Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
2-thenable
Advanced tools
Readme
Useful when we want to imply an asynchronous representation onto some non-promise object.
Having that target object can be combined into promise chains or async/await syntax. One use case would be turning a stream instance so it's also a promise.
npm install 2-thenable
Utility takes target
and promise
arguments. target
is object to be extended with then
, catch
and finally
methods.
While promise
is expected to be a native promise instance that reflects resolution which should be mapped onto target
Example of converting stream to thenable
const toThenable = require("2-thenable");
// Example of converting a simple utf8 string stream to thenable
toThenable(stream, new Promise((resolve, reject) => {
let result = '';
stream.on('error', reject);
stream.on('data', data => (result += data));
stream.on('end', () => resolve(result));
});
stream.then(result => {
console.log("Cumulated string data", result);
});
npm test
FAQs
Convert any object to thenable
The npm package 2-thenable receives a total of 917,806 weekly downloads. As such, 2-thenable popularity was classified as popular.
We found that 2-thenable demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.