Code Monkey home page Code Monkey logo

node-task-pool's Introduction

@antmind/task-pool

Latest version NPM Github Actions build Codacy Badge codecov License

English | 简体中文

@antmind/task-pool is a simple Node.js functional tasks pool implementation, supported both synchronous and asynchronous functions.

Installation

  • Using NPM:

    npm install --save @antmind/task-pool

  • Using Yarn:

    yarn add @antmind/task-pool

Getting Started

  1. Import TaskPool and Task from @antmind/task-pool.

  2. Create a new task pool instance, and you can set concurrency limit if you need.

  3. Create tasks instance and add them into task pool.

  4. Call exec() method to execute functions.

Example

import { Task, TaskPool } from '@antmind/task-pool';

const pool = new TaskPool();

for (let i = 5; i > 0; i -= 1) {
  const task = new Task((val: any) => val, i);
  pool.addTask(task);
}

pool.exec().then((data: any) => console.log(data));
// [ 5, 4, 3, 2, 1 ]

Concurrency Control

You can limit the task concurrency number by concurrency option, and this value must equal or greater than 0.

import { Task, TaskPool } from '@antmind/task-pool';

const pool = new TaskPool({ concurrency: 3 });

for (let i = 5; i > 0; i -= 1) {
  pool.addTask(
    new Task(
      (val: any) => new Promise((resolve: Function) => {
        setTimeout(
          () => {
            console.log(`num: ${val}`);
            resolve(val);
          },
          val * 100,
        );
      }),
      i,
    ),
  );
}

pool.exec().then((data) => console.log(data));
// num: 3
// num: 4
// num: 5
// num: 1
// num: 2
// [ 5, 4, 3, 2, 1 ]

Unlimited concurrency mode

You can set concurrency option as 0 to enable unlimited concurrency mode, it's similar with Promise.all.

import { Task, TaskPool } from '@antmind/task-pool';

const pool = new TaskPool({ concurrency: 0 });

for (let i = 5; i > 0; i -= 1) {
  pool.addTask(
    new Task(
      (val: any) => new Promise((resolve: Function) => {
        setTimeout(
          () => {
            console.log(`num: ${val}`);
            resolve(val);
          },
          val * 100,
        );
      }),
      i,
    ),
  );
}

pool.exec().then((data) => console.log(data));
// num: 1
// num: 2
// num: 3
// num: 4
// num: 5
// [ 5, 4, 3, 2, 1 ]

Configurations

  • concurrency: The tasks maximum concurrency limit number, it should be a integer number greater or equals to 0, and the default value is 30. Set this option value to 0 to enable unlimited concurrency mode.

  • throwsError: Throw error when some task failed if this option set to true, and do not throw error if set to false (you can get errors by getErrors() method). The default value is true.

APIs

Class TaskPool

Constructor

  • constructor()

  • constructor(options: TaskPoolOptions)

  • constructor(task: Task | Task[], options?: TaskPoolOptions)

Methods

  • exec(): Promise<any[]>

    Execute all tasks in the pool, and it'll return a result array after executing.

  • addTask(task: Task): number

    Add a task into task pool, and it'll return the task id.

  • addTasks(tasks: Task[]): number[]

    Add a tasks array into task pool, and it'll return the tasks' id.

  • setConcurrency(concurrency: number): void

    Set concurrency limits.

  • getErrors(): Array<Error | undefined>

    Get errors of last execution, and the index of error is same as task index.

  • getTask(id: number): Task | null

    Get task by id.

Class Task

Constructor

  • constructor(func: Function, ...args: any[])

Method

  • exec(): any

    Execute this task.

  • setArgs(...args: any[]): void

    Set function arguments.

