
Research
Malicious npm Packages Impersonate Flashbots SDKs, Targeting Ethereum Wallet Credentials
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
A Simple-To-Use Promise Based Queue For Concurrency & Throttle Limiting.
JustQueue aims to simplify the process of setting up local queues in which you may need to throttle or limit the concurrency of asynchronous operations. The most common use case would using JustQueue in front an outgoing third party API request that may have its own rate and concurrency limits. In this scenario, JustQueue can allow asynchronous calls to this API to be appropriately throttled without going over the specified limits.
Some of the prominent features implemented are:
JustQueue can be installed using node package manager (npm
)
npm i just-queue
Below are various examples that make use of JustQueue.
const JustQueue = new JustQueue({
max_concurrent: 4
});
async function get_currency_data(){
// Assume this function makes a POST request to a third-party API
// that only allows 4 conncurrent requests to be made with your API key
}
async function throttled_get(){
return JustQueue.queue(() => get_currency_data());
}
// We can now call this function more than 4 times but JustQueue will
// automatically ensure that no more than 4 maximum concurrent requests are made at any given time
throttled_get()
.then((data) => console.log('Got Currency Data!', data))
.catch((error) => console.log('Failed To Get Currency Data: ', error));
});
const JustQueue = new JustQueue({
throttle: {
rate: 4,
interval: 5000
}
});
async function get_currency_data(){
// Assume this function makes a POST request to a third-party API
// that only allows 4 requests every 5 seconds with your API key.
}
async function throttled_get(){
return JustQueue.queue(() => get_currency_data());
}
// We can now call this function more than 4 times but JustQueue will
// automatically ensure that no more than 4 requests are made every 5 seconds.
throttled_get()
.then((data) => console.log('Got Currency Data!', data))
.catch((error) => console.log('Failed To Get Currency Data: ', error));
});
Below is a breakdown of the JustQueue
object class generated while creating a new JustQueue instance.
max_concurrent
[Number
]: Maximum number of operations to execute concurrently.
Infinity
max_queued
[Number
]: Maximum number of operations to have queued at any given time.
Infinity
Error
that has the message QUEUE_FULL
.timeout
[Number
]: Maximum amount of time in milliseconds after which a queued operation is aborted.
Infinity
Error
that has the message TIMED_OUT
.throttle
[Object
]: Throttle limiter options.
rate
[Number
]: Number of operations to execute in a throttle interval.
Infinity
interval
[Number
]: Interval time in milliseconds to throttle operations.
Infinity
Property | Type | Description |
---|---|---|
active | Number | Number of concurrently active operations. |
queued | Number | Number of queued operations. |
queue(Function: operation)
: Queues an operation
Promise
operation
must be async
or return a Promise
.queue(async () => { /* Your Code Here */});
queue(() => new Promise((resolve, reject) => { /* Your Code Here */});
FAQs
A Simple-To-Use Promise Based Queue For Concurrency & Throttle Limiting.
The npm package just-queue receives a total of 10 weekly downloads. As such, just-queue popularity was classified as not popular.
We found that just-queue demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Four npm packages disguised as cryptographic tools steal developer credentials and send them to attacker-controlled Telegram infrastructure.
Security News
Ruby maintainers from Bundler and rbenv teams are building rv to bring Python uv's speed and unified tooling approach to Ruby development.
Security News
Following last week’s supply chain attack, Nx published findings on the GitHub Actions exploit and moved npm publishing to Trusted Publishers.