Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
@risingstack/async-listener
Advanced tools
process.addAsyncListener polyfill
This is an implementation of Trevor Norris's process.{addAsyncListener,removeAsyncListener} API for adding behavior to async calls. You can see his implementation (currently a work in progress) on Node.js core pull request #6011. This polyfill / shim is intended for use in versions of Node prior to whatever version of Node in which Trevor's changes finally land (anticipated at the time of this writing as 0.11.7).
Here's his documentation of the intended API, which will probably get cleaned up here later:
createAsyncListener(callbacks[, initialStorage])
callbacks{Object}initialStorage{Value}
Returns a constructed AsyncListener object. Which can then be passed to
process.addAsyncListener() and process.removeAsyncListener(). Each
function parameter is as follows:
callbacks: AnObjectwhich may contain four optional fields:create: Afunction (storage)that is called when an asynchronous event is queued. Recives thestorageattached to the listner.storagecan be created by passing aninitialStorageargument during costruction, or by returning aValuefromcreatewhich will be attached to the listner and overwrite theinitialStorage.before: Afunction (context, storage)that is called immediately before the asynchronous callback is about to run. It will be passed both thecontext(i.e.this) of the calling function and thestorage.after: Afunction (context, storage)called immediately after the asynchronous event's callback is run. Note that if the event's callback throws during execution this will not be called.error: Afunction (storage, error)called if the event's callback threw. Iferrorreturnstruethen Node will assume the error has been properly handled and resume execution normally.
initialStorage: AValue(i.e. anything) that will be, by default, attached to all new event instances. This will be overwritten if aValueis returned bycreate().
addAsyncListener(callbacks[, initialStorage])
addAsyncListener(asyncListener)
Returns a constructed AsyncListener object and immediately adds it to the
listening queue.
removeAsyncListener(asyncListener)
Removes the asyncListener from the listening queue.
FAQs
Polyfill exporting trevnorris's 0.11+ asyncListener API.
We found that @risingstack/async-listener demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 10 open source maintainers collaborating on the project.
Package last updated on 02 Mar 2016
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025