use ttlcache

package.json

@@ -82,6 +82,7 @@
     "@datadog/native-metrics": "^2.0.0",
     "@datadog/pprof": "5.3.0",
     "@datadog/sketches-js": "^2.1.0",
+    "@isaacs/ttlcache": "^1.4.1",
     "@opentelemetry/api": ">=1.0.0 <1.9.0",
     "@opentelemetry/core": "^1.14.0",
     "crypto-randomuuid": "^1.0.0",

packages/dd-trace/src/appsec/api_security_sampler.js

@@ -1,6 +1,6 @@
 'use strict'
 
-const LRUCache = require('lru-cache')
+const TTLCache = require('@isaacs/ttlcache')
 const web = require('../plugins/util/web')
 const log = require('../log')
 const { AUTO_REJECT, USER_REJECT } = require('../../../../ext/priority')
@@ -14,7 +14,7 @@ let sampledRequests
 function configure ({ apiSecurity }) {
   enabled = apiSecurity.enabled
   const delay = apiSecurity.sampleDelay || DEFAULT_DELAY
-  sampledRequests = new LRUCache({ max: MAX_SIZE, ttl: delay * 1000 })
+  sampledRequests = new TTLCache({ max: MAX_SIZE, ttl: delay * 1000 })
 }
 
 function disable () {

packages/dd-trace/test/appsec/api_security_sampler.spec.js

@@ -1,16 +1,18 @@
 'use strict'
 
-const { performance } = require('node:perf_hooks')
 const proxyquire = require('proxyquire')
 const { USER_KEEP, AUTO_KEEP, AUTO_REJECT, USER_REJECT } = require('../../../../ext/priority')
 
 describe('API Security Sampler', () => {
   const req = { route: { path: '/test' }, method: 'GET' }
   const res = { statusCode: 200 }
-  let apiSecuritySampler, performanceNowStub, webStub, span
+  let apiSecuritySampler, webStub, span, clock, originalPerformanceNow
 
   beforeEach(() => {
-    performanceNowStub = sinon.stub(performance, 'now').returns(0)
+    originalPerformanceNow = global.performance.now
+    global.performance.now = () => clock.now
+
+    clock = sinon.useFakeTimers({ now: 10 })
 
     webStub = {
       root: sinon.stub(),
@@ -34,13 +36,12 @@ describe('API Security Sampler', () => {
 
     webStub.root.returns(span)
     webStub.getContext.returns({ paths: ['path'] })
-
-    performanceNowStub.returns(performance.now() + 1)
   })
 
   afterEach(() => {
-    performanceNowStub.restore()
     apiSecuritySampler.disable()
+    global.performance.now = originalPerformanceNow
+    clock.restore()
   })
 
   it('should return false if not enabled', () => {
@@ -75,7 +76,7 @@ describe('API Security Sampler', () => {
 
   it('should not sample before 30 seconds', () => {
     expect(apiSecuritySampler.sampleRequest(req, res, true)).to.be.true
-    performanceNowStub.returns(performance.now() + 25000)
+    clock.tick(25000)
 
     expect(apiSecuritySampler.sampleRequest(req, res, true)).to.be.false
     expect(apiSecuritySampler.isSampled(req, res)).to.be.true
@@ -84,7 +85,7 @@ describe('API Security Sampler', () => {
   it('should sample after 30 seconds', () => {
     expect(apiSecuritySampler.sampleRequest(req, res, true)).to.be.true
 
-    performanceNowStub.returns(performance.now() + 35000)
+    clock.tick(35000)
 
     expect(apiSecuritySampler.sampleRequest(req, res, true)).to.be.true
   })

yarn.lock

@@ -478,6 +478,11 @@
     resolve-from "^3.0.0"
     rimraf "^3.0.0"
 
+"@isaacs/ttlcache@^1.4.1":
+  version "1.4.1"
+  resolved "https://registry.yarnpkg.com/@isaacs/ttlcache/-/ttlcache-1.4.1.tgz#21fb23db34e9b6220c6ba023a0118a2dd3461ea2"
+  integrity sha512-RQgQ4uQ+pLbqXfOmieB91ejmLwvSgv9nLx6sT6sD83s7umBypgg+OIBOBbEUiJXrfpnp9j0mRhYYdzp9uqq3lA==
+
 "@istanbuljs/load-nyc-config@^1.0.0":
   version "1.1.0"
   resolved "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz"