Feature Flags · Rate Limits · Observability · CVE Response

Lite Integration. Strong Protection.

One SDK. Guard checks run locally from a cached bundle. Feature flags, rate limits, observability, and automated CVE response in a single integration.

See Quick Start Read Getting Started Guide

Prefer an invite first? Join the waitlist and we will reach out when Liteguard is ready.

Why developers read on

Hot path stays local Ordinary guard checks run from a cached bundle instead of calling the network.

Config changes arrive quietly Refresh and telemetry happen in the background, without adding infrastructure to deploy.

Failure behavior stays sane Liteguard keeps using the last known good bundle if the control plane is temporarily unavailable.

// one import, that's it
import { init } from '@liteguard/liteguard';

Architecture

Where Liteguard sits in your stack

Liteguard runs in-process as a library. Guard checks stay local, while config refresh and telemetry move quietly in the background. No proxies, sidecars, or config servers to deploy.

Your Application Code

</> App Logic & Business Rules

Liteguard SDK

Feature Gates • Rate Limits • Observability • Security

Infrastructure & Dependencies

☁ APIs • Databases • 3rd-Party Libs

Features

Three ways Liteguard changes the request path

Each guard is a named control point in your code with a default value, ordered rules, optional rate limiting, and telemetry. Start with the capability you need first, then expand from there.

01 Feature Guards Control runtime behavior without redeploying. 02 Automatic Instrumentation Find and wrap critical paths faster. 03 CVE Response Disable affected paths and fall back safely.

// guard a feature in one line
if (liteguard.isOpen('new-checkout')) {
  renderNewCheckout();
} else {
  renderLegacyCheckout();
}

new-checkout LIVE

beta-search OFF

ai-suggestions LIVE

Feature Guards

Wrap a named code path in a guard. Set a default value, add property-based rules, and change behavior from the dashboard without redeploying.

Per-environment defaults and ordered targeting rules
Local per-user or global rate limits
Checks run locally while config refreshes in the background

$ liteguard auto-instrument

# Scanning your codebase...
✓ Found 47 instrumentable endpoints
✓ Found 12 3rd-party integrations
✓ Found 8 critical code paths

# Adding guards...
✓ src/payments/stripe.ts   +guard
✓ src/auth/oauth.ts        +guard
✓ src/api/search.ts        +guard
... and 64 more

Done! 67 guards created. Dashboard updated.

Live Telemetry

0% Uptime

0ms p50 Latency

0M Events / hr

Telemetry New endpoint activity grouped automatically by guard.

Profiling Latency, execution volume, and fallback events stay tied to the same control point.

Automatic Instrumentation

Run liteguard auto-instrument and the CLI walks your codebase, finds API routes, third-party calls, and critical code paths, then wraps each one in a guard. Review the diff and merge.

Scans routes, integrations, and dependencies
Generates guards you review before merging
Adds profiling and telemetry to each guard

⚠ CVE-2026-31337 CRITICAL

package: [email protected]

affects: src/data/transform.ts

Liteguard auto-response:

✓ Guard data.transform disabled in 12ms

✓ Fallback handler activated

✓ Team notified via Slack & PagerDuty

T+0sCVE analyzed

T+3sLiteguard detects

T+3.012sGuard disabled

T+4sTeam notified

CVE Response

Liteguard maps which guards depend on which packages. When a CVE is published for a dependency, affected guards can be automatically disabled and fallback logic kicks in. Your app keeps running while you patch.

Maps guards to their third-party dependencies
Disables affected code paths automatically
Fallback handlers keep your app running

Quick Start

From install to first guard in three steps

Install the SDK, start one client with a Project Client Token, and evaluate guards locally. Read the full Getting Started guide →

Install the SDK

Add Liteguard to your project with your package manager of choice.

$ npm install @liteguard/liteguard

Start the client

Create one client at startup with your Project Client Token, then start it to fetch the initial bundle.

import { LiteguardClient } from '@liteguard/liteguard';

const client = new LiteguardClient('pctok_live_...');
await client.start();

Add Guards

Add guards in code, or run the CLI to auto-instrument your codebase.

// Option A: manual guards
if (liteguard.isOpen('my-feature')) { /* ... */ }

// Option B: auto-instrument everything
$ liteguard auto-instrument

Production Behavior

What stays off the hot path

Liteguard is designed so ordinary guard checks stay local while the hosted service coordinates config, telemetry, and recovery behavior around the edge of the request path.

Local evaluation

Once the bundle is fetched, ordinary isOpen checks evaluate locally. Normal request-path checks do not call the network.

Background refresh

Guard bundles refresh in the background with cached ETag handling, so config changes arrive without redeploying your app.

Failure behavior

If the control plane is temporarily unavailable, Liteguard keeps using the last known good bundle and retries in the background.

Best-effort telemetry

Signals are buffered and flushed asynchronously so telemetry and adoption inventory do not block application code.

Continuity Commitment

If hosted Liteguard is ever discontinued, we will open-source the core components needed to keep existing Liteguard projects running and publish migration documentation.