mono - fix: updating codecov badge

[jaredwray]

Please check if the PR fulfills these requirements

• Followed the Contributing guidelines and Code of Conduct
• Tests for the changes have been added (for bug fixes/features) with 100% code coverage.

What kind of change does this PR introduce? (Bug fix, feature, docs update, ...)
mono - fix: updating codecov badge

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on two main areas: updating Codecov badges in various README.md files to reflect the correct branch for coverage reporting, and refining the Time-To-Live (TTL) handling within the node-cache package. The changes to node-cache ensure that negative TTL values are processed by storing the item with an immediate expiration, rather than outright rejection, providing a more consistent and predictable caching mechanism.

Highlights

• Codecov Badge Updates: Updated Codecov badge URLs across all README.md files to ensure they correctly link to the repository's coverage graph on the main branch.
• NodeCache Negative TTL Behavior: Modified the set and ttl methods in the node-cache package to no longer reject negative Time-To-Live (TTL) values. Instead, items with negative TTLs are now stored with an immediate expiration timestamp, causing them to expire and be removed upon the next access.
• NodeCache mset Method Update: The mset method in node-cache now consistently returns true, as its internal calls to set no longer return false for items with negative TTLs. This aligns with the new behavior where negative TTL items are stored but immediately expire.
• Documentation and Test Alignment: Updated JSDoc comments for set, mset, and ttl methods in node-cache to clearly describe the new TTL behavior, and corresponding test cases were adjusted to validate these changes.

Changelog

• README.md
  • Updated Codecov badge URL to include /branch/main.
• packages/cache-manager/README.md
  • Updated Codecov badge URL to include /branch/main.
• packages/cacheable-request/README.md
  • Updated Codecov badge URL to include /branch/main.
• packages/cacheable/README.md
  • Updated Codecov badge URL to include /branch/main.
• packages/file-entry-cache/README.md
  • Updated Codecov badge URL to include /branch/main.
• packages/flat-cache/README.md
  • Updated Codecov badge URL to include /branch/main.
• packages/memory/README.md
  • Updated Codecov badge URL to include /branch/main.
• packages/net/README.md
  • Updated Codecov badge URL to include /branch/main.
• packages/node-cache/README.md
  • Updated Codecov badge URL to include /branch/main.
• packages/node-cache/src/index.ts
  • Updated JSDoc for set method to detail TTL behavior, including negative, zero, and string-based TTLs.
  • Modified set method logic to store items with negative TTLs with an immediate expiration timestamp instead of rejecting them.
  • Updated JSDoc for mset method to clarify TTL behavior for individual items.
  • Simplified mset method to always return true and removed the conditional success flag, as set no longer fails for negative TTLs.
  • Updated JSDoc for ttl method to detail TTL behavior and modified its logic to set an immediate expiration timestamp for negative TTLs.
• packages/node-cache/test/index.test.ts
  • Updated mset test case to assert true for negative TTLs and verify immediate expiration on access.
  • Updated set test case for negative TTLs to assert true and verify immediate expiration on access.
  • Updated ttl test case for negative TTLs to assert true and verify immediate expiration on access.
  • Updated test cases for negative TTLs passed as numeric strings in set and ttl to assert true and verify immediate expiration.
• packages/utils/README.md
  • Updated Codecov badge URL to include /branch/main.

Activity

• The author jaredwray initiated this pull request.
• The pull request includes updates to Codecov badges in multiple README.md files.
• Significant changes were made to the node-cache package, specifically altering how negative TTL values are handled in set, mset, and ttl methods.
• Documentation for the node-cache methods was updated to reflect the new TTL behavior.
• Existing test cases for node-cache were modified to align with the updated negative TTL logic, ensuring correct functionality.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request updates Codecov badge URLs and introduces support for negative TTL values in packages/node-cache to align with the original node-cache library's behavior. A critical security vulnerability has been identified where very large negative TTL values can lead to non-positive expiration timestamps, causing cache entries to be incorrectly treated as 'unlimited' and never expiring, thus bypassing intended security and cache management. It is recommended to ensure negative TTLs always result in a minimal positive timestamp (e.g., 1) or update the expiration check logic. Additionally, API documentation should be improved by adding @throws tags to JSDocs for methods that can throw errors, and a minor inconsistency in error handling needs to be addressed.

[gemini-code-assist]

The PR introduces support for negative TTL values, which are intended to make cache entries expire immediately. However, the implementation calculates the expiration timestamp by adding the negative TTL to the current time. If the negative TTL is large enough (e.g., less than -54 years), the resulting timestamp becomes zero or negative. Since the cache's expiration logic (in get and checkData) only triggers if the TTL is greater than zero, these entries will be treated as "unlimited" and never expire. This bypasses the intended immediate expiration and can lead to unexpected persistence of data or memory exhaustion if TTLs are influenced by external input.

expirationTimestamp = Math.max(1, this.getExpirationTimestamp(typeof ttl === "string" ? Number(ttl) : (ttl as number)));

[gemini-code-assist]

Similar to the set method, the ttl method calculates the expiration timestamp for negative TTLs by adding the negative value to the current time. If the resulting timestamp is zero or negative, the entry will be treated as "unlimited" (never expiring) because the expiration check logic only triggers for TTL values greater than zero. This breaks the intended behavior of immediate expiration for negative TTLs.

result.ttl = Math.max(1, this.getExpirationTimestamp(typeof ttl === "string" ? Number(ttl) : (ttl as number)));

[gemini-code-assist]

The JSDoc for the set method is very detailed, which is great. However, it doesn't mention that the method can throw an error. To improve the API documentation, it's good practice to document potential exceptions using the @throws tag.

 * @returns {boolean} true on success
	 * @throws {Error} If the key or TTL is of an invalid type, or if the cache is full (`maxKeys` is reached).
	 */

[gemini-code-assist]

Similar to the set method, mset can throw errors (e.g., if the input is not an array, or if an underlying set call fails). It would be helpful to document these potential exceptions in the JSDoc for better API clarity.

 * @returns {boolean} true on success
	 * @throws {Error} If the `data` argument is not an array, or if any underlying `set` operation fails.
	 */

[gemini-code-assist]

For consistency with the set method, the ttl method should also validate the ttl argument's type and throw an error if it's invalid. This behavior should then be documented with a @throws tag in the JSDoc.

 * @param {number | string} [ttl] TTL in seconds. 0 = unlimited, negative = expires immediately, string = shorthand format
	 * @returns {boolean} true if the key has been found and changed. Otherwise returns false.
	 * @throws {Error} If the `ttl` is of an invalid type.
	 */

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: d685dc590d

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Clamp extreme negative TTLs to an expired positive timestamp

In set(), negative TTLs are passed directly to getExpirationTimestamp(), which can yield ttl <= 0 for inputs like Number.NEGATIVE_INFINITY (or very large-magnitude negative numbers). Because get() and checkData() only expire entries when ttl > 0, those keys become effectively non-expiring instead of "immediately expired" as documented, so stale entries can persist indefinitely; the same pattern is mirrored in ttl().

Useful? React with 👍 / 👎.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (a7af48a) to head (d685dc5).

Additional details and impacted files

@@            Coverage Diff            @@
##              main     #1592   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           26        26           
  Lines         2473      2473           
  Branches       558       558           
=========================================
  Hits          2473      2473           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.