Security News
Node.js EOL Versions CVE Dubbed the "Worst CVE of the Year" by Security Experts
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
@upstash/ratelimit
Advanced tools
[![npm (scoped)](https://img.shields.io/npm/v/@upstash/ratelimit)](https://www.npmjs.com/package/@upstash/ratelimit) [![Tests](https://github.com/upstash/ratelimit/actions/workflows/tests.yaml/badge.svg)](https://github.com/upstash/ratelimit/actions/workf
[!NOTE] This project is in GA Stage. The Upstash Professional Support fully covers this project. It receives regular updates, and bug fixes. The Upstash team is committed to maintaining and improving its functionality.
It is the only connectionless (HTTP based) rate limiting library and designed for:
npm install @upstash/ratelimit
import { Ratelimit } from "https://cdn.skypack.dev/@upstash/ratelimit@latest";
Create a new redis database on upstash. See here for documentation on how to create a redis instance.
import { Ratelimit } from "@upstash/ratelimit"; // for deno: see above
import { Redis } from "@upstash/redis"; // see below for cloudflare and fastly adapters
// Create a new ratelimiter, that allows 10 requests per 10 seconds
const ratelimit = new Ratelimit({
redis: Redis.fromEnv(),
limiter: Ratelimit.slidingWindow(10, "10 s"),
analytics: true,
/**
* Optional prefix for the keys used in redis. This is useful if you want to share a redis
* instance with other applications and want to avoid key collisions. The default prefix is
* "@upstash/ratelimit"
*/
prefix: "@upstash/ratelimit",
});
// Use a constant string to limit all requests with a single ratelimit
// Or use a userID, apiKey or ip address for individual limits.
const identifier = "api";
const { success } = await ratelimit.limit(identifier);
if (!success) {
return "Unable to process at this time";
}
doExpensiveCalculation();
return "Here you go!";
For more information on getting started, you can refer to our documentation.
Here's a complete nextjs example
See the documentation for more information details about this package.
Create a new redis database on upstash and copy the url and token.
To run the tests, you will need to set some environment variables. Here is a list of variables to set:
UPSTASH_REDIS_REST_URL
UPSTASH_REDIS_REST_TOKEN
US1_UPSTASH_REDIS_REST_URL
US1_UPSTASH_REDIS_REST_TOKEN
APN_UPSTASH_REDIS_REST_URL
APN_UPSTASH_REDIS_REST_TOKEN
EU2_UPSTASH_REDIS_REST_URL
EU2_UPSTASH_REDIS_REST_TOKEN
You can create a single Upstash Redis and use its URL and token for all four above.
Once you set the environment variables, simply run:
pnpm test
FAQs
[![npm (scoped)](https://img.shields.io/npm/v/@upstash/ratelimit)](https://www.npmjs.com/package/@upstash/ratelimit) [![Tests](https://github.com/upstash/ratelimit/actions/workflows/tests.yaml/badge.svg)](https://github.com/upstash/ratelimit/actions/workf
The npm package @upstash/ratelimit receives a total of 81,572 weekly downloads. As such, @upstash/ratelimit popularity was classified as popular.
We found that @upstash/ratelimit demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
Security News
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.