Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@wry/context
Advanced tools
Manage contextual information needed by (a)synchronous tasks without explicitly passing objects around
The @wry/context npm package provides a mechanism for managing contextual information across asynchronous operations without relying on global state or directly passing context through function calls. It's particularly useful for tracking execution contexts across async boundaries, making it easier to implement features like request-scoped logging, performance monitoring, and more in a way that's transparent to the code that's being executed.
Creating and using a context
This feature demonstrates how to create a new context and use it to store and retrieve values within a specific execution scope. The `withValue` method temporarily sets a value for a given key in the context, which can be accessed using the `get` method within the callback passed to `withValue`. Outside of this callback, the context does not hold the value, showcasing how @wry/context can manage context-specific data without leaking it outside of the intended scope.
const {Slot} = require('@wry/context');
let context = new Slot();
context.withValue('myKey', 'myValue', () => {
// Within this function, context.get('myKey') will return 'myValue'.
console.log(context.get('myKey')); // Outputs: 'myValue'
});
// Outside, context.get('myKey') returns undefined.
console.log(context.get('myKey')); // Outputs: undefined
The cls-hooked package provides a similar functionality to @wry/context by allowing the creation of context namespaces that can be used to store and access data across asynchronous calls. It uses the async_hooks module in Node.js to achieve this. Compared to @wry/context, cls-hooked is more tightly integrated with Node.js's async model but might be more complex to use due to its reliance on async_hooks.
This package also offers context management capabilities similar to @wry/context, enabling the association of state with chains of asynchronous calls. It's an earlier solution compared to cls-hooked and might not be as efficient or reliable in certain Node.js versions or scenarios. Compared to @wry/context, continuation-local-storage provides a broader API but may suffer from the limitations of its underlying implementation.
Manage contextual information needed by synchronous or asynchronous tasks without explicitly passing objects around.
FAQs
Manage contextual information needed by (a)synchronous tasks without explicitly passing objects around
The npm package @wry/context receives a total of 3,494,774 weekly downloads. As such, @wry/context popularity was classified as popular.
We found that @wry/context demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.