Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
async3.js
Procedural asynchronous flow control for JavaScript in Node.JS and browsers.
For people who find continuation passing style (CPS) more reasonable than Promises, Futures, generators, etc.
Inspired by async2, mini-async.
Motivation
Javascript, like many languages
that support passing callbacks to asynchronous APIs,
provides flow control keywords (i.e, if, while, for)
that are nearly useless once you need to await the future
result.
At some point you realize you need to take a procedural approach and reimplement these keywords as functions.
In doing so, if you are familiar with assembly or machine code,
you may realize that all flow control operations can actually
be reduced to conditional JMP opcodes. Trendy variations like
unless, until, do...while, etc. are unecessary
syntactic sugar.
Taking the minimalist approach, you realize you can get a large degree of control with just a few functions that are a few lines of code each. No need for object instantiations, or multiple function calls in a builder pattern.
Include
ES6 Node.JS:
const {ifAsync} = require('async3');
Flow Control Functions
- ifAsync : conditional branching without two callback references
- whileAsyncSerial: latched infinite loop
- forEachAsyncSerial : serial one-at-a-time invocation
- forEachAsyncParallel : parallel branch-join invocation
- forEachAsyncParallelBatch : parallel with limited maximum concurrent invocations
Async3.ifAsync()
For when you have two functions: one that is asynchronous but is only executed sometimes, and one that is called afterward. Without this, you'd have to declare or reference the second function twice.
Syntax
void ifAsync(test, true_cb[, ...args], done_cb);
Parameters
-
test
Truthy value determines whether to invoketrue_cb. -
true_cb
The function invoked if thetestfunction above returns truthy. Accepts no targ Expected to be asynchronous. Accepts arguments provided in...argsparameter described below. Void return value. -
...args
Optional. One or more arguments of any type, to be passed intotrue_cbfunction. -
done_cb
Function invoked aftertrue_cbcompletes. Invoked regardless of whethertestreturned truthy.
Example
ifAsync(tmpAbsPath != absPath,
exec, 'mv "'+ tmpAbsPath +'" "'+ absPath +'"', () =>
{
console.log('placed locally for later static upload to cdn as '+ relPath);
});
FAQs
Procedural asynchronous flow control for JavaScript in Node.JS and browsers.
We found that async3 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 12 Oct 2016
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026