Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
The tiny-lru npm package is a lightweight, in-memory Least Recently Used (LRU) cache. It is designed to be simple and efficient, making it suitable for use in environments where memory usage and performance are critical.
Creating an LRU Cache
This feature allows you to create an LRU cache with a specified maximum size. The cache will automatically evict the least recently used items when the size limit is reached.
const LRU = require('tiny-lru');
const cache = LRU(100); // Create a cache with a max size of 100 items
Setting and Getting Cache Items
You can store items in the cache using the `set` method and retrieve them using the `get` method. If the item is not found, `get` will return `undefined`.
cache.set('key', 'value');
const value = cache.get('key'); // 'value'
Deleting Cache Items
This feature allows you to delete specific items from the cache using the `delete` method.
cache.set('key', 'value');
cache.delete('key');
const value = cache.get('key'); // undefined
Clearing the Cache
You can clear all items from the cache using the `clear` method, which removes all entries.
cache.set('key1', 'value1');
cache.set('key2', 'value2');
cache.clear();
const value1 = cache.get('key1'); // undefined
const value2 = cache.get('key2'); // undefined
Cache Size and Item Count
This feature allows you to check the current number of items in the cache using the `size` property.
cache.set('key1', 'value1');
cache.set('key2', 'value2');
const size = cache.size; // 2
The lru-cache package is another popular LRU cache implementation for Node.js. It offers more features and configuration options compared to tiny-lru, such as time-to-live (TTL) settings for cache entries and more detailed cache statistics.
The quick-lru package is a minimalist LRU cache implementation that focuses on performance and simplicity. It is similar to tiny-lru in terms of its lightweight nature but offers a slightly different API.
The node-cache package provides a simple and efficient in-memory caching solution with support for TTL and other advanced features. It is more feature-rich compared to tiny-lru, making it suitable for more complex caching needs.
Least Recently Used cache for Client or Server.
import {lru} from "tiny-lru";
const cache = lru(max, ttl = 0, resetTtl = false);
import {LRU} from "tiny-lru";
const cache = new LRU(max, ttl = 0, resetTtl = false);
import {LRU} from "tiny-lru";
class MyCache extends LRU {}
Lodash provides a memoize
function with a cache that can be swapped out as long as it implements the right interface.
See the lodash docs for more on memoize
.
_.memoize.Cache = lru().constructor;
const memoized = _.memoize(myFunc);
memoized.cache.max = 10;
Tiny-LRU has 100% code coverage with its tests.
--------------|---------|----------|---------|---------|-------------------
File | % Stmts | % Branch | % Funcs | % Lines | Uncovered Line #s
--------------|---------|----------|---------|---------|-------------------
All files | 100 | 91.54 | 100 | 100 |
tiny-lru.cjs | 100 | 91.54 | 100 | 100 | 11-31,150,184
--------------|---------|----------|---------|---------|-------------------
Item in "first" or "bottom" position; default is null
Example
const cache = lru();
cache.first; // null - it's a new cache!
Item in "last" or "top" position; default is null
Example
const cache = lru();
cache.last; // null - it's a new cache!
Max items to hold in cache; default is 1000
Example
const cache = lru(500);
cache.max; // 500
Resets item.expiry
with each set()
if true
; default is false
Example
const cache = lru(500, 5*6e4, true);
cache.resetTtl; // true
Number of items in cache
Example
const cache = lru();
cache.size; // 0 - it's a new cache!
Milliseconds an item will remain in cache; lazy expiration upon next get()
of an item
Example
const cache = lru(100, 3e4);
cache.ttl; // 30000;
Clears the contents of the cache
return {Object} LRU instance
Example
cache.clear();
Removes item from cache
param {String} key Item key
return {Object} LRU instance
Example
cache.delete("myKey");
Returns an Array
cache items
param {Array} keys (Optional) Cache item keys to get, defaults to `this.keys()` if not provided
return {Object} LRU instance
Example
cache.entries(['myKey1', 'myKey2']);
Evicts the least recently used item from cache
return {Object} LRU instance
Example
cache.evict();
Gets expiration time for cached item
param {String} key Item key
return {Mixed} Undefined or number (epoch time)
Example
const item = cache.expiresAt("myKey");
Gets cached item and moves it to the front
param {String} key Item key
return {Mixed} Undefined or Item value
Example
const item = cache.get("myKey");
Returns a Boolean
indicating if key
is in cache
return {Object} LRU instance
Example
cache.has('myKey');
Returns an Array
of cache item keys (first
to last
)
return {Array} Array of keys
Example
console.log(cache.keys());
Sets item in cache as first
param {String} key Item key
param {Mixed} value Item value
return {Object} LRU instance
Example
cache.set("myKey", {prop: true});
Returns an Array
cache items
param {Array} keys (Optional) Cache item keys to get
return {Array} Cache items
Example
cache.values(['abc', 'def']);
Copyright (c) 2024 Jason Mulligan Licensed under the BSD-3 license.
FAQs
Tiny LRU cache for Client or Server
The npm package tiny-lru receives a total of 988,711 weekly downloads. As such, tiny-lru popularity was classified as popular.
We found that tiny-lru demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.