Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
aedes-persistence-mongodb
Advanced tools
aedes-persistence-mongodb
Aedes persistence, backed by MongoDB.
See aedes-persistence for the full API, and Aedes for usage.
Install
npm i aedes aedes-persistence-mongodb --save
API
aedesPersistenceMongoDB([opts])
Creates a new instance of aedes-persistence-mongodb.
It accepts a connections string url or you can pass your existing db object. Also, you can choose to set a ttl (time to live) for your subscribers or packets. This option will help you to empty your db from keeping useless data.
Options
url: The MongoDB connection urlmongoOptions: Extra options to pass to MongoDB driver (see node-mongodb-native)ttl: Used to set a ttl (time to live) to documents stored in collectionspackets: Could be an integer value that specify the ttl in seconds of all packets collections or an Object that specifies for each collection its ttl in seconds. Packets collections are:incoming,outgoing,retained,will.susbscriptions: Set a ttl (in seconds)
db: Existing MongoDB instance (if nourloption is specified)dropExistingIndexes: Flag used to drop any existing index previously created on collections (except default index_id)ttlAfterDisconnected: Flag used to enable alternative behavior of the subscription ttl, the subscription will expire based on time since client last disconnected from the broker instead of time since the subscription was created.
When changing ttl durations or switching on/off ttlAfterDisconnected on an existing database, dropExistingIndexes needs to be set to true for ttl indexes to be updated.
Examples
aedesPersistenceMongoDB({
url: 'mongodb://127.0.0.1/aedes-test', // Optional when you pass db object
// Optional mongo options
mongoOptions: {
auth: {
user: 'username',
password: 'password'
}
},
// Optional ttl settings
ttl: {
packets: 300, // Number of seconds
subscriptions: 300,
}
})
With the previous configuration all packets will have a ttl of 300 seconds. You can also provide different ttl settings for each collection:
ttl: {
packets: {
incoming: 100,
outgoing: 100,
will: 300,
retained: -1
}, // Number of seconds
subscriptions: 300,
}
If you want a specific collection to be persistent just set a ttl of -1 or null or undefined.
If you want to reuse an existing MongoDb instance just set the db option:
aedesPersistenceMongoDB({
db:db
})
With mongoose:
aedesPersistenceMongoDB({
db: mongoose.connection.useDb('myDbName').db
})
License
MIT
FAQs
MongoDB persistence for Aedes
The npm package aedes-persistence-mongodb receives a total of 2,486 weekly downloads. As such, aedes-persistence-mongodb popularity was classified as popular.
We found that aedes-persistence-mongodb demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Package last updated on 10 Jul 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025
Application Security
/Research
/Security News
Updated and Ongoing Supply Chain Attack Targets CrowdStrike npm Packages
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.
By Kush Pandya, Peter van der Zee, Olivia Brown, Socket Research Team - Sep 16, 2025