Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@matrixai/async-init
Advanced tools
Asynchronous initialization and deinitialization decorators for JavaScript/TypeScript applications.
Because decorators are experimental, you must enable: "experimentalDecorators": true
in your tsconfig.json
to use this library.
TypeScript does not allow decorator properties that are protected or private.
Example Usage:
import { CreateDestroyStartStop, ready } from '@matrixai/async-init/dist/CreateDestroyStartStop';
// this hack is necessary to ensure that X's type is decorated
interface X extends CreateDestroyStartStop {};
@CreateDestroyStartStop(new Error('Running'), new Error('Destroyed'))
class X {
protected y: Y;
public static async createX(
{
y
}: {
y?: Y
} = {}
) {
y = y ?? await Y.createY();
const x = new this({ y });
await x.start();
return x;
}
public constructor ({ y }: { y: Y }) {
this.y = y;
}
public async start(): Promise<void> {
await this.y.start();
console.log('X started');
}
public async stop(): Promise<void> {
await this.y.stop();
console.log('X stopped');
}
public async destroy(): Promise<void> {
await this.y.destroy();
console.log('X destroyed');
}
@ready(new Error('Not Running'))
public async doSomething() {
await this.y.doSomething();
console.log('X did something');
}
}
// this hack is necessary to ensure that Y's type is decorated
interface Y extends CreateDestroyStartStop {};
@CreateDestroyStartStop(new Error('Running'), new Error('Destroyed'))
class Y {
public static async createY() {
return new this();
}
public constructor () {
}
public async destroy(): Promise<void> {
console.log('Y destroyed');
}
@ready(new Error('Not Running'))
public async doSomething(): Promise<void> {
console.log('Y did something');
}
}
async function main () {
const x = await X.createX();
await x.doSomething();
await x.stop();
await x.destroy();
console.log(x);
}
main();
The start
, stop
, and destroy
calls are all concurrent-controlled with RWLockWriter
. They are idempotent and they are mutually exclusive between each other and any blocking ready
decorated methods. Decorated methods can block start
, stop
, and destroy
, but share a read lock between each other.
Refer to https://gist.github.com/CMCDragonkai/1dbf5069d9efc11585c27cc774271584 for further the motivation of this library.
npm install --save @matrixai/async-init
Run nix-shell
, and once you're inside, you can use:
# install (or reinstall packages from package.json)
npm install
# build the dist
npm run build
# run the repl (this allows you to import from ./src)
npm run tsx
# run the tests
npm run test
# lint the source code
npm run lint
# automatically fix the source
npm run lintfix
npm run docs
See the docs at: https://matrixai.github.io/js-async-init/
Publishing is handled automatically by the staging pipeline.
Prerelease:
# npm login
npm version prepatch --preid alpha # premajor/preminor/prepatch
git push --follow-tags
Release:
# npm login
npm version patch # major/minor/patch
git push --follow-tags
Manually:
# npm login
npm version patch # major/minor/patch
npm run build
npm publish --access public
git push
git push --tags
FAQs
Asynchronous Initialisation and Deinitialisation Decorators
We found that @matrixai/async-init demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.