Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@types/async
Advanced tools
TypeScript definitions for async
@types/async provides TypeScript type definitions for the async library, which is a utility module that provides straight-forward, powerful functions for working with asynchronous JavaScript. It allows you to manage asynchronous control flow using various patterns such as series, parallel, waterfall, and more.
Series
Executes a list of functions in series, each one running once the previous function has completed. If any functions in the series pass an error to its callback, no more functions are run and the callback for the series is immediately called with the value of the error.
const async = require('async');
async.series([
function(callback) {
setTimeout(function() {
console.log('Task 1');
callback(null, 'one');
}, 200);
},
function(callback) {
setTimeout(function() {
console.log('Task 2');
callback(null, 'two');
}, 100);
}
],
function(err, results) {
console.log(results);
});
Parallel
Executes a list of functions in parallel, without waiting until the previous function has completed. If any functions in the series pass an error to its callback, the main callback is immediately called with the value of the error.
const async = require('async');
async.parallel([
function(callback) {
setTimeout(function() {
console.log('Task 1');
callback(null, 'one');
}, 200);
},
function(callback) {
setTimeout(function() {
console.log('Task 2');
callback(null, 'two');
}, 100);
}
],
function(err, results) {
console.log(results);
});
Waterfall
Runs an array of functions in series, each passing their results to the next in the array. However, if any of the functions pass an error to the callback, the next function is not executed and the main callback is immediately called with the error.
const async = require('async');
async.waterfall([
function(callback) {
callback(null, 'one', 'two');
},
function(arg1, arg2, callback) {
console.log(arg1, arg2);
callback(null, 'three');
},
function(arg1, callback) {
console.log(arg1);
callback(null, 'done');
}
],
function (err, result) {
console.log(result);
});
Bluebird is a fully featured promise library with focus on innovative features and performance. It provides a wide range of utilities for working with promises, including methods for managing asynchronous control flow. Unlike async, Bluebird is promise-based rather than callback-based.
Q is a library for creating and composing asynchronous promises in JavaScript. It allows you to write asynchronous code that is more readable and maintainable. Q is similar to async in that it provides utilities for managing asynchronous operations, but it uses promises instead of callbacks.
RxJS is a library for reactive programming using Observables, to make it easier to compose asynchronous or callback-based code. It provides powerful operators for working with asynchronous data streams. RxJS is more complex and feature-rich compared to async, offering a different paradigm for handling async operations.
npm install --save @types/async
This package contains type definitions for async (https://github.com/caolan/async).
Files were exported from https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/async.
These definitions were written by Boris Yankov, Arseniy Maximov, Angus Fenying, Pascal Martin, Etienne Rossignon, Lifeng Zhu, Tümay Çeber, and Andrew Pensinger.
FAQs
TypeScript definitions for async
We found that @types/async demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.