npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

token-bucket.ts

v1.1.0

Published

A simple, lightweight token bucket rate limiter for TypeScript/JavaScript.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

beenotungbeenotung

Keywords

token-bucketrate-limitrate-limiterthrottlethrottlingapi-limitcooldowntypescript

Readme

token-bucket.ts

A simple, lightweight token bucket rate limiter for TypeScript/JavaScript.

npm Package Version Minified Package Size Minified and Gzipped Package Size

Features

  • Zero dependencies
  • Continuous refill (lazy evaluation, no timers)
  • Per-key buckets (rate limit by IP, user ID, etc.)
  • Optional cooldown (minimum time between consumes)
  • TypeScript with full type definitions
  • Works in Node.js and browsers

Installation

npm install token-bucket.ts

You can also install with pnpm, yarn, or slnpm

Usage

import { TokenBucket } from 'token-bucket.ts'

// Create a bucket: 5 tokens capacity, refill 1 token per second
let bucket = new TokenBucket({
  capacity: 5, // max number of token for each key
  initial: 3, // can be different from capacity
  interval: 1000, // ms, refill interval for each token
  cooldown: 1000, // ms, minimum time between successful consumes,
})

// Consume a token
let { wait_time } = bucket.consume('user:123')
if (wait_time > 0) {
  // Rate limited - wait_time ms until a token is available
  throw new Error(`Rate limited. Try again in ${Math.ceil(wait_time / 1000)}s`)
}

// Check without consuming
let result = bucket.check('user:123')

// Consume multiple tokens
bucket.consume('user:123', 3)

// Reset a specific key, you don't need to reset it manually, but you can
bucket.reset('user:123')

// Reset all keys
bucket.reset_all()

// Get number of tracked buckets
console.log(bucket.size)

// Remove fully-recovered buckets to free memory
bucket.prune()

API

new TokenBucket(options)

| Option | Type | Default | Description | | ---------- | ------ | -------- | --------------------------------------------- | | capacity | number | required | Maximum tokens in bucket | | interval | number | required | Refill interval in milliseconds | | refill | number | 1 | Tokens to add per interval | | initial | number | capacity | Starting tokens for new buckets | | cooldown | number | 0 | Minimum time (ms) between successful consumes |

Methods

| Method | Description | | ----------------------- | ---------------------------------------------------------------------------------------------------- | | check(key, amount?) | Check if tokens available (doesn't consume). amount defaults to 1, can be 0 to check only cooldown | | consume(key, amount?) | Consume tokens if available. amount defaults to 1, must be > 0 | | reset(key) | Reset a specific key's bucket | | reset_all() | Reset all buckets | | prune() | Remove fully-recovered buckets. Returns number removed. Only works when initial >= capacity | | size | Get number of tracked buckets |

Key Type

Keys can be string or number. Numbers are converted to strings internally, so 123 and '123' refer to the same bucket.

Return Value

{
  wait_time: number
} // 0 = allowed, >0 = wait this many ms

Validation

Both check and consume throw errors for invalid amounts:

  • amount must be a number - NaN provided
  • amount must be >= 0 (check) or amount must be > 0 (consume)
  • amount must be <= capacity - Cannot request more than bucket capacity

Examples

API Rate Limiting

let apiLimit = new TokenBucket({ capacity: 60, interval: 1000 })

function handleRequest(ip: string) {
  let { wait_time } = apiLimit.consume(ip)
  if (wait_time > 0) {
    return { status: 429, message: 'Too many requests' }
  }
  // Process request...
}

SMS Verification with Cooldown

let smsLimit = new TokenBucket({
  capacity: 5, // Allow burst of 5
  interval: 60000, // Refill 1 per minute
  cooldown: 60000, // Minimum 60s between sends
})

function sendSMS(phone: string) {
  let { wait_time } = smsLimit.consume(phone)
  if (wait_time > 0) {
    throw new Error(`Please wait ${Math.ceil(wait_time / 1000)} seconds`)
  }
  // Send SMS...
}

Gradual Trust (Lower Initial Tokens)

let newUserLimit = new TokenBucket({
  capacity: 10,
  interval: 1000,
  initial: 3, // New users start with fewer tokens
})

License

This project is licensed with BSD-2-Clause

This is free, libre, and open-source software. It comes down to four essential freedoms [ref]:

  • The freedom to run the program as you wish, for any purpose
  • The freedom to study how the program works, and change it so it does your computing as you wish
  • The freedom to redistribute copies so you can help others
  • The freedom to distribute copies of your modified versions to others