Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
The p-some npm package allows you to wait for a specified number of promises to be fulfilled. It is useful when you need only a certain number of promises to resolve successfully, and you don't care about the rest.
Wait for a specified number of promises to fulfill
This feature allows you to wait for a specified number of promises to be fulfilled. In this example, we have an array of promises, and we use p-some to wait for any 2 of them to resolve successfully. The result will be an array of the first 2 resolved values.
const pSome = require('p-some');
const promises = [
Promise.resolve(1),
Promise.resolve(2),
Promise.reject(new Error('error')),
Promise.resolve(3)
];
pSome(promises, { count: 2 }).then(values => {
console.log(values); // [1, 2]
});
Handle rejected promises
This feature demonstrates how p-some handles rejected promises. In this example, we have an array of promises with some of them being rejected. p-some will still wait for the specified number of promises to be fulfilled and will return the resolved values. If it cannot fulfill the count due to too many rejections, it will throw an error.
const pSome = require('p-some');
const promises = [
Promise.resolve(1),
Promise.reject(new Error('error1')),
Promise.reject(new Error('error2')),
Promise.resolve(2)
];
pSome(promises, { count: 2 }).then(values => {
console.log(values); // [1, 2]
}).catch(error => {
console.error(error);
});
The p-any package waits for any promise to be fulfilled. It is similar to p-some but instead of waiting for a specified number of promises, it resolves as soon as any one of the promises resolves. This can be useful when you only need the first successful result.
The p-all package runs multiple promise-returning & async functions with optional concurrency control. It is different from p-some as it waits for all promises to be fulfilled, rather than a specified number. This is useful when you need to ensure all promises are resolved before proceeding.
The promise-settle package waits for all promises to settle (either fulfilled or rejected) and returns an array of their results. Unlike p-some, it does not stop at a specified number of fulfilled promises but instead provides the outcome of all promises. This is useful for getting a complete picture of all promise results.
Wait for a specified number of promises to be fulfilled
Useful when you need the fastest of multiple promises.
$ npm install p-some
Checks 4 websites and logs the 2 fastest.
import got from 'got';
import pSome from 'p-some';
const input = [
got.head('github.com').then(() => 'github'),
got.head('google.com').then(() => 'google'),
got.head('twitter.com').then(() => 'twitter'),
got.head('medium.com').then(() => 'medium')
];
const [first, second] = await pSome(input, {count: 2});
console.log(first, second);
//=> 'google twitter'
Returns a cancelable Promise
that is fulfilled when count
promises from input
are fulfilled. The fulfilled value is an Array
of the values from the input
promises in the order they were fulfilled. If it becomes impossible to satisfy count
, for example, too many promises rejected, it will reject with an AggregateError
error.
If you pass in cancelable promises, specifically promises with a .cancel()
method, that method will be called for the promises that are still unfulfilled when the returned Promise
is either fulfilled or rejected.
Type: Iterable<Promise | unknown>
An Iterable
collection of promises/values to wait for.
Type: object
Required
Type: number
Minimum: 1
Number of promises from input
that have to be fulfilled until the returned promise is fulfilled.
Type: Function
Receives the value resolved by the promise. Used to filter out values that doesn't satisfy a condition.
Exposed for instance checking.
Exposed for instance checking.
FAQs
Wait for a specified number of promises to be fulfilled
The npm package p-some receives a total of 455,476 weekly downloads. As such, p-some popularity was classified as popular.
We found that p-some demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.