Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
one-firework
Advanced tools
one-firework 🧨
Explode once. Never again.
💡 A single-execution function utility — type-safe, side-effect-proof, and featherlight.
one-firework ensures your function runs exactly once, no matter how many times it’s called. Perfect for initializations, expensive computations, or preventing repeated side effects. All with type safety, reset control, and zero bloat. Control the way your code runs.
✨ Features
- ✅ One-shot execution – Your function, but strictly once.
- 🔒 Type-safe & secure – Written in TypeScript, scanned by Snyk.
- ⚡ Blazingly fast – Perfect match for Bun.
- 🪶 Featherlight – No overhead, no nonsense.
- 🧠 Predictable control flow – Say goodbye to accidental re-runs.
- 🔁 Resettable – Need another spark? Just reset.
🚀 Installation Guide
⚡bun add one-firework
or
📦npm install one-firework ~ 🚀 Classic launch
🐈yarn add one-firework ~ 🎇 Smooth glide
🧠 Usage
import firework from 'one-firework'
function expensiveCalculation(a: number, b: number): number {
console.log("Performing expensive calculation...");
return a + b;
}
const onceCalculation = firework(expensiveCalculation);
onceCalculation(5, 3); // 👉 8
onceCalculation(9, 1); // 👉 8 (ignored)
onceCalculation(2, 3); // 👉 8 (still ignored)
firework.fired(onceCalculation); // 👉 3 (calls tracked)
~ with options throwOnMaxCalls
const runOnce = firework(expensiveCalculation, { throwOnMaxCalls: true });
runOnce(1, 2); // ✅ Executes
runOnce(3, 4); // ❌ Throws: function already called
🤓 API
firework(func, options?)
Returns a function that invokes func only on the first call.
func
Type: Function -
The function to protect from repeated execution.
options (Optional)
Type: Object
throwOnMaxCalls
-
Type:
boolean, -
Default:
false -
If
true, calling more than once throws an error.
firework.fired(func)
Returns the number of times the function was called.
ℹ️ Note: This only works when the function is wrapped with firework.
⏳ Coming soon: You'll be able to call .fired directly on the function (fn.fired) without needing to wrap it!
🌟Why one-firework?
Sometimes, you only want the fuse to burn once — like:
- Setting up a singleton
- Subscribing to an event
- Running an initialization block
- Avoiding duplicate requests
Let one-firework handle that — beautifully, safely, and with a little style. 🧨
License
FAQs
A library for singal use function execution.
We found that one-firework demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 11 May 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026