Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Settle promises concurrently and get their fulfillment value or rejection reason
The p-settle npm package is used to settle multiple promises and get their results regardless of whether they were fulfilled or rejected. It returns an array of objects with the state and value/reason of each promise.
Settling multiple promises
This feature allows you to settle multiple promises and get their results regardless of whether they were fulfilled or rejected. The output is an array of objects with the status and value/reason of each promise.
const pSettle = require('p-settle');
const promises = [
Promise.resolve('Success'),
Promise.reject(new Error('Failure')),
Promise.resolve('Another success')
];
pSettle(promises).then(results => {
console.log(results);
/*
Output:
[
{ status: 'fulfilled', value: 'Success' },
{ status: 'rejected', reason: Error: Failure },
{ status: 'fulfilled', value: 'Another success' }
]
*/
});
The promise-settle package provides similar functionality to p-settle by settling multiple promises and returning their results. It also returns an array of objects with the state and value/reason of each promise. However, p-settle is more actively maintained and has a more modern API.
The settle-promise package is another alternative that settles multiple promises and returns their results. It is less popular and less actively maintained compared to p-settle, but it offers similar functionality.
The promise.allsettled package is a polyfill for the Promise.allSettled method, which is now a standard part of JavaScript. It provides the same functionality as p-settle but is built into the language itself, making it a more native solution.
Settle promises concurrently and get their fulfillment value or rejection reason
$ npm install p-settle
const {promises: fs} = require('fs');
const pSettle = require('p-settle');
(async () => {
const files = [
'a.txt',
'b.txt' // Doesn't exist
].map(fileName => fs.readFile(fileName, 'utf8'));
console.log(await pSettle(files));
/*
[
{
isFulfilled: true,
isRejected: false,
value: '🦄'
},
{
isFulfilled: false,
isRejected: true,
reason: [Error: ENOENT: no such file or directory, open 'b.txt']
}
]
*/
})();
Returns a Promise<object[]>
that is fulfilled when all promises from the array
argument are settled.
The objects in the array have the following properties:
isFulfilled
isRejected
value
or reason
(Depending on whether the promise fulfilled or rejected)Type: Array<ValueType | PromiseLike<ValueType> | ((...args: any[]) => PromiseLike<ValueType>)>
The array can contain a mix of any value, promise, and async function. Promises are awaited. Async functions are executed and awaited. The concurrency
option only works for elements that are async functions.
Type: object
Type: number
(Integer)
Default: Infinity
Minimum: 1
Number of concurrently pending promises.
Note: This only limits concurrency for elements that are async functions, not promises.
FAQs
Settle promises concurrently and get their fulfillment value or rejection reason
The npm package p-settle receives a total of 318,951 weekly downloads. As such, p-settle popularity was classified as popular.
We found that p-settle demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.