Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
signal-exit
Advanced tools
The signal-exit package is used to capture and handle events that indicate Node.js process is about to exit. This includes handling of signals like SIGINT and SIGTERM, as well as normal process termination. It allows developers to register callbacks that can perform cleanup or other final actions before the process exits.
Capture exit events
This feature allows you to capture any kind of exit, whether it's due to a signal or a normal exit. The callback function is called with the exit code and the signal that caused the exit, if applicable.
const onExit = require('signal-exit');
const removeExitHandler = onExit(function (code, signal) {
console.log('Process is exiting with code:', code, 'and signal:', signal);
});
// Later, if you decide you do not want to handle the exit:
removeExitHandler();
Unregister exit handler
This feature allows you to unregister a previously registered exit handler. This is useful if the exit handling logic is no longer needed, or if you want to replace it with a different handler.
const onExit = require('signal-exit');
const removeExitHandler = onExit(function () {
// cleanup logic here
});
// When you no longer need to handle exits:
removeExitHandler();
The exit-hook package provides similar functionality to signal-exit, allowing developers to register callbacks that are executed when the process exits. It also captures uncaught exceptions and unhandled promise rejections. Compared to signal-exit, exit-hook may offer a simpler API but might not handle all the edge cases that signal-exit does.
async-exit-hook is another package that allows you to run asynchronous code when the process exits. It is similar to signal-exit but focuses on supporting asynchronous operations during the exit handling. This can be particularly useful for ensuring that database connections are closed or files are written before the process terminates.
The death package (also known as DEATH on npm) is a simple utility to make handling UNIX signals and uncaught exceptions in Node.js easier. It provides a straightforward way to clean up after your script without much fuss. Compared to signal-exit, death has a more focused scope and does not handle normal process termination.
When you want to fire an event no matter how a process exits:
process.exit(code)
called.process.kill(pid, sig)
called.Use signal-exit
.
// Hybrid module, either works
import { onExit } from 'signal-exit'
// or:
// const { onExit } = require('signal-exit')
onExit((code, signal) => {
console.log('process exited!', code, signal)
})
remove = onExit((code, signal) => {}, options)
The return value of the function is a function that will remove the handler.
Note that the function only fires for signals if the signal would cause the process to exit. That is, there are no other listeners, and it is a fatal signal.
If the global process
object is not suitable for this purpose
(ie, it's unset, or doesn't have an emit
method, etc.) then the
onExit
function is a no-op that returns a no-op remove
method.
alwaysLast
: Run this handler after any other signal or exit
handlers. This causes process.emit
to be monkeypatched.If the handler returns an exact boolean true
, and the exit is a
due to signal, then the signal will be considered handled, and
will not trigger a synthetic process.kill(process.pid, signal)
after firing the onExit
handlers.
In this case, it your responsibility as the caller to exit with a
signal (for example, by calling process.kill()
) if you wish to
preserve the same exit status that would otherwise have occurred.
If you do not, then the process will likely exit gracefully with
status 0 at some point, assuming that no other terminating signal
or other exit trigger occurs.
Prior to calling handlers, the onExit
machinery is unloaded, so
any subsequent exits or signals will not be handled, even if the
signal is captured and the exit is thus prevented.
Note that numeric code exits may indicate that the process is already committed to exiting, for example due to a fatal exception or unhandled promise rejection, and so there is no way to prevent it safely.
The 'signal-exit/browser'
module is the same fallback shim that
just doesn't do anything, but presents the same function
interface.
Patches welcome to add something that hooks onto
window.onbeforeunload
or similar, but it might just not be a
thing that makes sense there.
FAQs
when you want to fire an event no matter how a process exits.
The npm package signal-exit receives a total of 90,889,169 weekly downloads. As such, signal-exit popularity was classified as popular.
We found that signal-exit demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.