Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
emitters
Fancy node-compatible event emitters, including bubbling and singleton ready events.
emitters
Fancy node-compatible event emitters, including bubbling and singleton ready events.
var emitters = require('emitters');
// Polyfill for a node-compatible EventEmitter.
var ee = new emitters.EventEmitter();
var count = 0
, counter = function (evt){
console.log("Count: "+(count++)+" because "+this+" fired "+evt);
};
// An emitter that auto-invokes listeners if the "ready" event has already occurred.
var re = new emitters.ReadyEmitter();
re.on('ready', counter);
// Fires the ready event unless already ready.
re.ready(true); // -> count == 1
// Invokes our callback because we're already ready.
re.on('ready', counter); // -> count == 2
// Or...
re.ready(counter); // -> count == 3
// A ChainedEmitter bubbles events to its parent.
var c1 = new emitters.ChainedEmitter(ee)
, c2 = new emitters.ChainedEmitter(c1)
, c3 = new emitters.ChainedEmitter()
;
// You can also get/set the parent emitter later.
c3.parentEmitter(c1);
// So we're bubbling from c2 -> c1, c3 -> c1, and c1 -> ee; let's listen in.
ee.on('bonk', counter);
c1.on('bonk', counter);
c2.on('bonk', counter);
c3.on('bonk', counter);
c2.emit('bonk'); // -> We see c2, c1, and ee all recieve events, putting our counter to 6.
// Event handlers can stop propagaion by returning false.
c1.on('bonk', function (){
console.log('STOP!');
return false;
});
c3.emit('bonk'); // -> c3 and c1 both have listeners who will get the event...
// But the second listener we just registered will end the bubbling. (Even if the
// listener were first, the rest of c1's listeners would be notified. Stopping
// propagation prevents the event from moving *up*.)
Usage
For usage in node.js, install it via npm: npm install emitters.
A browser distribution is coming soon!
API
Coming soon — use the source, Luke!
Feedback
Find a bug or want to contribute? Open a ticket (or fork the source!) on github. You're also welcome to send me email at dsc@less.ly.
License
emitters was written by David Schoonover (in Coco, a dialect of CoffeeScript that compiles down to JavaScript). It is open-source software and freely available under the MIT License.
FAQs
Fancy node-compatible event emitters, including bubbling and singleton ready events.
The npm package emitters receives a total of 4 weekly downloads. As such, emitters popularity was classified as not popular.
We found that emitters demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 19 Sep 2012
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025
Application Security
/Research
/Security News
Updated and Ongoing Supply Chain Attack Targets CrowdStrike npm Packages
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.
By Kush Pandya, Peter van der Zee, Olivia Brown, Socket Research Team - Sep 16, 2025