Security News
The Risks of Misguided Research in Supply Chain Security
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
idb-keyval
Advanced tools
The idb-keyval npm package is a simple key-value store backed by IndexedDB. It provides a straightforward API for storing, retrieving, and managing data in the browser's IndexedDB, making it easier to work with compared to the native IndexedDB API.
Set a value
This feature allows you to store a value in the IndexedDB with a specified key. The code sample demonstrates how to set a value 'value' with the key 'key'.
import { set } from 'idb-keyval';
set('key', 'value').then(() => console.log('Value set!'));
Get a value
This feature allows you to retrieve a value from the IndexedDB using a specified key. The code sample demonstrates how to get the value associated with the key 'key'.
import { get } from 'idb-keyval';
get('key').then(val => console.log('Value:', val));
Delete a value
This feature allows you to delete a value from the IndexedDB using a specified key. The code sample demonstrates how to delete the value associated with the key 'key'.
import { del } from 'idb-keyval';
del('key').then(() => console.log('Value deleted!'));
Clear all values
This feature allows you to clear all values from the IndexedDB. The code sample demonstrates how to clear all stored values.
import { clear } from 'idb-keyval';
clear().then(() => console.log('All values cleared!'));
Get all keys
This feature allows you to retrieve all keys from the IndexedDB. The code sample demonstrates how to get all keys stored in the database.
import { keys } from 'idb-keyval';
keys().then(keys => console.log('Keys:', keys));
LocalForage is a fast and simple storage library for JavaScript. It improves the offline experience of your web app by using asynchronous storage (IndexedDB or WebSQL) with a simple, localStorage-like API. Compared to idb-keyval, LocalForage offers more flexibility in terms of storage backends and a more extensive API.
Dexie is a minimalistic wrapper for IndexedDB that provides a more powerful and developer-friendly API. It supports advanced querying, transactions, and versioning. Compared to idb-keyval, Dexie is more feature-rich and suitable for complex use cases involving IndexedDB.
The idb library is a small, well-tested library that makes working with IndexedDB more pleasant. It provides a promise-based API and simplifies many common tasks. Compared to idb-keyval, idb offers a more comprehensive API for interacting with IndexedDB, while idb-keyval focuses on simplicity and ease of use.
This is a super-simple promise-based keyval store implemented with IndexedDB, originally based on async-storage by Mozilla.
It's small and tree-shakeable. If you only use get/set, the library is ~250 bytes (brotli'd), if you use all methods it's ~534 bytes.
localForage offers similar functionality, but supports older browsers with broken/absent IDB implementations. Because of that, it's orders of magnitude bigger (~7k).
This is only a keyval store. If you need to do more complex things like iteration & indexing, check out IDB on NPM (a little heavier at 1k). The first example in its README is how to create a keyval store.
npm install idb-keyval
Now you can require/import idb-keyval
:
import { get, set } from 'idb-keyval';
If you're targeting IE10/11, use the compat version, and import a Promise
polyfill.
// Import a Promise polyfill
import 'es6-promise/auto';
import { get, set } from 'idb-keyval/dist/esm-compat';
A well-behaved bundler should automatically pick the ES module or the CJS module depending on what it supports, but if you need to force it either way:
idb-keyval/dist/index.js
EcmaScript module.idb-keyval/dist/index.cjs
CommonJS module.Legacy builds:
idb-keyval/dist/compat.js
EcmaScript module, transpiled for older browsers.idb-keyval/dist/compat.cjs
CommonJS module, transpiled for older browsers.idb-keyval/dist/umd.js
UMD module, also transpiled for older browsers.These built versions are also available on jsDelivr, e.g.:
<script src="https://cdn.jsdelivr.net/npm/idb-keyval@6/dist/umd.js"></script>
<!-- Or in modern browsers: -->
<script type="module">
import { get, set } from 'https://cdn.jsdelivr.net/npm/idb-keyval@6/+esm';
</script>
import { set } from 'idb-keyval';
set('hello', 'world');
Since this is IDB-backed, you can store anything structured-clonable (numbers, arrays, objects, dates, blobs etc), although old Edge doesn't support null
. Keys can be numbers, strings, Date
s, (IDB also allows arrays of those values, but IE doesn't support it).
All methods return promises:
import { set } from 'idb-keyval';
set('hello', 'world')
.then(() => console.log('It worked!'))
.catch((err) => console.log('It failed!', err));
import { get } from 'idb-keyval';
// logs: "world"
get('hello').then((val) => console.log(val));
If there is no 'hello' key, then val
will be undefined
.
Set many keyval pairs at once. This is faster than calling set
multiple times.
import { set, setMany } from 'idb-keyval';
// Instead of:
Promise.all([set(123, 456), set('hello', 'world')])
.then(() => console.log('It worked!'))
.catch((err) => console.log('It failed!', err));
// It's faster to do:
setMany([
[123, 456],
['hello', 'world'],
])
.then(() => console.log('It worked!'))
.catch((err) => console.log('It failed!', err));
This operation is also atomic – if one of the pairs can't be added, none will be added.
Get many keys at once. This is faster than calling get
multiple times. Resolves with an array of values.
import { get, getMany } from 'idb-keyval';
// Instead of:
Promise.all([get(123), get('hello')]).then(([firstVal, secondVal]) =>
console.log(firstVal, secondVal),
);
// It's faster to do:
getMany([123, 'hello']).then(([firstVal, secondVal]) =>
console.log(firstVal, secondVal),
);
Transforming a value (eg incrementing a number) using get
and set
is risky, as both get
and set
are async and non-atomic:
// Don't do this:
import { get, set } from 'idb-keyval';
get('counter').then((val) =>
set('counter', (val || 0) + 1);
);
get('counter').then((val) =>
set('counter', (val || 0) + 1);
);
With the above, both get
operations will complete first, each returning undefined
, then each set operation will be setting 1
. You could fix the above by queuing the second get
on the first set
, but that isn't always feasible across multiple pieces of code. Instead:
// Instead:
import { update } from 'idb-keyval';
update('counter', (val) => (val || 0) + 1);
update('counter', (val) => (val || 0) + 1);
This will queue the updates automatically, so the first update
set the counter
to 1
, and the second update
sets it to 2
.
Delete a particular key from the store.
import { del } from 'idb-keyval';
del('hello');
Delete many keys at once. This is faster than calling del
multiple times.
import { del, delMany } from 'idb-keyval';
// Instead of:
Promise.all([del(123), del('hello')])
.then(() => console.log('It worked!'))
.catch((err) => console.log('It failed!', err));
// It's faster to do:
delMany([123, 'hello'])
.then(() => console.log('It worked!'))
.catch((err) => console.log('It failed!', err));
Clear all values in the store.
import { clear } from 'idb-keyval';
clear();
Get all entries in the store. Each entry is an array of [key, value]
.
import { entries } from 'idb-keyval';
// logs: [[123, 456], ['hello', 'world']]
entries().then((entries) => console.log(entries));
Get all keys in the store.
import { keys } from 'idb-keyval';
// logs: [123, 'hello']
keys().then((keys) => console.log(keys));
Get all values in the store.
import { values } from 'idb-keyval';
// logs: [456, 'world']
values().then((values) => console.log(values));
By default, the methods above use an IndexedDB database named keyval-store
and an object store named keyval
. If you want to use something different, see custom stores.
FAQs
A super-simple-small keyval store built on top of IndexedDB
The npm package idb-keyval receives a total of 1,069,003 weekly downloads. As such, idb-keyval popularity was classified as popular.
We found that idb-keyval demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.