Security News
Deno 2.6 + Socket: Supply Chain Defense In Your CLI
Deno 2.6 introduces deno audit with a new --socket flag that plugs directly into Socket to bring supply chain security checks into the Deno CLI.
By Sarah Gooding -  Dec 12, 2025
🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
wen
You're waiting for some arbitrary thing to load in your browser, or for something to happen, but that thing doesn't have an evented interface. What a pain in the butt.
wen to the rescue!
Usage
var wen = require('wen');
var truth = wen();
var somePredicate; // Currently falsy
truth.on('the-thing-happened', function () {
console.log('React to the thing that happened here!');
});
truth.add(function () {
// At some point, some external force made somePredicate truthy
return somePredicate;
}, 'the-thing-happened');
Install
NodeJS, Browserify, etc. (CommonJS)
npm install wen --save
Good ol' fashioned Browser
Copy this into your HTML somewhere.
<script src="https://raw.githubusercontent.com/basicallydan/wen/master/dist/wen.1.0.1.min.js"></script>
<!-- If I want to do this properly I will download it and place it in my source code somewhere -->
Simple.
How does it work?
Easy: you give it a predicate and some event name (whatever you want!), it checks every 1000ms (or less, or more, if you specify) if that predicate is truthy. When it finally is truthy, it'll trigger that event name. It extends an Event Emitter, so in fact it will also have all of the methods of the event emitter, such as .once and .trigger.
Dependencies
There are only two direct dependencies. For the compiled .min.js version they are bundled so don't worry about it. They are:
- Wolfy87's Event Emitter, a lightweight event emitter which works well in browsers as well as in NodeJS.
- âś“ Has no dependencies.
- vmattos's JS Extend, inspired by the Underscore _.extend method.
- âś“ Also has no dependencies.
This makes for a total of two dependencies. You could probably read the entire source in about half an hour. I dare you.
Changes
- 1.0.1: I forgot to make it browser friendly and didn't account for a dev error which I should've done. Now I have.
- 1.0.0: First.
"FAQ"
I cloned your repo what are those makefile files for?
Contributors who want to bundle the JS into the minified form (for the spec, too). Don't touch 'em unless you know what you're doing!
Can I contribute?
Sure you can! If you have a suggestion, make an issue. If you've fixed something, open a pull request. This is a very simple module.
Who made this, and when?!
Dan Hough (@basicallydan on Twitter and everywhere) did, while he was working as a contractor for upmysport.
FAQs
Triggers events based on the truthiness of predicate methods
The npm package wen receives a total of 10 weekly downloads. As such, wen popularity was classified as not popular.
We found that wen demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 10 Sep 2014
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
New React Server Components Vulnerabilities: DoS and Source Code Exposure
New DoS and source code exposure bugs in React Server Components and Next.js: what’s affected and how to update safely.
By Sarah Gooding -  Dec 12, 2025
Security News
Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk
Socket CEO Feross Aboukhadijeh joins Software Engineering Daily to discuss modern software supply chain attacks and rising AI-driven security risks.
By Sarah Gooding -  Dec 11, 2025