Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Safe async utilities for node and the browser
Async library is not ideal if you are trying to use async operations as sync operations. This is not a very common situation but if you are working for example with browser canvas tag you want to draw all shapes synchronosli to avoid "blinking" of the image. The second problem is described in the documentation of the async library. In the whorst scenario you will get RangeError: Maximum call stack size exceeded. This will happen when you will have a lot of shapes.
You can use this library to avoid this two issues. You can use each function as classic async function. But you are safe if you will use it synchronosli. That means if you will call callbacks imadiately.
Run the functions in the tasks
array in series, each one running once the previous
function has completed. If any functions in the series pass an error to its
callback, no more functions are run, and callback
is immediately called with the value of the error.
Otherwise, callback
receives an array of results when tasks
have completed.
Arguments
tasks
- An array containing functions to run, each function is passed
a callback(err, result)
it must call on completion with an error err
(which can
be null
) and an optional result
value.callback(err, results)
- An optional callback to run once all the functions
have completed. This function gets a results array containing all
the result arguments passed to the task
callbacks.Example
async.series([
function(callback){
// do some stuff ...
callback(null, 'one');
},
function(callback){
// do some more stuff ...
callback(null, 'two');
}
],
// optional callback
function(err, results){
// results is now equal to ['one', 'two']
});
Applies the function iterator to each item in arr, in series. The iterator is called with an item from the list, and a callback for when it has finished. If the iterator passes an error to its callback, the main callback (for the each function) is immediately called with the error.
Arguments
arr
- An array to iterate over.iterator(item, callback)
- A function to apply to each item in arr
.
The iterator is passed a callback(err)
which must be called once it has
completed. If no error has occurred, the callback
should be run without
arguments or with an explicit null
argument. The array index is not passed
to the iterator. If you need the index, use forEachOfSeries
.callback(err)
- Optional A callback which is called when all iterator
functions
have finished, or an error occurs.// assuming openFiles is an array of file names
async.each(openFiles, function(file, callback) {
// Perform operation on file here.
console.log('Processing file ' + file);
if( file.length > 32 ) {
console.log('This file name is too long');
callback('File name too long');
} else {
// Do work to process file here
console.log('File processed');
callback();
}
}, function(err){
// if any of the file processing produced an error, err would equal that error
if( err ) {
// One of the iterations produced an error.
// All processing will now stop.
console.log('A file failed to process');
} else {
console.log('All files have been processed successfully');
}
});
Like eachSeries
, except that it iterates over objects, and passes the key as the second argument to the iterator.
Arguments
obj
- An object or array to iterate over.iterator(item, key, callback)
- A function to apply to each item in obj
.
The key
is the item's key, or index in the case of an array. The iterator is
passed a callback(err)
which must be called once it has completed. If no
error has occurred, the callback should be run without arguments or with an
explicit null
argument.callback(err)
- Optional A callback which is called when all iterator
functions have finished, or an error occurs.FAQs
Safe async utilities for node and the browser
The npm package async-sync receives a total of 4 weekly downloads. As such, async-sync popularity was classified as not popular.
We found that async-sync demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.