chore(deps): bump @isaacs/ttlcache from 1.4.1 to 2.0.0

[dependabot]

Bumps @isaacs/ttlcache from 1.4.1 to 2.0.0.

Changelog

Sourced from @​isaacs/ttlcache's changelog.

2.0

• refactor as hybrid typescript module (changes export)
• Blue Oak license

1.4

• add checkAgeOnGet option
• Guard against expiration list going missing

1.3.0

• make cache.cancelTimer a public method
• Reduce memory usage by only creating one timer

1.2

• Add support for immortality
• ensure dispose() only happens after full removal
• Clear timeouts so we don't rely on only unref()
• fix error when deleting immortal entries

1.1

• Add setTTL(key, ttl)
• avoid off-by-1ms purge failures

1.0

• Initial release

Commits

• 6f369f0 2.0.0
• 6f9032b BlueOak License
• 3405a62 BlueOak License
• 56655fe add changelog
• 653217f refactor as hybrid typescript module
• 2f17fb2 update workflows
• b6002f9 remove FUNDING.yml (coming from .github repo now)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Overall package size

Self size: 13.13 MB
Deduped: 115.98 MB
No deduping: 118.19 MB

Dependency sizes

| name | version | self size | total size | |------|---------|-----------|------------| | @datadog/libdatadog | 0.7.0 | 35.02 MB | 35.02 MB | | @datadog/native-appsec | 10.3.0 | 20.73 MB | 20.74 MB | | @datadog/native-iast-taint-tracking | 4.0.0 | 11.72 MB | 11.73 MB | | @datadog/pprof | 5.11.1 | 9.96 MB | 10.34 MB | | @opentelemetry/core | 1.30.1 | 908.66 kB | 7.16 MB | | protobufjs | 7.5.4 | 2.95 MB | 5.82 MB | | @datadog/wasm-js-rewriter | 4.0.1 | 2.85 MB | 3.58 MB | | @opentelemetry/resources | 1.9.1 | 306.54 kB | 1.74 MB | | @datadog/native-metrics | 3.1.1 | 1.02 MB | 1.43 MB | | @opentelemetry/api-logs | 0.207.0 | 201.39 kB | 1.42 MB | | @opentelemetry/api | 1.9.0 | 1.22 MB | 1.22 MB | | jsonpath-plus | 10.3.0 | 617.18 kB | 1.08 MB | | import-in-the-middle | 1.15.0 | 127.66 kB | 856.24 kB | | lru-cache | 10.4.3 | 804.3 kB | 804.3 kB | | @datadog/openfeature-node-server | 0.1.0-preview.12 | 95.11 kB | 401.68 kB | | opentracing | 0.14.7 | 194.81 kB | 194.81 kB | | source-map | 0.7.6 | 185.63 kB | 185.63 kB | | pprof-format | 2.2.1 | 163.06 kB | 163.06 kB | | @datadog/sketches-js | 2.1.1 | 109.9 kB | 109.9 kB | | @isaacs/ttlcache | 2.0.0 | 78.68 kB | 78.68 kB | | lodash.sortby | 4.7.0 | 75.76 kB | 75.76 kB | | ignore | 7.0.5 | 63.38 kB | 63.38 kB | | istanbul-lib-coverage | 3.2.2 | 34.37 kB | 34.37 kB | | rfdc | 1.4.1 | 27.15 kB | 27.15 kB | | dc-polyfill | 0.1.10 | 26.73 kB | 26.73 kB | | tlhunter-sorted-set | 0.1.0 | 24.94 kB | 24.94 kB | | shell-quote | 1.8.3 | 23.74 kB | 23.74 kB | | limiter | 1.1.5 | 23.17 kB | 23.17 kB | | retry | 0.13.1 | 18.85 kB | 18.85 kB | | semifies | 1.0.0 | 15.84 kB | 15.84 kB | | jest-docblock | 29.7.0 | 8.99 kB | 12.76 kB | | crypto-randomuuid | 1.0.0 | 11.18 kB | 11.18 kB | | ttl-set | 1.0.0 | 4.61 kB | 9.69 kB | | mutexify | 1.4.0 | 5.71 kB | 8.74 kB | | path-to-regexp | 0.1.12 | 6.6 kB | 6.6 kB | | module-details-from-path | 1.0.4 | 3.96 kB | 3.96 kB |

_{🤖 This report was automatically generated by heaviest-objects-in-the-universe}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 75.83%. Comparing base (def5b56) to head (440ed2a).
⚠️ Report is 2 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #6748      +/-   ##
==========================================
- Coverage   84.06%   75.83%   -8.23%     
==========================================
  Files         506      504       -2     
  Lines       21211    21081     -130     
==========================================
- Hits        17830    15987    -1843     
- Misses       3381     5094    +1713     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[datadog-official]

