Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement
Sign In

atomic-lockfile

Package Overview
Dependencies
Maintainers
1
Versions
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install
Package version was removed
This package version has been unpublished, mostly likely due to security reasons
Malicious code was recently detected in this package.

Affected versions:

1.4.2

atomic-lockfile

Atomic file-based locking with retry, TTL, heartbeat, PID tracking, stale detection, and multi-strategy support

unpublished
npmnpm
Version
1.4.2
Version published
Weekly downloads
603
Maintainers
1
Weekly downloads
 
Created
Source

atomic-lockfile

Atomic file-based locking with retry, TTL, heartbeat, PID tracking, stale detection, and multi-strategy support.

npm version License: MIT Node.js

Installation

npm install atomic-lockfile

Quick Start

import { withLock, lock, lockSync } from 'atomic-lockfile';

// Wrap a function in a lock (auto-released)
await withLock('/tmp/my-resource', async () => {
  // only one process runs this at a time
});

// Manual acquire / release
const handle = await lock('/tmp/my-resource');
try {
  // critical section
} finally {
  await handle.release();
}

// Synchronous API
const { release } = lockSync('/tmp/my-resource');
release();

Features

FeatureDescription
Atomic writesUses hard-link strategy — no partial writes
Multiple adaptersfs, atomic, mkdir, symlink
Multiple strategiesexclusive, shared, advisory, optimistic
TTLLocks auto-expire after a configurable duration
HeartbeatRefreshes lock timestamps to prevent false stale detection
PID trackingDetects orphaned locks from dead processes
Stale detectionBy age, PID liveness, or TTL expiry
Retry + backofflinear, exponential, fibonacci, jitter
AbortSignalCancel acquisition at any point
Sync APIlockSync, unlockSync, checkSync
EventsTyped event system for monitoring
HooksLifecycle hooks: beforeLock, afterLock, etc.
MiddlewareCompose option transformers
CLIlock, unlock, status, list, cleanup
TypeScript100% typed, strict mode
ESM + CJSDual package

API

lock(path, options?)Promise<LockHandle>

Acquire a lock. Retries with backoff on conflict.

const handle = await lock('/tmp/resource', {
  retries: 10,
  retryBackoff: 'exponential',
  ttl: 30_000,
  heartbeatInterval: 5_000,
  removeStale: true,
});
await handle.release();

withLock(path, fn, options?)Promise<T>

Acquire, run fn, release — even on error.

const result = await withLock('/tmp/resource', async () => {
  return computeSomething();
});

lockSync(path, options?){ lockPath, release }

Synchronous lock (no retry, no heartbeat).

checkLock(path)Promise<LockFile>

Inspect a lock without acquiring it.

isLocked(path)Promise<boolean>

Returns true if a non-stale lock exists.

cleanupLocks(dir, options?)Promise<CleanupResult>

Remove stale lock files from a directory.

Options

OptionTypeDefaultDescription
retriesnumber5Max retry attempts
retryDelaynumber100Base delay in ms
retryBackoffstring'exponential'Backoff strategy
retryMaxDelaynumber5000Max delay cap in ms
timeoutnumber60000Total acquisition timeout
ttlnumbernullLock TTL in ms
heartbeatIntervalnumber5000Heartbeat refresh interval
staleAgenumber30000Age threshold for stale detection
removeStalebooleanfalseAuto-remove stale locks
strategystring'exclusive'Lock strategy
adapterstring'atomic'File-system adapter
signalAbortSignalCancellation signal
metaobject{}Arbitrary metadata stored in lock file

CLI

# Acquire a lock
atomic-lockfile lock /tmp/resource --ttl 30000

# Release a lock
atomic-lockfile unlock /tmp/resource

# Check status
atomic-lockfile status /tmp/resource --json

# List all locks in a directory
atomic-lockfile list --dir /tmp --recursive --table

# Clean up stale locks
atomic-lockfile cleanup --dir /tmp --stale-age 60000 --dry-run

Adapters

AdapterAtomicCross-platformNotes
atomic (default)Hard-link strategy
fsSimple wx flag write
mkdirmkdir is atomic on most FS
symlink⚠️ Unix onlySymlink as lock token

Events

import { globalEmitter } from 'atomic-lockfile';

globalEmitter.on('acquired', (event) => {
  console.log('Lock acquired:', event.lockPath, 'after', event.elapsed, 'ms');
});

globalEmitter.on('stale', (event) => {
  console.warn('Stale lock detected:', event.lockPath);
});

Hooks

import { addBeforeLockHook, addAfterLockHook } from 'atomic-lockfile';

addBeforeLockHook(async (path, lockPath, options) => {
  console.log(`About to lock ${path}`);
});

addAfterLockHook(async (handle) => {
  console.log(`Acquired lock on ${handle.path}, PID ${handle.data.pid}`);
});

Middleware

import { withLoggingMiddleware, withRetryMiddleware, composeMiddleware } from 'atomic-lockfile';

const middleware = composeMiddleware(withLoggingMiddleware, withRetryMiddleware);
const handle = await lock('/tmp/resource', middleware({}));

License

MIT © atomic-lockfile contributors

Keywords

lockfile
lock
file-lock
flock
mutex
atomic

FAQs

Package last updated on 10 Jun 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

US Government Forces Anthropic to Pull Claude Fable Days After Launch

Security News

US Government Forces Anthropic to Pull Claude Fable Days After Launch

Anthropic says the directive cited national security concerns over a narrow jailbreak, but offered no specific technical details.

By Sarah Gooding  -  Jun 13, 2026