Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
async-retry
Advanced tools
async-retry
Retrying made simple, easy, and async.
Usage
// Packages
const retry = require('async-retry');
const fetch = require('node-fetch');
await retry(
async (bail) => {
// if anything throws, we retry
const res = await fetch('https://google.com');
if (403 === res.status) {
// don't retry upon 403
bail(new Error('Unauthorized'));
return;
}
const data = await res.text();
return data.substr(0, 500);
},
{
retries: 5,
}
);
API
retry(retrier : Function, opts : Object) => Promise
- The supplied function can be
asyncor not. In other words, it can be a function that returns aPromiseor a value. - The supplied function receives two parameters
- A
Functionyou can invoke to abort the retrying (bail) - A
Numberidentifying the attempt. The absolute first attempt (before any retries) is1.
- A
- The
optsare passed tonode-retry. Read its docsretries: The maximum amount of times to retry the operation. Default is10.factor: The exponential factor to use. Default is2.minTimeout: The number of milliseconds before starting the first retry. Default is1000.maxTimeout: The maximum number of milliseconds between two retries. Default isInfinity.randomize: Randomizes the timeouts by multiplying with a factor between1to2. Default istrue.onRetry: an optionalFunctionthat is invoked after a new retry is performed. It's passed theErrorthat triggered it as a parameter.
Authors
- Guillermo Rauch (@rauchg) - Vercel
- Leo Lamprecht (@notquiteleo) - Vercel
Other packages similar to async-retry
retry
The 'retry' package provides similar functionality for retrying operations, with a focus on both synchronous and asynchronous control flow. It offers a more extensive set of options for customizing retry behavior but does not provide an async/await interface out of the box.
p-retry
The 'p-retry' package is another alternative that supports retrying asynchronous operations using Promises. It has a similar API to async-retry but is built specifically for use with Promises and provides slightly different options for customizing the retry behavior.
retry-axios
The 'retry-axios' package is designed to work as an interceptor for axios, a popular HTTP client. It allows you to automatically retry failed HTTP requests, and it is specifically tailored for axios users, unlike async-retry which is more generic and can be used with any asynchronous operation.
FAQs
Retrying made simple, easy and async
The npm package async-retry receives a total of 6,025,463 weekly downloads. As such, async-retry popularity was classified as popular.
We found that async-retry demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 80 open source maintainers collaborating on the project.
Package last updated on 17 Aug 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025