⚠️ Tests

⚠️ Warnings

🧪 3139 Tests failed

tests.appsec.api_security.test_apisec_sampling.Test_API_Security_Sampling_Different_Endpoints.test_sampling_delay[express4] from system_tests_suite (Datadog)

assert None is not None

self = <tests.appsec.api_security.test_apisec_sampling.Test_API_Security_Sampling_Different_Endpoints object at 0x7fbfe2e3a8d0>

    def test_sampling_delay(self):
        assert self.request1.status_code == 200
        schema1 = get_schema(self.request1, "req.headers")
>       assert schema1 is not None
E       assert None is not None

...

tests.appsec.api_security.test_apisec_sampling.Test_API_Security_Sampling_Different_Endpoints.test_sampling_delay[express4-typescript] from system_tests_suite (Datadog)

assert None is not None

self = <tests.appsec.api_security.test_apisec_sampling.Test_API_Security_Sampling_Different_Endpoints object at 0x7faad446bfb0>

    def test_sampling_delay(self):
        assert self.request1.status_code == 200
        schema1 = get_schema(self.request1, "req.headers")
>       assert schema1 is not None
E       assert None is not None

...

tests.appsec.api_security.test_apisec_sampling.Test_API_Security_Sampling_Different_Endpoints.test_sampling_delay[express5] from system_tests_suite (Datadog)

assert None is not None

self = <tests.appsec.api_security.test_apisec_sampling.Test_API_Security_Sampling_Different_Endpoints object at 0x7f7c44cedd90>

    def test_sampling_delay(self):
        assert self.request1.status_code == 200
        schema1 = get_schema(self.request1, "req.headers")
>       assert schema1 is not None
E       assert None is not None

...

View all

ℹ️ Info

❄️ No new flaky tests detected

_{This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 440ed2a | Docs | Was this helpful? Give us feedback!}

[pr-commenter]

Benchmarks

Benchmark execution time: 2025-10-27 00:48:01

Comparing candidate commit 440ed2a in PR branch dependabot/npm_and_yarn/isaacs/ttlcache-2.0.0 with baseline commit def5b56 in branch master.

Found 24 performance improvements and 0 performance regressions! Performance is the same for 1580 metrics, 66 unstable metrics.

scenario:appsec-appsec-enabled-18

• 🟩 cpu_user_time [-55.163ms; -49.809ms] or [-10.864%; -9.810%]
• 🟩 execution_time [-51.564ms; -46.384ms] or [-8.756%; -7.877%]
• 🟩 instructions [-121.9M instructions; -119.8M instructions] or [-8.757%; -8.606%]

scenario:appsec-appsec-enabled-20

• 🟩 cpu_user_time [-58.544ms; -54.132ms] or [-13.642%; -12.614%]
• 🟩 execution_time [-57.244ms; -53.866ms] or [-11.675%; -10.986%]
• 🟩 instructions [-106.9M instructions; -104.9M instructions] or [-8.763%; -8.596%]

scenario:appsec-appsec-enabled-22

• 🟩 cpu_user_time [-46.861ms; -41.853ms] or [-12.007%; -10.724%]
• 🟩 execution_time [-44.746ms; -40.680ms] or [-9.650%; -8.774%]
• 🟩 instructions [-108.8M instructions; -107.2M instructions] or [-8.980%; -8.846%]

scenario:appsec-appsec-enabled-24

• 🟩 cpu_user_time [-45.895ms; -40.283ms] or [-11.684%; -10.255%]
• 🟩 execution_time [-43.518ms; -38.971ms] or [-9.207%; -8.245%]
• 🟩 instructions [-99.9M instructions; -97.6M instructions] or [-8.646%; -8.447%]

scenario:appsec-appsec-enabled-with-attacks-18

• 🟩 cpu_user_time [-87.247ms; -82.035ms] or [-15.880%; -14.931%]
• 🟩 execution_time [-88.404ms; -82.343ms] or [-13.946%; -12.990%]
• 🟩 instructions [-193.8M instructions; -191.3M instructions] or [-13.173%; -13.002%]

scenario:appsec-appsec-enabled-with-attacks-20

• 🟩 cpu_user_time [-79.300ms; -74.662ms] or [-17.496%; -16.472%]
• 🟩 execution_time [-77.828ms; -73.991ms] or [-15.110%; -14.365%]
• 🟩 instructions [-178.1M instructions; -176.3M instructions] or [-13.704%; -13.568%]

scenario:appsec-appsec-enabled-with-attacks-22

• 🟩 cpu_user_time [-71.450ms; -66.748ms] or [-17.034%; -15.913%]
• 🟩 execution_time [-70.295ms; -65.687ms] or [-14.251%; -13.317%]
• 🟩 instructions [-168.7M instructions; -166.5M instructions] or [-13.186%; -13.011%]

scenario:appsec-appsec-enabled-with-attacks-24

• 🟩 cpu_user_time [-67.058ms; -61.626ms] or [-16.037%; -14.738%]
• 🟩 execution_time [-65.837ms; -60.955ms] or [-13.213%; -12.233%]
• 🟩 instructions [-162.4M instructions; -160.1M instructions] or [-13.297%; -13.111%]