isaacs / inflight Goto Github PK
View Code? Open in Web Editor NEWAdd callbacks to requests in flight to avoid async duplication
Add callbacks to requests in flight to avoid async duplication
Veracode has detected a memory leak vulnerability
It seems like the most recent version of inflight has a vulnerability https://cwe.mitre.org/data/definitions/772.html
When writing tests for libraries that use node-glob
, I find that sometimes matches aren't emitted because I'm using the same file path in a bunch of tests. When I remove the inflight
code from node-glob
or run the tests individually, they all pass.
I saw that you made this commit about a year ago to handle when new callbacks are added. I'm not sure what a fix for this would be (or if it even belongs here).
Preliminary note. I didn't installed inflight directly, it's just a package that glob uses.
$ npm list inflight
[email protected] path/to/myLibrary
`-- [email protected]
`-- [email protected]
I'm developing a CLI apps that scans a set of files in the user's disk. Sometimes, it stops working throwing the following log:
<--- Last few GCs --->
[7828:000001CAE9906BF0] 729 ms: Mark-sweep 27.1 (94.3) -> [...] allocation failure GC in old space requested
[7828:000001CAE9906BF0] 754 ms: Mark-sweep 27.1 (94.3) -> [...] last resort
[7828:000001CAE9906BF0] 780 ms: Mark-sweep 27.1 (32.3) -> [...] last resort
<--- JS stacktrace --->
==== JS stack trace =========================================
Security context: 000002CEAE928799 <JSObject>
1: _readdirEntries [path\to\myLibrary\node_modules\glob\glob.js:~559] [pc=000002F43C32198C](this=0000001978260B49 <Glob map = 000000777A7EB871>,abs=0000027C3514ED71 [...]
FATAL ERROR: CALL_AND_RETRY_LAST Allocation failed - JavaScript heap out of memory
So, I've inspected the Node's process' heap usage (node --inspect myLibrary.js) and got the following result, in which the inflight module is the most expensive package in terms of retained size.
In NPM inflight there is a Memory Leak because some resources are not freed correctly after being used. It appears to affect all versions, as the issue was not addressed and no fix is found. NOTE: In the meantime, logdna-agent, a package that depends on inflight, has merged a commit to address this solely in their package (so it should be fixed in logdna-agent in versions 1.6.5 and later). Node-glob, a package that also depends on inflight, was also planning to address this by not using inflight after version 8 is released, but it is still being used.
[react-native @ 0.73.6]
@react-native-community/cli-platform-android @ 12.3.6
[glob @ 7.2.3]
[inflight @ 1.0.6]
I saw this error after an npm install:
Error: Cannot find module 'wrappy'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:581:15)
at Function.Module._load (internal/modules/cjs/loader.js:507:25)
at Module.require (internal/modules/cjs/loader.js:637:17)
at require (internal/modules/cjs/helpers.js:20:18)
at Object.<anonymous> (/home/oleg/codes/sce/suman-chrome-extension/node_modules/inflight/inflight.js:1:14)
at Module._compile (internal/modules/cjs/loader.js:689:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:700:10)
at Module.load (internal/modules/cjs/loader.js:599:32)
at tryModuleLoad (internal/modules/cjs/loader.js:538:12)
at Function.Module._load (internal/modules/cjs/loader.js:530:3)
Here is the package.json for inflight:
{
"_args": [
[
"[email protected]",
"/home/oleg/codes/sce/suman-chrome-extension"
]
],
"_development": true,
"_from": "[email protected]",
"_id": "[email protected]",
"_inBundle": false,
"_integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=",
"_location": "/inflight",
"_phantomChildren": {},
"_requested": {
"type": "version",
"registry": true,
"raw": "[email protected]",
"name": "inflight",
"escapedName": "inflight",
"rawSpec": "1.0.6",
"saveSpec": null,
"fetchSpec": "1.0.6"
},
"_requiredBy": [
"/glob",
"/glob-stream/glob",
"/stylus/glob",
"/true-case-path/glob"
],
"_resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz",
"_spec": "1.0.6",
"_where": "/home/oleg/codes/sce/suman-chrome-extension",
"author": {
"name": "Isaac Z. Schlueter",
"email": "[email protected]",
"url": "http://blog.izs.me/"
},
"bugs": {
"url": "https://github.com/isaacs/inflight/issues"
},
"dependencies": {
"once": "^1.3.0",
"wrappy": "1"
},
"description": "Add callbacks to requests in flight to avoid async duplication",
"devDependencies": {
"tap": "^7.1.2"
},
"files": [
"inflight.js"
],
"homepage": "https://github.com/isaacs/inflight",
"license": "ISC",
"main": "inflight.js",
"name": "inflight",
"repository": {
"type": "git",
"url": "git+https://github.com/npm/inflight.git"
},
"scripts": {
"test": "tap test.js --100"
},
"version": "1.0.6"
}
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.