Bump rate-limiter-flexible from 9.1.1 to 10.0.1

[dependabot]

Bumps rate-limiter-flexible from 9.1.1 to 10.0.1.

Release notes

Sourced from rate-limiter-flexible's releases.

AI docs fix

Full Changelog: animir/node-rate-limiter-flexible@v10.0.0...v10.0.1

Require points and duration opts

What's Changed

[BREAKING CHANGES]

• Require points and duration options by @​animir in animir/node-rate-limiter-flexible#354

  No default values are set for points and duration options starting from v10. Negative points will not be replaced by default points value 4. Validation rules apply.

  Error is thrown during limiter creation if points or duration is invalid:

  1. points must be number.

     Any limiter accepts negative points as valid option starting from v10. If you migrate from older version, be careful: If in your code points option is set to negative value and that works for your project now then you should review the logic in your project. After update to version 10, negative points value will not be replaced by 4 by default as it was prior to version 10.

     When your limiter has negative or zero points consume method call is always rejected since there is always not enough points to consume. You can set points to negative and play with reward and consume calls, that could be useful sometimes.

  2. duration must be non-negative number >= 0. Error is thrown during limiter creation if duration option has invalid value.

  Requiring points and duration seems logical for security package. We don't want our apps working not as we expect even if there is no security threat. This update removes uncertaincy about negative duration and zero points.

[OTHER UPDATES]

• Faster memory limiter and block mechanism by @​animir in animir/node-rate-limiter-flexible#355

  Internal memory storage implementation refactored for Map with timestamps instead of Date objects.

  Memory limiter is faster on 10-15% now on high traffic with diverse keys. Tests show performance improvement from 2569948 ops/sec to 2885688 ops/sec on my laptop.

Full Changelog: animir/node-rate-limiter-flexible@v9.1.1...v10.0.0

🐚

Commits

• f5b0877 10.0.1
• 10db306 update ai docs
• a8ec56d add ai context and skill
• 40e693d 10.0.0
• 890f35a fix typos in readme
• fe6b271 Merge pull request #355 from animir/faster-memory-and-blocks
• 6a011b3 Merge pull request #354 from animir/allow-negative-points
• 7bde317 simplify blocked keys logic
• c615535 Merge remote-tracking branch 'origin/faster-memory-and-blocks' into faster-me...
• b8e90b0 fix tests
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)