
Research
Security News
The Landscape of Malicious Open Source Packages: 2025 Mid‑Year Threat Report
A look at the top trends in how threat actors are weaponizing open source packages to deliver malware and persist across the software supply chain.
node-repl-await
Advanced tools
Standalone util function from Node.js core to process await statements in REPL.
Standalone util function from Node.js core to process await statements in REPL.
Since v10.0.0, Node.js introduced a new experimental feature to support await
keyword in the REPL by using the argument --experimental-repl-await
, however,
if a user wants to implement a custom REPL console, there would be no
await-support at all, to achieve such a goal, this package clones the internal
module of await-support to form a standalone version, allowing users share the
benefits of await-support in their own REPL environments.
See Node.js docs for more details, and contribute to the original source.
const repl = require("repl");
const vm = require("vm");
const { processTopLevelAwait } = require("node-repl-await");
function isRecoverableError(error) {
if (error.name === 'SyntaxError') {
return /^(Unexpected end of input|Unexpected token)/.test(error.message);
}
return false;
}
async function myEval(code, context, filename, callback) {
code = processTopLevelAwait(code) || code;
try {
let result = await vm.runInNewContext(code, context);
callback(null, result);
} catch (e) {
if (isRecoverableError(e)) {
callback(new repl.Recoverable(e));
} else {
console.log(e);
}
}
}
repl.start({ prompt: '> ', eval: myEval });
function processTopLevelAwait(src: string): string | void
Tries to wrap the given source code to an immediately-invoked function if it
contains any top level await
statement in the form of
(async () => { /* source code */ })()
If no await
presents or processing failed, the function returns null
.
FAQs
Standalone util function from Node.js core to process await statements in REPL.
The npm package node-repl-await receives a total of 9,913 weekly downloads. As such, node-repl-await popularity was classified as popular.
We found that node-repl-await demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A look at the top trends in how threat actors are weaponizing open source packages to deliver malware and persist across the software supply chain.
Security News
ESLint now supports HTML linting with 48 new rules, expanding its language plugin system to cover more of the modern web development stack.
Security News
CISA is discontinuing official RSS support for KEV and cybersecurity alerts, shifting updates to email and social media, disrupting automation workflows.