Security News
pnpm 10.0.0 Blocks Lifecycle Scripts by Default
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
The inflight npm package is used to manage and track the state of asynchronous operations to ensure that the same operation isn't initiated multiple times before it completes. It's particularly useful when dealing with file system operations or any other tasks that should not be duplicated.
Tracking inflight operations
This code sample demonstrates how to use the inflight package to prevent the same asynchronous operation from being executed multiple times simultaneously. It uses a timeout to simulate an asynchronous operation and ensures that if the operation is already in progress, subsequent calls will not initiate a new one.
const inflight = require('inflight');
function asyncOperation(key, callback) {
if (inflight(key)) return;
inflight(key, callback);
// Perform the operation here
setTimeout(() => {
// Operation completed
inflight(key, null);
callback();
}, 1000);
}
asyncOperation('operation1', () => console.log('Operation 1 completed.'));
asyncOperation('operation1', () => console.log('Operation 1 is already in flight.'));
The async package provides a collection of utilities to work with asynchronous JavaScript. While it doesn't offer the exact same functionality as inflight, it does include methods like 'async.queue' and 'async.cargo' which can be used to manage concurrency and ensure that certain tasks are not overlapped.
p-limit is a package that limits the number of promises that are running at any one time. It can be used to control concurrency similar to inflight, but it works specifically with promises rather than general asynchronous operations.
The once package ensures a function can only be called once. It's similar to inflight in that it prevents duplicate execution, but it's more general-purpose and not specifically designed for tracking the state of asynchronous operations.
Add callbacks to requests in flight to avoid async duplication
var inflight = require('inflight')
// some request that does some stuff
function req(key, callback) {
// key is any random string. like a url or filename or whatever.
//
// will return either a falsey value, indicating that the
// request for this key is already in flight, or a new callback
// which when called will call all callbacks passed to inflightk
// with the same key
callback = inflight(key, callback)
// If we got a falsey value back, then there's already a req going
if (!callback) return
// this is where you'd fetch the url or whatever
// callback is also once()-ified, so it can safely be assigned
// to multiple events etc. First call wins.
setTimeout(function() {
callback(null, key)
}, 100)
}
// only assigns a single setTimeout
// when it dings, all cbs get called
req('foo', cb1)
req('foo', cb2)
req('foo', cb3)
req('foo', cb4)
FAQs
Add callbacks to requests in flight to avoid async duplication
The npm package inflight receives a total of 37,492,809 weekly downloads. As such, inflight popularity was classified as popular.
We found that inflight demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.