BSON,YAML,XML, ... (implement your own) -
Shipped together with power of
lodash -
Supports basic DB-like operations (thanks to lodash-id):
getById,insert,upsert,updateById,updateWhere,replaceById,removeById,removeWhere,createId,
🚀 Installation
1$ npm install -S telegraf-session-local
💡 TIP: We recommend
pnpmpackage manager:npm i -g pnpmand thenpnpm i -S telegraf-session-local.
It's in-place replacement fornpm, faster and better thannpm/yarn, and saves your disk space.
📚 Documentation & API
👀 Quick-start example
1const { Telegraf } = require('telegraf')
2const LocalSession = require('telegraf-session-local')
3
4const bot = new Telegraf(process.env.BOT_TOKEN) // Your Bot token here
5
6bot.use((new LocalSession({ database: 'example_db.json' })).middleware())
7
8bot.on('text', (ctx, next) => {
9 ctx.session.counter = ctx.session.counter || 0
10 ctx.session.counter++
11 ctx.replyWithMarkdownV2(`Counter updated, new value: \`${ctx.session.counter}\``)
12 return next()
13})
14
15bot.command('/stats', (ctx) => {
16 ctx.replyWithMarkdownV2(`Database has \`${ctx.session.counter}\` messages from @${ctx.from.username || ctx.from.id}`)
17})
18
19bot.command('/remove', (ctx) => {
20 ctx.replyWithMarkdownV2(`Removing session from database: \`${JSON.stringify(ctx.session)}\``)
21 // Setting session to null, undefined or empty object/array will trigger removing it from database
22 ctx.session = null
23})
24
25bot.launch()📄 Full example
1const { Telegraf } = require('telegraf') 2const LocalSession = require('telegraf-session-local') 3 4const bot = new Telegraf(process.env.BOT_TOKEN) // Your Bot token here 5 6const localSession = new LocalSession({ 7 // Database name/path, where sessions will be located (default: 'sessions.json') 8 database: 'example_db.json', 9 // Name of session property object in Telegraf Context (default: 'session') 10 property: 'session', 11 // Type of lowdb storage (default: 'storageFileSync') 12 storage: LocalSession.storageFileAsync, 13 // Format of storage/database (default: JSON.stringify / JSON.parse) 14 format: { 15 serialize: (obj) => JSON.stringify(obj, null, 2), // null & 2 for pretty-formatted JSON 16 deserialize: (str) => JSON.parse(str), 17 }, 18 // We will use `messages` array in our database to store user messages using exported lowdb instance from LocalSession via Telegraf Context 19 state: { messages: [] } 20}) 21 22// Wait for database async initialization finished (storageFileAsync or your own asynchronous storage adapter) 23localSession.DB.then(DB => { 24 // Database now initialized, so now you can retrieve anything you want from it 25 console.log('Current LocalSession DB:', DB.value()) 26 // console.log(DB.get('sessions').getById('1:1').value()) 27}) 28 29// Telegraf will use `telegraf-session-local` configured above middleware 30bot.use(localSession.middleware()) 31 32bot.on('text', (ctx, next) => { 33 ctx.session.counter = ctx.session.counter || 0 34 ctx.session.counter++ 35 ctx.replyWithMarkdownV2(`Counter updated, new value: \`${ctx.session.counter}\``) 36 // Writing message to Array `messages` into database which already has sessions Array 37 ctx.sessionDB.get('messages').push([ctx.message]).write() 38 // `property`+'DB' is a name of ctx property which contains lowdb instance, default = `sessionDB` 39 40 return next() 41}) 42 43bot.command('/stats', (ctx) => { 44 ctx.replyWithMarkdownV2(`Session has \`${ctx.session.counter}\` messages from @${ctx.from.username || ctx.from.id}`) 45}) 46 47bot.command('/remove', (ctx) => { 48 ctx.replyWithMarkdownV2(`Removing session from lowdb database: \`${JSON.stringify(ctx.session)}\``) 49 // Setting session to null, undefined or empty object/array will trigger removing it from database 50 ctx.session = null 51}) 52 53bot.launch()
Another examples located in /examples folder (PRs welcome)
Also, you may read comments in /lib/session.js
Tema Smirnov and contributors / github.tema@smirnov.one / 
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 0 commits out of 15 are checked with a SAST tool
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 1/16 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:16
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:17
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Warn: no topLevel permission defined: .github/workflows/codeql.yml:1
- Info: no jobLevel write permissions found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/RealSpeaker/telegraf-session-local/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/RealSpeaker/telegraf-session-local/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/RealSpeaker/telegraf-session-local/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/RealSpeaker/telegraf-session-local/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/RealSpeaker/telegraf-session-local/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/RealSpeaker/telegraf-session-local/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/RealSpeaker/telegraf-session-local/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/RealSpeaker/telegraf-session-local/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/RealSpeaker/telegraf-session-local/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/RealSpeaker/telegraf-session-local/codeql.yml/master?enable=pin
- Info: 0 out of 7 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 3 third-party GitHubAction dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Score
3.9
/10
Last Scanned on 2025-06-30
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More