DEV.co
Open-Source Databases · gruns

ImmortalDB

ImmortalDB is a JavaScript key-value store for browsers that redundantly stores data across cookies, IndexedDB, and localStorage, then self-heals by detecting and correcting data loss. It's designed to survive browser storage evictions and user-initiated data clearing while respecting privacy.

Source: GitHub — github.com/gruns/ImmortalDB
3.1k
GitHub stars
60
Forks
JavaScript
Primary language
MIT
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositorygruns/ImmortalDB
Ownergruns
Primary languageJavaScript
LicenseMIT — OSI-approved
Stars3.1k
Forks60
Open issues39
Latest releasev1.1.1 (2025-04-17)
Last updated2025-04-18
Sourcehttps://github.com/gruns/ImmortalDB

What ImmortalDB is

ImmortalDB implements consensus-based storage across three browser APIs (cookies, IndexedDB, localStorage), using plurality voting on retrieval to determine canonical values and automatically syncing discrepancies. It wraps standard HTML5 APIs with a Promise-based get/set/remove interface and supports pluggable storage backends.

Quickstart

Get the ImmortalDB source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/gruns/ImmortalDB.gitcd ImmortalDB# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

User preference persistence across sessions

Store theme settings, language preferences, or UI state that must survive browser cache clears and storage quota evictions without server-side session overhead.

Offline-first progressive web apps

Maintain application state and cached data locally with redundancy, ensuring data isn't lost when IndexedDB is silently evicted under storage pressure.

Analytics and event queuing

Queue events for transmission to analytics services with high durability; survive browser resets and storage pressure without losing tracked user interactions.

Implementation considerations

  • All keys and values must be DOMStrings; complex data requires manual JSON serialization/deserialization.
  • Promise-based API requires async/await; ensure error handling for storage quota exceeded or blocked access (e.g., in iframes).
  • Redundant writes on every set() operation across three stores; consider performance impact if storing frequently-changing data.
  • Storage capacity limited by browser; default stores (cookies ~4KB, localStorage/IndexedDB ~5–50MB) vary by browser and user settings.
  • Data visibility: not encrypted by default; all three storage mechanisms are accessible to JavaScript in the same origin.

When to avoid it — and what to weigh

  • Storing sensitive authentication data — Cookies, localStorage, and IndexedDB are all accessible to XSS attacks. Do not store tokens, passwords, or PII; use httpOnly cookies for auth at the HTTP layer instead.
  • Large-scale structured data — Values must be DOMStrings; complex objects require JSON serialization. No query API, indexing, or transaction support. Use a proper database for complex data models.
  • Guaranteed data privacy or right-to-be-forgotten — Redundant storage across three locations complicates complete data deletion. Users may not be aware data persists across storage clearing. Not suitable for GDPR-sensitive applications.
  • Performance-critical frequent access patterns — Every get() calls three stores and performs consensus voting. For high-frequency data access, the overhead may outweigh the resilience benefit.

License & commercial use

MIT License. Permissive OSI-approved license permitting commercial and proprietary use, modification, and redistribution with attribution and no warranty.

MIT permits commercial use without restriction. However, verify your use case does not require integration guarantees, support, or indemnification not provided by the MIT license or the library maintainer. Review security and data retention implications for your specific product.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityLow
DEV.co fitGood
Assessment confidenceHigh
Security considerations

ImmortalDB stores data in three browser APIs, all of which are vulnerable to XSS and accessible to any JavaScript on the same origin. No encryption, authentication, or access control built in. Suitable for non-sensitive data only (e.g., preferences). Not a substitute for httpOnly cookies or server-side sessions for auth. Users may be unaware data persists across storage-clearing actions; privacy expectations should be documented.

Alternatives to consider

IndexedDB (native)

Direct use of IndexedDB avoids abstraction overhead and redundancy writes; suitable if you accept data loss risk and want querying/indexing. More mature ecosystem and browser support.

LocalForage

Abstraction over localStorage, IndexedDB, and WebSQL with fallback; simpler than ImmortalDB if redundancy is not critical. Better browser compatibility and maintenance.

PouchDB

Full sync-enabled database with offline-first design, replication, and query support. Heavier but more suitable for complex data and conflict resolution.

Software development agency

Build on ImmortalDB with DEV.co software developers

ImmortalDB offers resilience through redundancy, but requires careful handling of sensitive data and serialization. Devco can help you integrate it safely into your web application and evaluate trade-offs with alternatives.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

ImmortalDB FAQ

Does ImmortalDB encrypt data?
No. Data is stored in plaintext in cookies, IndexedDB, and localStorage. All three are accessible to JavaScript on the same origin. Implement encryption at the application layer if needed.
Can I store objects or arrays directly?
No. Keys and values must be DOMStrings. Serialize to JSON before storing and parse on retrieval.
What happens if all three stores are cleared?
Data is lost. ImmortalDB can only heal from partial loss (e.g., one store cleared). Complete clearing across all stores will result in loss of data. Self-healing requires at least one store to have the correct value.
Is ImmortalDB suitable for storing authentication tokens?
No. Use httpOnly cookies set by the server, which are not accessible to JavaScript and provide CSRF protection. ImmortalDB is vulnerable to XSS attacks.

Software developers & web developers for hire

DEV.co is a software development agency delivering custom software development services to companies building on open source. Our software developers and web developers design, integrate, and ship production systems — spanning web development, APIs, AI, data, and cloud. If ImmortalDB is part of your open-source databases roadmap, our team can implement, customize, migrate, and maintain it.

Ready to explore persistent browser storage?

ImmortalDB offers resilience through redundancy, but requires careful handling of sensitive data and serialization. Devco can help you integrate it safely into your web application and evaluate trade-offs with alternatives.