Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
This module allows you to create an asynchronous execution context for JavaScript or TypeScript
NOTE: This module is based on async_hooks an experimental built-in node.js module introduced in v8.0.0
NOTE: Your contribution is highly welcome!
To give you an idea of how asyncctx is supposed to be used:
import { ContinuationLocalStorage } from 'asyncctx';
class MyLocalStorage {
value: number;
}
let cls = new ContinuationLocalStorage<MyLocalStorage>();
cls.setRootContext({ value: 1});
process.nextTick(() => {
let curr1 = cls.getContext(); // value is 1
cls.setContext({ value: 2}); // value should be 2 in the current execution context and below
process.nextTick(() => {
let curr2 = cls.getContext(); // value is 2
cls.setContext({ value: 3}); // value should be 3 in the current execution context and below
process.nextTick(() => {
let curr3 = cls.getContext(); // value is 3
});
});
process.nextTick(() => {
let curr4 = cls.getContext(); // value is 2
});
});
node-async-context (asyncctx) is licensed under the MIT License: LICENSE
Release | Notes |
---|---|
1.1.11 | node 14 |
1.1.8-10 | maintenance release |
1.1.7 | node 13 |
1.1.2-6 | maintenance release |
1.1.1 | fixed loosing context; thanks to Pasi Tuominen |
2.0.0 | targeting es6; dropped support for nodejs < v8 |
please use asyncctx@<2.0 for nodejs v4 - v11 support | |
1.1.0 | fixed support for nodes < v8 |
1.0.5-10 | maintenance release |
1.0.4 | node 10 |
1.0.3 | node 9 |
1.0.2 | maintenance release |
1.0.1 | added support for older nodejs versions (4,6,7) using internal copy of async-hook@1.7.1 |
1.0.0 | is now based on 'async_hooks' (a built-in nodejs v8.0 module) |
0.0.6 | maintenance releases |
0.0.5 | async-hook 1.7.1 |
0.0.1-4 | initial version |
FAQs
an asynchronous execution context for TypeScript/JavaScript
The npm package asyncctx receives a total of 1,008 weekly downloads. As such, asyncctx popularity was classified as popular.
We found that asyncctx demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.