Gathering detailed insights and metrics for eslint-plugin-no-floating-promise
Gathering detailed insights and metrics for eslint-plugin-no-floating-promise
Detects missing await on async function calls
Installations
npm install eslint-plugin-no-floating-promiseDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
>=0.10.0
Node Version
20.11.1
NPM Version
10.2.4
Score
99.6
Supply Chain
99.5
Quality
75.1
Maintenance
100
Vulnerability
100
License
Languages
1
JavaScript
JavaScript (100%)
Developer
SebastienGllmt
Download Statistics
Total Downloads
5,516,934
Last Day
3,815
Last Week
59,987
Last Month
267,090
Last Year
2,503,077
GitHub Statistics
19 Stars
23 Commits
5 Forks
3 Watchers
6 Branches
1 Contributors
Updated on Apr 08, 2025
Bundle Size
1.03 kB
Minified
577.00 B
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
2.0.0
Package Id
eslint-plugin-no-floating-promise@2.0.0
Unpacked Size
11.83 kB
Size
3.96 kB
File Count
4
NPM Version
10.2.4
Node Version
20.11.1
Published on
Apr 18, 2024
Total Downloads
Cumulative downloads
Total Downloads
5,516,934
Last Day
4.9%
3,815
Compared to previous day
Last Week
-3.9%
59,987
Compared to previous week
Last Month
7.5%
267,090
Compared to previous month
Last Year
17.4%
2,503,077
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
eslint-plugin-no-floating-promise
Detects missing await on async function calls
STOP: Are you a Flow or a Typescript user? Prefer these:
Installation
You'll first need to install ESLint:
$ npm i eslint --save-dev
Next, install eslint-plugin-no-floating-promise:
$ npm install eslint-plugin-no-floating-promise --save-dev
Note: If you installed ESLint globally (using the -g flag) then you must also install eslint-plugin-no-floating-promise globally.
Usage
Add no-floating-promise to the plugins section of your .eslintrc configuration file. You can omit the eslint-plugin- prefix:
1{ 2 "plugins": [ 3 "no-floating-promise" 4 ] 5}
Then configure the rules you want to use under the rules section.
1{ 2 "rules": { 3 "no-floating-promise/no-floating-promise": 2 4 } 5}
If you're using flat config (eslint.config.js), which is default configuration format for eslint since v.9.0.0:
1const noFloatingPromise = require("eslint-plugin-no-floating-promise"); 2 3module.exports = [ 4 { 5 plugins: { 6 "no-floating-promise": noFloatingPromise, 7 }, 8 rules: { 9 "no-floating-promise/no-floating-promise": 2 10 } 11 } 12];
Rule definition
The --fix option on the command line automatically fixes problems reported by this rule.
Promises that are never awaited can cause unexpected behavior because they may be scheduled to execute at an unexpected time.
It's easy to accidentally make this mistake. For example, suppose we have the code
1function writeToDb() {
2 // synchronously write to DB
3}
4writeToDb();but the code gets refactored so that writing to the database is asynchronous.
1async function writeToDb() { 2 // asynchronously write to DB 3} 4writeToDb(); // <- note we have no await here but probably the user intended to await on this!
Rule Details
This rule will fire for any call to an async function that both
- not used (not assigned to a variable, not the return type of a function, etc.)
- not awaited on
Examples of incorrect code for this rule:
1/*eslint no-floating-promise: "error"*/ 2 3async function foo() {} 4foo(); 5 6(async () => 5)(); 7 8// note: function is not async but a Promise return type is specified 9function foo(): Promise<void> { return Promise.resolve(); }; 10foo();
Examples of correct code for this rule:
1/*eslint no-floating-promise: "error"*/ 2 3async function foo() {} 4await foo(); 5 6await (async () => 5)(); 7 8// note: function is not async but a Promise return type is specified 9function foo(): Promise<void> { return Promise.resolve(); }; 10await foo(); 11 12// note: promise is not awaited, but it is chained with a 'then' 13async function foo() {} 14foo().then(() => {});
You may catch additional errors by combining this rule with no-unused-expression.
For example the following will not be considered an error by this plugin, but no-unused-expression will complain that fooResult is never used.
1async function foo() {} 2const fooResult = foo();
When Not To Use It
If you often make use of asynchronous functions were you explicitly do not want to await on them.
Notable design decisions
Promises returned by non-async functions
It's possible for a function to return a promise and not be async (as seen in test cases for this rule). My rule can leverage type annotations to detect these cases but if no type annotation is present, then no error is reported. We could modify this rule to traverse into the AST to see if the return is a promise or not but this sounds more expensive and would still not catch all cases so I didn't include this logic.
Additionally, TypeAnnotations are only generated for explicit Flow types so this rule can't take advantage of Flow inference. You could argue this rule would be more effective if implemented directly in Flow but this rule can still catch cases for vanilla Javascript so it didn't feel right to make Flow a dependency for this kind of linting.
Scope of the rule
Currently using then or catch silences this rule
1async function foo() {} 2foo().then(() => {});
You could argue this is desired since it avoids false-positive where developers explicitly do not want to await. I'm open to feedback about whether or not people want this behavior.
Missing await in non-async context
Right now my rule reports an error in the following case
1async function foo() {} 2function bar() { 3 foo(); 4}
However, adding an await here is not possible because bar is not an async function. In fact, my auto-fix rule would add an await in front of foo which would result in a compiler error.
However, likely this actually is an error and the user actually should make bar an async function. However, I am open to disabling this rule in this context if that's what people want.
Limitations
- It cannot make use of Flow inference (you need to explicitly specify types)
- It does not work across file boundaries (if import a function from a different file, you don't have any information)
- It doesn't work on member function calls (
foo.bar()will not detect an error even ifbaris an async function)
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
9 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-2j2x-2gpw-g8fm
- Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
Reason
Found 1/17 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 7 are checked with a SAST tool
Score
1.4
/10
Last Scanned on 2025-06-30
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More