Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@aws-cdk/aws-iot
Advanced tools
All classes with the
Cfn
prefix in this module (CFN Resources) are always stable and safe to use.
This module is part of the AWS Cloud Development Kit project.
1.75.0 (2020-11-24)
keyId
property uses the ARN instead of the keyId
to support cross-account encryption key usage. The filesystem will be replaced.esbuild
to be installed.projectRoot
has been replaced by depsLockFilePath
. It should point to your dependency lock file (package-lock.json
or yarn.lock
)parcelEnvironment
has been renamed to bundlingEnvironment
sourceMaps
has been renamed to sourceMap
IVirtualNode
no longer has the addBackends()
method. A backend can be added to VirtualNode
using the addBackend()
method which accepts a single IVirtualService
IVirtualNode
no longer has the addListeners()
method. A listener can be added to VirtualNode
using the addListener()
method which accepts a single VirtualNodeListener
VirtualNode
no longer has a default listener. It is valid to have a VirtualNode
without any listenerslistener
of VirtualNode
has been renamed to listeners
, and its type changed to an array of listenersVirtualNodeListener
has been removed. To create Virtual Node listeners, use the static factory methods of the VirtualNodeListener
class--no-lookups
flag to disable context lookups (#11489) (0445a6e), closes #11461fromAccessPointAttributes()
(#10712) (ec72c85)targetRequestsPerSecond
is actually requests per minute (#11457) (39e277f), closes #11446extraRunOrderSpace
(#11511) (9b72fc8)FAQs
The CDK Construct Library for AWS::IoT
The npm package @aws-cdk/aws-iot receives a total of 972 weekly downloads. As such, @aws-cdk/aws-iot popularity was classified as not popular.
We found that @aws-cdk/aws-iot demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.