Use object for options instead

timokoessler · timokoessler · commit c53921d1e20e · 2025-08-27T16:34:23.000+02:00
diff --git a/library/vulnerabilities/attack-wave-detection/AttackWaveDetector.test.ts b/library/vulnerabilities/attack-wave-detection/AttackWaveDetector.test.ts
@@ -25,7 +25,12 @@ function getTestContext(
 }
 
 function newAttackWaveDetector() {
-  return new AttackWaveDetector(6, 60 * 1000, 60 * 60 * 1000, 10_000);
+  return new AttackWaveDetector({
+    attackWaveThreshold: 6,
+    attackWaveTimeFrame: 60 * 1000,
+    minTimeBetweenEvents: 60 * 60 * 1000,
+    maxLRUEntries: 10_000,
+  });
 }
 
 t.test("no ip address", async (t) => {
diff --git a/library/vulnerabilities/attack-wave-detection/AttackWaveDetector.ts b/library/vulnerabilities/attack-wave-detection/AttackWaveDetector.ts
@@ -6,16 +6,28 @@ export class AttackWaveDetector {
   private suspiciousRequestsMap: LRUMap<string, number>;
   private sentEventsMap: LRUMap<string, number>;
 
+  // How many suspicious requests are allowed before triggering an alert
+  private readonly attackWaveThreshold: number;
+  // In what time frame must these requests occur
+  private readonly attackWaveTimeFrame: number;
+  // Minimum time before reporting a new event for the same ip
+  private readonly minTimeBetweenEvents: number;
+  // Maximum number of entries in the LRU cache
+  private readonly maxLRUEntries: number;
+
   constructor(
-    // How many suspicious requests are allowed before triggering an alert
-    private readonly attackWaveThreshold = 6,
-    // In what time frame must these requests occur
-    private readonly attackWaveTimeFrame = 60 * 1000, // 60 seconds
-    // Minimum time before reporting a new event for the same ip
-    private readonly minTimeBetweenEvents = 60 * 60 * 1000, // 1 hour
-    // Maximum number of entries in the LRU cache
-    private readonly maxLRUEntries = 10_000
+    options: {
+      attackWaveThreshold?: number;
+      attackWaveTimeFrame?: number;
+      minTimeBetweenEvents?: number;
+      maxLRUEntries?: number;
+    } = {}
   ) {
+    this.attackWaveThreshold = options.attackWaveThreshold ?? 6; // Default: 6 requests
+    this.attackWaveTimeFrame = options.attackWaveTimeFrame ?? 60 * 1000; // Default: 1 minute
+    this.minTimeBetweenEvents = options.minTimeBetweenEvents ?? 60 * 60 * 1000; // Default: 1 hour
+    this.maxLRUEntries = options.maxLRUEntries ?? 10_000; // Default: 10,000 entries
+
     this.suspiciousRequestsMap = new LRUMap(
       this.maxLRUEntries,
       this.attackWaveTimeFrame

Original file line number	Diff line number	Diff line change
`@@ -25,7 +25,12 @@ function getTestContext(`
`25`	`25`	`}`
`26`	`26`
`27`	`27`	`function newAttackWaveDetector() {`
`28`		`- return new AttackWaveDetector(6, 60 * 1000, 60 * 60 * 1000, 10_000);`
	`28`	`+ return new AttackWaveDetector({`
	`29`	`+ attackWaveThreshold: 6,`
	`30`	`+ attackWaveTimeFrame: 60 * 1000,`
	`31`	`+ minTimeBetweenEvents: 60 * 60 * 1000,`
	`32`	`+ maxLRUEntries: 10_000,`
	`33`	`+ });`
`29`	`34`	`}`
`30`	`35`
`31`	`36`	`t.test("no ip address", async (t) => {`