
Research
Security News
The Growing Risk of Malicious Browser Extensions
Socket researchers uncover how browser extensions in trusted stores are used to hijack sessions, redirect traffic, and manipulate user behavior.
Security News
Sarah Gooding
June 2, 2025
The 108th TC39 meeting took place last week in A Coruña, Spain, hosted by Igalia. Nine JavaScript proposals advanced during the meeting, and four are moving to Stage 4. Array.fromAsync
, Error.isError
, and the new using
declaration for explicit resource management are now headed into the ECMAScript specification.
Here’s a quick look at what’s next for the language.
Array.fromAsync
to Stage 4#Array.fromAsync
, a long-awaited utility for collecting async iterables into arrays, has conditionally advanced to Stage 4. Championed by J. S. Choi, it works like Array.from
but for async data sources, eliminating the need for manual for await...of
loops. Popularized in userland via libraries like it-all
, the proposal now set to become a native part of JavaScript, pending final editor sign-off.
Error.isError
to Stage 4#Error.isError
, a new built-in method for reliably detecting error objects, has advanced to Stage 4, championed by Jordan Harband. It provides a standardized way to check whether a given value is an instance of an error, resolving long-standing inconsistencies with cross-realm and custom error detection. The method already exists as a polyfill (error.iserror
on npm), and the proposal will now become a native part of JavaScript.
using`
to Stage 4#The Explicit Resource Management proposal, championed by Ron Buckton, has conditionally advanced to Stage 4. The proposal introduces using
and await using
declarations along with Symbol.dispose
and Symbol.asyncDispose
, enabling deterministic cleanup of resources like file handles, streams, and locks.
By mirroring patterns from languages like C#, Python, and Java, this addition makes structured resource management more ergonomic and less error-prone in both sync and async JavaScript code. Final advancement is pending review of tests and editor approval.
In addition to the three proposals advancing to the specification, TC39 moved forward six others: Immutable ArrayBuffer reached Stage 3, bringing a new primitive for safely sharing binary data across threads. Advancing to Stage 2 were Math.clamp and a Seeded Pseudo Random Numbers, both offering improved math capabilities and greater reproducibility.
Meanwhile, Keep Trailing Zeros, Inspector (originally part of the Comparisons proposal), and Random Functions entered Stage 1, beginning their journey through the standardization process.
The full agenda from the meeting is available here. TC39 plans to publish the official notes in approximately three weeks.
Subscribe to our newsletter
Get notified when we publish new security blog posts!
Try it now
Research
Security News
Socket researchers uncover how browser extensions in trusted stores are used to hijack sessions, redirect traffic, and manipulate user behavior.
Research
Security News
An in-depth analysis of credential stealers, crypto drainers, cryptojackers, and clipboard hijackers abusing open source package registries to compromise Web3 development environments.
Security News
pnpm 10.12.1 introduces a global virtual store for faster installs and new options for managing dependencies with version catalogs.