Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
standard-as-callback
Advanced tools
Package description
The standard-as-callback npm package is designed to convert standard Node.js style callback functions into a format that can be used with promises. This is particularly useful when working with older Node.js APIs or third-party libraries that do not return promises natively. By wrapping these functions with standard-as-callback, developers can work with them using promise chains or async/await syntax, which can lead to cleaner and more maintainable code.
Converting callback to promise
This feature allows you to convert a standard Node.js callback-style function into a promise. In the code sample, the fs.readFile function, which normally takes a callback, is converted into a promise-returning function using standard-as-callback. This allows for the use of .then() and .catch() for handling the asynchronous operation.
const standardAsCallback = require('standard-as-callback');
const fs = require('fs');
const readFilePromise = standardAsCallback(fs.readFile);
readFilePromise('example.txt', 'utf8').then(content => {
console.log(content);
}).catch(error => {
console.error(error);
});
Built into Node.js, util.promisify converts a callback-based function into a promise-based one. It is similar to standard-as-callback but is a native utility, which means it does not require an additional package installation. It is widely used due to its availability in the Node.js standard library.
Bluebird is a full-featured promise library that includes utilities for converting callback-based functions into promises. It offers a method called .promisify() which serves a similar purpose to standard-as-callback. Bluebird also provides a rich set of features for controlling flow and handling concurrency, which makes it more powerful but also larger in size compared to standard-as-callback.
Pify is a lightweight promise utility that can convert functions using the Node.js callback pattern to return promises. It is similar to standard-as-callback but offers additional options for customizing the behavior of the promisified functions, such as the ability to promisify methods of an object or to exclude certain functions based on a filter.
Readme
A performant and standard (Bluebird) library that registers a node-style callback on a promise.
$ npm install standard-as-callback
const asCallback = require('standard-as-callback')
const promise = new Promise(function (resolve) {
setTimeout(function () {
resolve('hello world!')
}, 1000)
})
asCallback(promise, function callback (err, res) {
console.log(err, res) // null, 'hello world!'
})
Most code of this library are ported from the awesome Bluebird library.
The MIT License.
FAQs
A performant and standard (Bluebird) library that registers a node-style callback on a promise
We found that standard-as-callback demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.