![Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack](https://cdn.sanity.io/images/cgdhsj6q/production/6af25114feaaac7179b18127c83327568ff592d1-1024x1024.webp?w=800&fit=max&auto=format)
Security News
Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
underscore.deferred
Advanced tools
Readme
v0.4.0 (jQuery 1.8.3)
This is a port of jQuery.Deferred as an Underscore mixin, but it can be used without any depencencies. It currently matches the Deferred specifications and implementation from jQuery 1.8.0, with all the associated helpers.
jQuery offers a robust, consistent and well documented API; this project aims to make it portable. jQuery added a handful of helper methods to their implementation of the Common.js Promises/A Spec and they're faithfully reproduced without any dependencies.
underscore.deferred works on the server and in the browser.
In the browser, just require it like you would any other file. If you're
including Underscore on the page, make sure you include it before
underscore.deferred. If you don't have Underscore, the plugin attaches to
window._
.
On the server, simply install via npm and include it with require:
var _ = require('underscore.deferred');
var dfd = new _.Deferred(); // tada!
Or if you'd like to use it as an Underscore or Lodash mixin:
var _ = require('underscore');
_.mixin( require('underscore.deferred') );
Underscore isn't a strict requirement, and assigning it to another name will always work.
Addionally, underscore.Deferred can be used with Ender.js, if you're still into that sort of thing.
So far, there are only 2 substantial differences between the jQuery API and underscore.deffered's. This may change in the future as new or divergent functionality is tested out, but rest assured that all differences will be called out here (and will have proper test coverage.)
###_.when
underscore.deferred will apply
an Array if it's the only argument, providing a
useful shortcut for using when
with an array of promises. Example:
var form = _.Deferred();
var auth = _.Deferred();
var promises = [ form.promise(), auth.promise() ];
_.when(promises).done(function(){
// ...
});
form.resolve();
auth.resolve();
###_.then
Inspired by @domenic's Promises/A compliance suite (and the accompanying gist), the 0.4.0 release of underscore.deferred diverges from jQuery's implementation slightly.
First, throwing an error from within a handler in then
will reject the
deferred object issued by then
with the error message. Example:
var dfd = _.Deferred();
dfd.then(function(){
throw new Error("Oops!");
}).fail(function( err ){
console.log(err.message); // "Oops!"
});
dfd.resolve();
This behavior alone isn't divergent from jQuery (all tests pass). It's handy for bubbling errors from callbacks without entering callback hell.
Second, when chaining then
's or using the new deferred object issued by a
call to then
the state of the first deferred is not passed to
subsequent calls to then
. Example:
var dfd = _.Deferred();
dfd.then(null, function( a, b ){
return a * b;
}).then(function( value ){
equal(value, 6); // the second deferred is resolved
}, function(){
// reject handler never called
});
dfd.reject(2, 3); // the first deferred in the chain is rejected
When paired with the first behavior, it makes chaining deferred's even more useful.
Unfortunately, this second point is divergent from jQuery's implementation, with one failing test. jQuery maintains the state of the first deferred object unless the handler returns a new deferred.
Here's an example of the "old" behavior (what's currently in jQuery 1.8.3):
var dfd = _.Deferred();
dfd.then(null, function( a, b ){
return a * b;
}).then(function(){
// resolve handler never called
}, function( value ){
equal(value, 6); // the second deferred is also rejected
});
dfd.reject(2, 3); // the first deferred in the chain is rejected
In the spirit of fidelity to Promises/A, underscored.deferred favors the new behavior.
underscore.deferred is an implementation of the jQuery.Deferred API. Here are some of the methods implemented:
For the complete API documentation, see jQuery's Documentation.
This project wouldn't exist if not for the the hard work and effort put into jQuery by its core team and contributors--thanks for making this possible!
One time setup command:
$ npm install
To build with grunt
$ grunt
To run headless Qunit tests (must have phantomjs in your path)
$ grunt qunit
The goal is to slim the code footprint for robust deferreds as much as possible while maintaining mixin integration with Underscore and faithfullness to the jQuery API.
This is a work in progress, feel free to contribute.
0.4.0 - adding divergent behavior for _.then
0.3.1 - updating to match jQuery 1.8.3
0.3.0 - adding divergent behavior for _.when
0.2.0 - updating to match jQuery 1.8.0
0.1.4 - updating to match jQuery 1.7.2; Please note that as of 0.1.4 underscore.deferred will be ALL LOWERCASE on
npm. The camelcasing was a mistake from the outset, please update your
package.json
appropriately.
MIT License.
FAQs
jQuery style Deferreds
The npm package underscore.deferred receives a total of 71,078 weekly downloads. As such, underscore.deferred popularity was classified as popular.
We found that underscore.deferred demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.
Security News
A JavaScript library maintainer is under fire after merging a controversial PR to support legacy versions of Node.js.