Skip to content

fix: enforce maxCachedSessions in TLS session cache#5102

Merged
mcollina merged 1 commit intonodejs:mainfrom
trivikr:max-cached-sessions
Apr 24, 2026
Merged

fix: enforce maxCachedSessions in TLS session cache#5102
mcollina merged 1 commit intonodejs:mainfrom
trivikr:max-cached-sessions

Conversation

@trivikr
Copy link
Copy Markdown
Member

@trivikr trivikr commented Apr 24, 2026

This relates to...

Fixes: #5100

Rationale

SessionCache currently relies on FinalizationRegistry cleanup to remove dead weak references, but it does not evict live entries when the cache reaches capacity. That allows _sessionCache to grow beyond maxCachedSessions for long-lived TLS sessions.

Changes

  • Add bounded eviction to SessionCache.set().
  • Prefer evicting dead weak-ref entries first when the cache is full.
  • Fall back to evicting the oldest live entry when no dead entry is available.
  • Refresh insertion order when updating an existing session key.

Features

N/A

Bug Fixes

  • Enforce maxCachedSessions even when cached TLS sessions are still alive.
  • Prevent the TLS session cache map from growing past the configured limit.

Breaking Changes and Deprecations

N/A

Status

Assisted-by: openai:gpt-5.4

@trivikr
fix: enforce maxCachedSessions in TLS session cache
7900979 
Assisted-by: openai:gpt-5.4
Signed-off-by: Kamat, Trivikram <16024985+trivikr@users.noreply.github.com>
@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented Apr 24, 2026

Codecov Report

❌ Patch coverage is 81.25000% with 3 lines in your changes missing coverage. Please review.
✅ Project coverage is 93.13%. Comparing base (67ca48c) to head (7900979).

Files with missing lines Patch % Lines
lib/core/connect.js 81.25% 3 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #5102      +/-   ##
==========================================
- Coverage   93.13%   93.13%   -0.01%     
==========================================
  Files         110      110              
  Lines       35826    35842      +16     
==========================================
+ Hits        33368    33381      +13     
- Misses       2458     2461       +3

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

mcollina
mcollina approved these changes Apr 24, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@mcollina mcollina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@mcollina mcollina merged commit 754a3d3 into nodejs:main Apr 24, 2026
35 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mcollina mcollina mcollina approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

maxCachedSessions is not enforced by TLS SessionCache

3 participants

@trivikr @codecov-commenter @mcollina