Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
make-promises-safe
Advanced tools
Readme
A node.js module to make the use of promises safe. It implements the deprecation DEP0018 of Node.js in versions 6+. Using Promises without this module might cause file descriptor and memory leaks.
It is important that this module is only used in top-level program code, not in reusable modules!
Node.js crashes if there is an uncaught exception, while it does not
crash if there is an 'unhandledRejection'
, i.e. a Promise without a
.catch()
handler.
If you are using promises, you should attach a .catch()
handler
synchronously.
As an example, the following server will leak a file descriptor because
of a missing .catch()
handler:
const http = require('http')
const server = http.createServer(handle)
server.listen(3000)
function handle (req, res) {
doStuff()
.then((body) => {
res.end(body)
})
}
function doStuff () {
if (Math.random() < 0.5) {
return Promise.reject(new Error('kaboom'))
}
return Promise.resolve('hello world')
}
make-promises-safe
installs an process.on('unhandledRejection')
handler that prints the stacktrace and exits the process with an exit
code of 1, just like any uncaught exception.
npm install make-promises-safe --save
'use strict'
require('make-promises-safe') // installs an 'unhandledRejection' handler
const http = require('http')
const server = http.createServer(handle)
server.listen(3000)
function handle (req, res) {
doStuff()
.then((body) => {
res.end(body)
})
}
function doStuff () {
if (Math.random() < 0.5) {
return Promise.reject(new Error('kaboom'))
}
return Promise.resolve('hello world')
}
You can add this behavior to any Node.js application by using it as a preloader:
node -r make-promises-safe server.js
You can also create a core dump when an unhandled rejection occurs:
require('make-promises-safe').abort = true
You can add a custom logger to log errors in your own format. To do this override the logError
property with a function that takes a single Error
parameter. This defaults to console.error
.
const makePromisesSafe = require('make-promises-safe');
makePromisesSafe.logError = function(err) {
// log the err object
}
MIT
FAQs
Crash or abort if you get an unhandledRejection or multipleResolves
The npm package make-promises-safe receives a total of 56,678 weekly downloads. As such, make-promises-safe popularity was classified as popular.
We found that make-promises-safe demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.