Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
async-cache-dedupe
Advanced tools
async-cache-dedupe
is a cache for asynchronous fetching of resources
with full deduplication, i.e. the same resource is only asked once at any given time.
npm i async-cache-dedupe
import { Cache } from 'async-cache-dedupe'
const cache = new Cache({
ttl: 5 // seconds
})
cache.define('fetchSomething', async (k) => {
console.log('query', k)
// query 42
// query 24
return { k }
})
const p1 = cache.fetchSomething(42)
const p2 = cache.fetchSomething(24)
const p3 = cache.fetchSomething(42)
const res = await Promise.all([p1, p2, p3])
console.log(res)
// [
// { k: 42 },
// { k: 24 }
// { k: 42 }
// ]
Commonjs/require
is also supported.
new Cache(opts)
Creates a new cache.
Options:
tll
: the maximum time a cache entry can live, default 0
cacheSize
: the maximum amount of entries to fit in the cache for each defined method, default 1024
.cache.define(name[, opts], original(arg, cacheKey))
Define a new function to cache of the given name
.
Options:
tll
: the maximum time a cache entry can live, default as defined in the cache.cacheSize
: the maximum amount of entries to fit in the cache for each defined method, default as defined in the cache.serialize
: a function to convert the given argument into a serializable object (or string).onHit
: a function that is called every time there is a hit in the cache.The define
method adds a cache[name]
function that will call the original
function if the result is not present
in the cache. The cache key for arg
is computed using safe-stable-stringify
and it is passed as the cacheKey
argument to the original function.
cache.clear([name], [arg])
Clear the cache. If name
is specified, all the cache entries from the function defined with that name are cleared.
If arg
is specified, only the elements cached with the given name
and arg
are cleared.
MIT
FAQs
An async deduping cache
The npm package async-cache-dedupe receives a total of 31,686 weekly downloads. As such, async-cache-dedupe popularity was classified as popular.
We found that async-cache-dedupe demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.