Skip to content

Navigation Menu

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

express-rate-limit / express-rate-limit Public

Notifications You must be signed in to change notification settings
Fork 228
Star 3k

Code
Issues 6
Pull requests
Discussions
Actions
Wiki
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Discussions
Actions
Wiki
Security
Insights

Releases: express-rate-limit/express-rate-limit

Releases · express-rate-limit/express-rate-limit

v7.1.1

09 Oct 10:53

This tag was signed with the committer’s verified signature.

gamemaker1 Vedant Kulkarni

GPG key ID: A4C1F2D83F3A9BB9

Learn about vigilant mode.

This commit was signed with the committer’s verified signature.

gamemaker1 Vedant Kulkarni

GPG key ID: A4C1F2D83F3A9BB9

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v7.1.1

Misc

Enabled provenance statement generation, see https://github.com/express-rate-limit/express-rate-limit#406.

You can view the full changelog here.

Assets 3

Loading

lorand-horvath and sholayman99 reacted with thumbs up emoji

All reactions

👍 2 reactions

2 people reacted

v7.1.0

04 Oct 14:20

Compare

Choose a tag to compare

Loading

v7.1.0

Changed

The getKey method is now always defined. If the store does not have the
required get method, getKey will throw an error explaining this.

You can view the full changelog here.

Assets 3

Loading

sholayman99 reacted with thumbs up emoji

All reactions

👍 1 reaction

1 person reacted

v7.0.2

26 Sep 19:50

Compare

Choose a tag to compare

Loading

v7.0.2

Added

Added cluster-memory-store to the readme and made a couple of other minor
clarifications.

You can view the full changelog here.

Assets 3

Loading

lorand-horvath, assoft, and pedrobits reacted with thumbs up emoji

All reactions

👍 3 reactions

3 people reacted

v7.0.1

16 Sep 07:50

This tag was signed with the committer’s verified signature.

gamemaker1 Vedant Kulkarni

GPG key ID: A4C1F2D83F3A9BB9

Learn about vigilant mode.

This commit was signed with the committer’s verified signature.

gamemaker1 Vedant Kulkarni

GPG key ID: A4C1F2D83F3A9BB9

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v7.0.1

Added

Added rate-limit-postgresql to the stores list in the readme.

You can view the full changelog here.

Assets 3

Loading

lorand-horvath reacted with thumbs up emoji

All reactions

👍 1 reaction

1 person reacted

v7.0.0

12 Sep 16:25

This tag was signed with the committer’s verified signature.

gamemaker1 Vedant Kulkarni

GPG key ID: A4C1F2D83F3A9BB9

Learn about vigilant mode.

This commit was signed with the committer’s verified signature.

gamemaker1 Vedant Kulkarni

GPG key ID: A4C1F2D83F3A9BB9

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v7.0.0

Breaking

Changed behavior when max is set to 0:
- Previously, max: 0 was treated as a 'disable' flag and would allow all requests through.
- Starting with v7, all requests will be blocked when max is set to 0.
- To replicate the old behavior, use the skip function instead.
Renamed req.rateLimit.current to req.rateLimit.used.
- current is now a hidden getter that will return the used value, but it will not appear when iterating over the keys or calling JSON.stringify().
Changed the minimum required Node version from v14 to v16.
- express-rate-limit now targets es2022 in TypeScript/ESBuild.
Bumped TypeScript from v4 to v5 and dts-bundle-generator from v7 to v8.

Deprecated

Removed the draft_polli_ratelimit_headers option (it was deprecated in v6).
- Use standardHeaders: 'draft-6' instead.
Removed the onLimitReached option (it was deprecated in v6).
- This is an example of how to replicate it's behavior with a custom handler option.

Changed

The MemoryStore now uses precise, per-user reset times rather than a global window that resets all users at once.
The limit configuration option is now prefered to max.
- It still shows the same behavior, and max is still supported. The change was made to better align with terminology used in the IETF standard drafts.

Added

The validate config option can now be an object with keys to enable or disable specific validation checks. For more information, see this.

Assets 3

Loading

lorand-horvath and Ivan-Perez reacted with thumbs up emoji

All reactions

👍 2 reactions

2 people reacted

v6.11.2

12 Sep 02:02

Compare

Choose a tag to compare

Loading

v6.11.2

Fixed

Restored IncrementResponse TypeScript type (See #397)

Assets 3

Loading

lorand-horvath reacted with thumbs up emoji

All reactions

👍 1 reaction

1 person reacted

v6.11.1

10 Sep 17:10

This commit was signed with the committer’s verified signature.

gamemaker1 Vedant Kulkarni

GPG key ID: A4C1F2D83F3A9BB9

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v6.11.1

Fixed

Check for prefixed keys when validating that the stores have single counted keys (See #395).

Assets 3

Loading

All reactions

v6.11.0

06 Sep 13:55

This commit was signed with the committer’s verified signature.

gamemaker1 Vedant Kulkarni

GPG key ID: A4C1F2D83F3A9BB9

Learn about vigilant mode.

Compare

Choose a tag to compare

Loading

v6.11.0

Added

Support for retrieving the current hit count and reset time for a given key from a store (See #390).

Assets 3

Loading

lorand-horvath reacted with thumbs up emoji

All reactions

👍 1 reaction

1 person reacted

v6.10.0

30 Aug 23:32

Compare

Choose a tag to compare

Loading

v6.10.0

Added

Support for combined RateLimit header from the RateLimit header fields for HTTP standardization draft adopted by the IETF. Enable by setting standardHeaders: 'draft-7'
New standardHeaders: 'draft-6' option, treated equivalent to standardHeaders: true from previous releases. (true and false are still supported.)
New RateLimit-Policy header added when standardHeaders is set to 'draft-6', 'draft-7', or true
Warning when using deprecated draft_polli_ratelimit_headers option
Warning when using deprecated onLimitReached option
Warning when totalHits value returned from Store is invalid

Assets 3

Loading

All reactions

v6.9.0

06 Aug 03:36

Compare

Choose a tag to compare

Loading

v6.9.0

Added

New validaion check for double-counted requests
Added help link to each ValidationError, directing users to the appropriate wiki page for more info

Changed

Miscaleanous documenation improvements

You can view the full changelog here.

Assets 3

Loading

renatocfrancisco reacted with thumbs up emoji

Zorono and CS6 reacted with rocket emoji

All reactions

👍 1 reaction
🚀 2 reactions

3 people reacted

Previous 1 2 3 4 Next

Footer

© 2025 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.