Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
What is wait-port?
The wait-port npm package is a utility that allows you to wait for a port on a host to become open. This is particularly useful in scenarios where you need to ensure that a service is up and running before proceeding with the next steps in your application or script. It can be used programmatically within your Node.js applications or as a command-line tool.
What are wait-port's main functionalities?
Waiting for a port programmatically
This feature allows you to wait for a specific port on a host to become open by using the wait-port package programmatically within your Node.js application. The `waitPort` function returns a promise that resolves to a boolean indicating whether the port opened before the timeout.
const waitPort = require('wait-port');
const params = {
host: 'localhost',
port: 3000
};
waitPort(params).then((open) => {
if(open) console.log('The port is now open!');
else console.log('The port did not open before the timeout.');
});Using wait-port as a CLI tool
wait-port can also be used as a command-line tool. This example demonstrates how to wait for port 3000 on localhost to become open by using wait-port in the terminal. It's useful for scripting and automation tasks outside of Node.js applications.
wait-port --host localhost --port 3000Other packages similar to wait-port
wait-on
wait-on is a similar package that provides more general functionality for waiting on resources to become available. It supports waiting on file system paths, HTTP(S) resources, and TCP ports. Compared to wait-port, wait-on offers a broader range of features but with a similar core functionality of waiting for ports.
tcp-port-used
tcp-port-used is a package that allows you to check if a TCP port is already in use. It can be used to wait for a port to become free or to check if a port is currently occupied. While it offers similar functionality for checking port status, it doesn't provide a built-in mechanism to wait for a port to open, making it slightly less convenient for scenarios where waiting is required.
wait-port
Simple binary to wait for a port to open. Useful when writing scripts which need to wait for a server to be available.
- Creating
docker-composecommands which wait for servers to start - Wait for an HTTP endpoint to successfully respond
- Wait for DNS records to be resolvable
- Wait for application servers to start
Installation
Install globally with npm:
$ npm install -g wait-port
If installing locally, run the binary from the local node modules binary folder:
$ npm install wait-port
wait-port@0.1.3
$ ./node_modules/.bin/wait-port 8080
Waiting for localhost:8080.....
Connected!
Ideally, Node LTS should be used however this package is tested successfully with Node.js 10 and upwards.
Please avoid using version 0.2.13 - this incorrectly included a breaking change. Use 0.2.14 if you need compatibility with Node 8, or 0.3.0 or upwards otherwise.
Usage
To wait indefinitely for a port to open, just use:
$ wait-port localhost:3000
To wait for a port to open, but limit to a certain timeout, use:
$ wait-port -t 10000 localhost:3000
To wait for an HTTP endpoint to respond with a 200 class status code, include the http:// protocol:
$ wait-port http://:3000/healthcheck
Parameters
The following parameters are accepted:
| Parameter | Usage |
|---|---|
<target> | Required. The target to test for. Can be just a port, a colon and port (as one would use with httpie or host and port. Examples: 8080, :3000, 127.0.0.1:443. |
--output, -o | Optional. Output style to use. Can be dots (default) or silent (no output). |
--timeout, -t | Optional. Timeout (in milliseconds). |
--wait-for-dns | Optional. Do not error if the response is ENOTFOUND, just keep on waiting (useful if you are waiting for a DNS record to also be created). |
Error Codes
The following error codes are returned:
| Code | Meaning |
|---|---|
0 | The specified port on the host is accepting connections. |
1 | A timeout occurred waiting for the port to open. |
2 | An unknown error occurred waiting for the port to open. The program cannot establish whether the port is open or not. |
3 | The address cannot be found (e.g. no DNS entry, or unresolvable). |
4 | The target (host and port) is invalid. |
API
You can use wait-port programmatically:
const waitPort = require('wait-port');
const params = {
host: 'google.com',
port: 443,
};
waitPort(params)
.then(({ open, ipVersion }) => {
if (open) console.log(`The port is now open on IPv${ipVersion}!`);
else console.log('The port did not open before the timeout...');
})
.catch((err) => {
console.err(`An unknown error occured while waiting for the port: ${err}`);
});
The CLI is a very shallow wrapper around this function. The params object takes the following parameters:
| CLI Parameter | API Parameter | Notes |
|---|---|---|
<target> | host | Optional. Defaults to localhost. |
<target> | port | Required. Port to wait for. |
--output | output | Optional. Defaults to dots. Output style to use. silent also accepted. |
--timeout, -t | timeout | Optional. Defaults to 0. Timeout (in milliseconds). If 0, then the operation will never timeout. |
--wait-for-dns | waitForDns | Optional. Defaults to false. |
Developer Guide
This module uses:
| Name | Usage |
|---|---|
chalk | Terminal output styling. |
commander.js | Utility for building commandline apps. |
debug | Utility for debug output. |
mocha / nyc | Test runner / coverage. |
Debugging
This module use debug for debug output. Set DEBUG=wait-port to see detailed diagnostic information:
DEBUG=wait-port wait-for -t 10000 localhost:6234
This will also work for any code which uses the API.
Testing
Run unit tests with npm test. Coverage is reported to artifacts/coverage.
Debug unit tests with npm run debug. Add a debugger statement to the line you are interested in, and consider limiting scope with .only.
Run tests continuously, watching source with npm run test:watch.
Testing the CLI
Don't install the package to test the CLI. Instead, in the project folder run npm link. Now go to whatever folder you want to use the module in and run npm link wait-port. It will symlink the package and binary. See npm link for more details.
Manpage
Installing the CLI will install the manpage. The manpage is at ./man/wait-port.1. After updating the page, test it with man ./man/wait-port.1 before publishing, as the format can be tricky to work with.
Releasing
Kick out a new release with:
npm run release
git push --follow-tags
npm publish
standard-version is used to manage version numbers and the CHANGELOG.md file.
CI/CD
CI/CD runs as a set of GitHub actions. There are two pipelines:
- Validate Pull Request - confirms that a PR meets the required standardsd
- Release Please - prepares changelogs and release PRs, and publishes to NPM
Timeouts
The timeout option for waitPort is used terminate attempts to open the socket after a certain amount of time has passed. Please note that operations can take significantly longer than the timeout. For example:
const promise = waitPort({ port: 9000, interval: 10000 }, 2000);
In this case, the socket will only attempt to connect every ten seconds. So on the first iteration, the timeout is not reached, then another iteration will be scheduled for after ten seconds, meaning the timeout will happen eight seconds later than one might expect.
The waitPort promise may take up to interval milliseconds greater than timeout to resolve.
FAQs
Utility to wait for a TCP port to open.
The npm package wait-port receives a total of 1,530,037 weekly downloads. As such, wait-port popularity was classified as popular.
We found that wait-port demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 20 Sep 2023
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024