@ladjs/api - npm Package Compare versions

Comparing version 0.0.8 to 0.0.9

index.js

@@ -28,2 +28,9 @@ const http = require('http');
 
+let max = process.env.RATELIMIT_MAX
+  ? parseInt(process.env.RATELIMIT_MAX, 10)
+  : 100;
+
+if (!process.env.RATELIMIT_MAX && process.env.NODE_ENV === 'development')
+  max = Number.MAX_VALUE;
+
 class Server {
@@ -51,7 +58,11 @@ constructor(config) {
         rateLimit: {
-          duration: 60000,
-          max: process.env.RATELIMIT_MAX || 100,
+          duration: process.env.RATELIMIT_DURATION
+            ? parseInt(process.env.RATELIMIT_DURATION, 10)
+            : 60000,
+          max,
           id: ctx => ctx.ip
         },
-        timeoutMs: process.env.API_TIMEOUT_MS || 2000
+        timeoutMs: process.env.API_TIMEOUT_MS
+          ? parseInt(process.env.API_TIMEOUT_MS, 10)
+          : 2000
       },
@@ -58,0 +69,0 @@ config

package.json

 {
   "name": "@ladjs/api",
   "description": "API server for Lad",
-  "version": "0.0.8",
+  "version": "0.0.9",
   "author": "Nick Baugh <niftylettuce@gmail.com> (http://niftylettuce.com/)",
@@ -6,0 +6,0 @@ "ava": {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

11745

increased by2.83%

Lines of code

185

increased by5.11%

Worsened metrics

Number of low supply chain risk alerts

20

increased by42.86%

No dependency changes