Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@capraconsulting/webapp-deploy-lambda
Advanced tools
Readme
This project contains a CDK Construct for an AWS Lambda Function to handle deployment of a bundled static web application to a S3 bucket while preserving files from previous deployments within a time threshold.
What it does:
A single-page application using code splitting will cause the client to
defer loading lots of files. To avoid a deployment disrupting the user, we
cannot delete the previous files (e.g. using aws s3 sync --delete
), as
that would cause the client to get 404 errors when navigating through the app.
CloudFront will in many cases hide this issue for most of the users due to
its edge caches, but it will still be an issue for users that haven't
updated the application since the day before.
One way of handling this would be to never delete any files from the S3 bucket. That means the bucket will fill up with a lot of old files. This project approaches it differently by deleting old files.
A user that still uses an application deployed five days ago should not be disrupted. To keep this promise we keep the newest deployment that happened more than five days ago, and delete files from older ones that no longer have any reference to them.
aws lambda invoke \
--function-name my-deploy-lambda \
--payload '{
"ResourceProperties": {
"artifactS3Url": "s3://my-bucket/my-release.tgz"
},
"RequestType": "Update"
}' \
/tmp/out.log
Testing locally:
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
# Adjust to your project. See config.py for full list.
export TARGET_BUCKET_URL=s3://my-website/web
export EXPIRE_SECONDS=86400
export DEPLOY_LOG_BUCKET_URL=s3://my-website/deployments.log
export CF_DISTRIBUTION_ID=EKJ2IPY1KTEAR1
# Adjust artifact path.
python -m webapp_deploy.main s3://my-bucket/my-release.tgz
FAQs
CDK construct for deploying a webapp release to S3 and CloudFront
The npm package @capraconsulting/webapp-deploy-lambda receives a total of 3,198 weekly downloads. As such, @capraconsulting/webapp-deploy-lambda popularity was classified as popular.
We found that @capraconsulting/webapp-deploy-lambda demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.