Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
queue_do
异步队列同步化,支持递归嵌套
基于nodejs模块封装,同样适用于前端的异步同步化。
#安装
npm install queuedo
web版见:lib/queue_do_webjs.js
#原理和使用
文章见:http://www.html-js.com/?p=1474
支持异步同步化 同步化后成队列后执行回调方法 也可以异步处理队列,同时处理完毕后调用回调方法 具体见代码中的注释
- @param array list 需要处理的数据的数组,作为参数传入handle_func第一个参数。
- @param function handle_func 处理方法,第一个参数为数组的一个元素,第二个参数传入的是下一个loop方法,第三个参数是其loop的context
- @param function next_func 队列处理完毕后调用的方法。
- @param boolen isAsyn 是否异步,如果是true,则不会同步化,可以利用next_func获取处理完毕的信号
#一个例子,递归遍历某个文件夹下所有的图片并压缩到1000宽度。
var fs = require('fs');
var path = require('path');
//源文件
var source = '/Applications/XAMPP/xamppfiles/htdocs/htmljs';
//目标文件
var target = '/Applications/XAMPP/xamppfiles/htdocs/htmljs_temp';
//引入gm做图片处理器
var gm = require('gm');
var imageMagick = gm.subClass({
imageMagick: true
});
var queue_do=require("./queue_do.js")
var walk=function(_path,callback,next_func){
var list=[]
if(fs.existsSync(_path)){
var stat=fs.statSync(_path)
if(stat.isDirectory()){
fs.readdir(_path,function(error,files){
queue_do(files,function(__path,next,context){
walk(_path+"/"+__path,callback,function(){
next.call(context)
})
},function(){
next_func()
})
})
}else{
callback(_path)
next_func()
}
}
}
walk(source,function(list){
console.log(list)
},function(){
console.log("all finish!")
})
几个异步方法的同步化: 下面的例子是同步去请求豆瓣三个api,最后请求完后显示出来的例子。 只是示例,完整程序的一部分,不能运行。
var queuedo=require("queuedo");
var Douban = require("douban");
module.exports = function(req, res) {
var config = {
app_key:"0bb4b9fc67f9b013231e2df537ed1039",
app_secret:"e7434521cb0c70ad",
redirect_uri:"http://localhost:8080/sina_auth_cb",
access_token:req.cookies.token
}
var api = new Douban(config);
var datas=[
]
var functions=[
function(callback){
api.shuo.statuses({
source:config.app_key,
text:"hello nodejs"+Math.random()
},function(error,data){
datas.push({
api:"shuo.statuses",
data:data
});
callback();
});
}, function(callback){
api.shuo.home_timeline({},function(error,data){
datas.push({
api:"shuo.home_timeline",
data:data
})
callback();
});
}, function(callback){
api.shuo.user_timeline({
screen_name:"mier963"
},function(error,data){
datas.push({
api:"shuo.user_timeline",
data:data
})
callback();
});
}];
queuedo(functions,function(func,next,context){
func(function(){
next.call(context);
});
},function(){
res.render("shuo.html",{
data:datas
})
});
}
Keywords
FAQs
We found that queuedo demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 18 Jun 2014
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026