Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
The 'events' npm package provides a way to implement the Observer pattern, which is a software design pattern that allows an object (known as a 'subject') to maintain a list of its dependents (known as 'observers') and automatically notify them of any state changes, usually by calling one of their methods. It is the same EventEmitters API as used by Node.js core.
EventEmitter creation
This code sample shows how to import the 'events' package and create a new instance of an EventEmitter.
const EventEmitter = require('events');
const myEmitter = new EventEmitter();
Event listening
This code sample demonstrates how to listen for an 'event' and execute a callback function when the event is emitted.
myEmitter.on('event', () => {
console.log('an event occurred!');
});
Event emitting
This code sample shows how to emit an 'event', which will trigger any associated event listeners.
myEmitter.emit('event');
Once listener
This code sample demonstrates how to set up a listener that will only be called once for the next time the event is emitted.
myEmitter.once('event', () => {
console.log('this event will be logged only once');
});
Removing listeners
This code sample shows how to remove a specific listener from an event.
const callback = () => console.log('event occurred');
myEmitter.on('event', callback);
// ...
myEmitter.removeListener('event', callback);
Mitt is a tiny functional event emitter / pubsub. It provides the same basic functionality as 'events' but with a smaller footprint and a more functional approach.
EventEmitter3 is a high performance EventEmitter. It has a similar API to 'events' but is optimized for performance and has no dependencies.
Wolfy87's EventEmitter is an implementation of the EventEmitter module found in Node.js but for the browser. It offers similar functionality to 'events' but is designed to work in a browser environment.
Node's event emitter for all engines.
This implements the Node.js events
module for environments that do not have it, like browsers.
events
currently matches the Node.js 11.13.0 API.
Note that the events
module uses ES5 features. If you need to support very old browsers like IE8, use a shim like es5-shim
. You need both the shim and the sham versions of es5-shim
.
This module is maintained, but only by very few people. If you'd like to help, let us know in the Maintainer Needed issue!
You usually do not have to install events
yourself! If your code runs in Node.js, events
is built in. If your code runs in the browser, bundlers like browserify or webpack also include the events
module.
But if none of those apply, with npm do:
npm install events
var EventEmitter = require('events')
var ee = new EventEmitter()
ee.on('message', function (text) {
console.log(text)
})
ee.emit('message', 'hello world')
See the Node.js EventEmitter docs. events
currently matches the Node.js 11.13.0 API.
PRs are very welcome! The main way to contribute to events
is by porting features, bugfixes and tests from Node.js. Ideally, code contributions to this module are copy-pasted from Node.js and transpiled to ES5, rather than reimplemented from scratch. Matching the Node.js code as closely as possible makes maintenance simpler when new changes land in Node.js.
This module intends to provide exactly the same API as Node.js, so features that are not available in the core events
module will not be accepted. Feature requests should instead be directed at nodejs/node and will be added to this module once they are implemented in Node.js.
If there is a difference in behaviour between Node.js's events
module and this module, please open an issue!
FAQs
Node's event emitter for all engines.
The npm package events receives a total of 26,124,616 weekly downloads. As such, events popularity was classified as popular.
We found that events demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.