License

This project has been published under MIT license, you can get more detail in LICENSE file.

node-task-pool's People

Contributors

dependabot[bot] avatar ghosind avatar mend-bolt-for-github[bot] avatar

Stargazers

avatar

Watchers

avatar avatar

node-task-pool's Issues

CVE-2021-23343 (High) detected in path-parse-1.0.6.tgz - autoclosed

CVE-2021-23343 - High Severity Vulnerability

Vulnerable Library - path-parse-1.0.6.tgz

Node.js path.parse() ponyfill

Library home page: https://registry.npmjs.org/path-parse/-/path-parse-1.0.6.tgz

Path to dependency file: node-task-pool/package.json

Path to vulnerable library: node-task-pool/node_modules/path-parse/package.json

Dependency Hierarchy:

  • eslint-plugin-import-2.22.1.tgz (Root Library)
    • resolve-1.19.0.tgz
      • path-parse-1.0.6.tgz (Vulnerable Library)

Found in HEAD commit: 29eecba87ee18e9d583a087f2346cb2c93175292

Found in base branch: main

Vulnerability Details

All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.

Publish Date: 2021-05-04

URL: CVE-2021-23343

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: jbgutierrez/path-parse#8

Release Date: 2021-05-04

Fix Resolution: path-parse - 1.0.7

Step up your Open Source Security Game with WhiteSource here

CVE-2020-28500 (Medium) detected in lodash-4.17.20.tgz

CVE-2020-28500 - Medium Severity Vulnerability

Vulnerable Library - lodash-4.17.20.tgz

Lodash modular utilities.

Library home page: https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz

Path to dependency file: node-task-pool/package.json

Path to vulnerable library: node-task-pool/node_modules/lodash/package.json

Dependency Hierarchy:

  • eslint-plugin-4.15.0.tgz (Root Library)
    • lodash-4.17.20.tgz (Vulnerable Library)

Found in HEAD commit: 2480b4da976ca3c7d4d68e7b01c9e3c4ff861e75

Found in base branch: main

Vulnerability Details

All versions of package lodash; all versions of package org.fujion.webjars:lodash are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions. Steps to reproduce (provided by reporter Liyuan Chen): var lo = require('lodash'); function build_blank (n) { var ret = "1" for (var i = 0; i < n; i++) { ret += " " } return ret + "1"; } var s = build_blank(50000) var time0 = Date.now(); lo.trim(s) var time_cost0 = Date.now() - time0; console.log("time_cost0: " + time_cost0) var time1 = Date.now(); lo.toNumber(s) var time_cost1 = Date.now() - time1; console.log("time_cost1: " + time_cost1) var time2 = Date.now(); lo.trimEnd(s) var time_cost2 = Date.now() - time2; console.log("time_cost2: " + time_cost2)

Publish Date: 2021-02-15

URL: CVE-2020-28500

CVSS 3 Score Details (5.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: Low

For more information on CVSS3 Scores, click here.

Step up your Open Source Security Game with WhiteSource here

CVE-2021-23337 (High) detected in lodash-4.17.20.tgz

CVE-2021-23337 - High Severity Vulnerability

Vulnerable Library - lodash-4.17.20.tgz

Lodash modular utilities.

Library home page: https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz

Path to dependency file: node-task-pool/package.json

Path to vulnerable library: node-task-pool/node_modules/lodash/package.json

Dependency Hierarchy:

  • eslint-plugin-4.15.0.tgz (Root Library)
    • lodash-4.17.20.tgz (Vulnerable Library)

Found in HEAD commit: 2480b4da976ca3c7d4d68e7b01c9e3c4ff861e75

Found in base branch: main

Vulnerability Details

All versions of package lodash; all versions of package org.fujion.webjars:lodash are vulnerable to Command Injection via template.

Publish Date: 2021-02-15

URL: CVE-2021-23337

CVSS 3 Score Details (7.2)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: High
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Step up your Open Source Security Game with WhiteSource here

CVE-2021-35065 (High) detected in glob-parent-5.1.2.tgz - autoclosed

CVE-2021-35065 - High Severity Vulnerability

Vulnerable Library - glob-parent-5.1.2.tgz

Extract the non-magic parent path from a glob string.

Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/glob-parent/package.json

Dependency Hierarchy:

  • mocha-9.2.2.tgz (Root Library)
    • chokidar-3.5.3.tgz
      • glob-parent-5.1.2.tgz (Vulnerable Library)

Found in base branch: main

Vulnerability Details

The package glob-parent from 6.0.0 and before 6.0.1 are vulnerable to Regular Expression Denial of Service (ReDoS)

Publish Date: 2021-06-22

URL: CVE-2021-35065

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-cj88-88mr-972w

Release Date: 2021-06-22

Fix Resolution: glob-parent - 6.0.1

Step up your Open Source Security Game with Mend here

CVE-2021-23566 (Medium) detected in nanoid-3.1.20.tgz - autoclosed

CVE-2021-23566 - Medium Severity Vulnerability

Vulnerable Library - nanoid-3.1.20.tgz

A tiny (108 bytes), secure URL-friendly unique string ID generator

Library home page: https://registry.npmjs.org/nanoid/-/nanoid-3.1.20.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/nanoid/package.json

Dependency Hierarchy:

  • mocha-8.4.0.tgz (Root Library)
    • nanoid-3.1.20.tgz (Vulnerable Library)

Found in base branch: main

Vulnerability Details

The package nanoid before 3.1.31 are vulnerable to Information Exposure via the valueOf() function which allows to reproduce the last id generated.

Publish Date: 2022-01-14

URL: CVE-2021-23566

CVSS 3 Score Details (5.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Local
    • Attack Complexity: Low
    • Privileges Required: Low
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: High
    • Integrity Impact: None
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23566

Release Date: 2022-01-14

Fix Resolution: nanoid - 3.1.31

Step up your Open Source Security Game with WhiteSource here

WS-2021-0638 (High) detected in mocha-9.2.2.tgz - autoclosed

WS-2021-0638 - High Severity Vulnerability

Vulnerable Library - mocha-9.2.2.tgz

simple, flexible, fun test framework

Library home page: https://registry.npmjs.org/mocha/-/mocha-9.2.2.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/mocha/package.json

Dependency Hierarchy:

  • mocha-9.2.2.tgz (Vulnerable Library)

Found in base branch: main

Vulnerability Details

There is regular Expression Denial of Service (ReDoS) vulnerability in mocha.
It allows cause a denial of service when stripping crafted invalid function definition from strs.

Publish Date: 2021-09-18

URL: WS-2021-0638

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://huntr.dev/bounties/1d8a3d95-d199-4129-a6ad-8eafe5e77b9e/

Release Date: 2021-09-18

Fix Resolution: https://github.com/mochajs/mocha/commit/61b4b9209c2c64b32c8d48b1761c3b9384d411ea

Step up your Open Source Security Game with Mend here

CVE-2022-0235 (Medium) detected in node-fetch-2.6.1.tgz - autoclosed

CVE-2022-0235 - Medium Severity Vulnerability

Vulnerable Library - node-fetch-2.6.1.tgz

A light-weight module that brings window.fetch to node.js

Library home page: https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.1.tgz

Path to dependency file: /package.json

Path to vulnerable library: /node_modules/node-fetch/package.json

Dependency Hierarchy:

  • codecov-3.8.2.tgz (Root Library)
    • teeny-request-7.0.1.tgz
      • node-fetch-2.6.1.tgz (Vulnerable Library)

Found in base branch: main

Vulnerability Details

node-fetch is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

Publish Date: 2022-01-16

URL: CVE-2022-0235

CVSS 3 Score Details (6.1)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: Required
    • Scope: Changed
  • Impact Metrics:
    • Confidentiality Impact: Low
    • Integrity Impact: Low
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-r683-j2x4-v87g

Release Date: 2022-01-16

Fix Resolution: node-fetch - 2.6.7,3.1.1

Step up your Open Source Security Game with WhiteSource here

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.