Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
defer-to-connect
Advanced tools
Package description
The defer-to-connect npm package allows you to defer actions until a socket connection is established. It provides hooks for different stages of a connection, such as 'lookup', 'connect', 'secureConnect', and 'close'. This can be useful for debugging, logging, or modifying the socket during its lifecycle.
Defer actions until the socket connects
This feature allows you to execute code when the socket connects. In the provided code sample, a message is logged to the console once the socket connection is established.
const net = require('net');
const deferToConnect = require('defer-to-connect');
const socket = net.createConnection({ port: 80, host: 'example.com' });
deferToConnect(socket, (event) => {
if (event === 'connect') {
console.log('Socket connected!');
}
});
Defer actions until the socket is secured
This feature allows you to execute code when a TLS socket is secured. In the provided code sample, a message is logged to the console once the TLS socket connection is secured.
const tls = require('tls');
const deferToConnect = require('defer-to-connect');
const socket = tls.connect({ port: 443, host: 'example.com' });
deferToConnect(socket, (event) => {
if (event === 'secureConnect') {
console.log('Socket secured!');
}
});
Defer actions until the socket closes
This feature allows you to execute code when the socket closes. In the provided code sample, a message is logged to the console once the socket connection is closed.
const net = require('net');
const deferToConnect = require('defer-to-connect');
const socket = net.createConnection({ port: 80, host: 'example.com' });
deferToConnect(socket, (event) => {
if (event === 'close') {
console.log('Socket closed!');
}
});
The 'once' package is similar in that it allows you to add a one-time listener for an event. However, it is not specifically tailored to socket connections and does not provide the same granularity for different stages of a socket's lifecycle.
The 'eventemitter3' package is an implementation of the EventEmitter module found in Node.js. It allows you to emit and listen for events, which can be used to achieve similar functionality to defer-to-connect, but it requires more manual management of connection events and does not provide out-of-the-box support for deferring actions until specific socket events.
Readme
The safe way to handle the
connect
socket event
Once you receive the socket, it may be already connected (or disconnected).
To avoid checking that, use defer-to-connect
. It'll do that for you.
const deferToConnect = require('defer-to-connect');
deferToConnect(socket, () => {
console.log('Connected!');
});
Calls connectListener()
when connected.
An object representing connect
, secureConnect
and close
properties.
Calls connect()
when the socket is connected.
Calls secureConnect()
when the socket is securely connected.
Calls close()
when the socket is destroyed.
MIT
FAQs
The safe way to handle the `connect` socket event
The npm package defer-to-connect receives a total of 12,369,617 weekly downloads. As such, defer-to-connect popularity was classified as popular.
We found that defer-to-connect demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.