{"library":"express-session","type":"library","category":null,"description":"express-session is a robust and widely-used session middleware for Express.js applications, currently stable at version 1.19.0. It provides server-side session storage, managing session IDs via cookies while keeping the actual session data on the server, which is a key security differentiator compared to client-side cookie storage. While the core package offers a default `MemoryStore` for development and debugging, it explicitly warns against its use in production due to memory leak risks and lack of scalability, promoting a rich ecosystem of compatible external session stores. The project maintains a steady release cadence, with recent updates focusing on features like dynamic cookie options, improved security tooling, and dependency updates, ensuring ongoing compatibility and enhancements for Node.js environments (supporting Node.js >= 0.8.0). It has evolved to directly manage session cookies, making the `cookie-parser` middleware optional and recommending careful use if both are present to avoid secret mismatches.","language":"javascript","status":"active","version":"1.19.0","tags":["javascript"],"last_verified":"Wed May 27","install":[{"cmd":"npm install express-session","imports":["import session from 'express-session'","const session = require('express-session')","import { Store } from 'express-session'; // For type hinting custom stores"]},{"cmd":"yarn add express-session","imports":[]},{"cmd":"pnpm add express-session","imports":[]}],"homepage":null,"github":"https://github.com/expressjs/session","docs":null,"changelog":null,"pypi":null,"npm":"https://www.npmjs.com/package/express-session","openapi_spec":null,"status_page":null,"smithery":null,"compatibility":{"summary":{"python_range":"18–22","success_rate":0,"avg_install_s":null,"avg_import_s":null,"wheel_type":null},"url":"https://checklist.day/v1/registry/express-session/compatibility"}}