Security News
The Risks of Misguided Research in Supply Chain Security
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
npm i worksmith --save
A seriously functional
workflow library, that lets you build composable and configurable process definitions for various reasons.
For a step by step tutorial click here
worksmith comes with an extensible task library
sequence
, parallel
and warezSequence
log
,sql/pg
map
, regex
, set
code
activity , create custom task types by creating files in the tasks folderwith worksmith you can build a complex async process chain from functional steps (tasks) - yet keep the application easy to understand and each functional step easy to developer and maintain. forget if(err) return next(err)
workflow steps are unaware about each other - they communicate over a shared context. WorkSmith provides an intuitive expression syntax for working with the context in a workflow definitions
This can be in a config file, or as part of your js code as a variable.
{ "task": "sequence",
"items": [
{
task:"log", message:"hello workflow"
},
{
task: "map",
">insertParams": ["@req.params.id", 1, 1]
},
{
task:"sql/pg",
connection: "@connection",
command: "insert into order (order_id, version, type) \
values ($1, $2, $3) returning id",
params: "@insertParams",
resultTo: "insertResult"
},
{...}
]
}
var worksmith = require('worksmith')
var workflow = worksmith('./workflow.json')
var context = {
connection:"postgres://login:pw@host/db",
other:"data"
}
workflow(context, function(err, result) {
console.log("workflow completed, %", context.insertResult)
})
worksmith lets you build your activities on a super easy way
Place the following code as "hello-world.js"
in the tasks
folder
var utils = require('worksmith')
module.exports = function (node) {
//use the node variable to access workflow params
return function(context) {
//use the context to access workflow execution state
return function(done) {
//set done when your acitivity finished its job
//read and write data from the context
console.log("Hello world", context.get(node.inParam))
context.set("myresult","myvalue")
done();
}
}
}
Now you can use it the same way as the core activities
var wf = workflow( {"task":"hello-world", "inParam":"some thing"} );
var ctx = {"some":"value"};
wf(ctx, function(err) {
console.log(ctx)
})
Write a log to the console
message
Waits a bit
duration
Like the name suggests
table data connection resultTo
Execute sub tasks in parallel
items array
Execute sub tasks in sequence
items array
Define a sequence on a patching compatible way
items array
Set variable on the workflow context
name value
FAQs
A purely functional workflow engine
The npm package worksmith receives a total of 65 weekly downloads. As such, worksmith popularity was classified as not popular.
We found that worksmith demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.