Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@cnnrrss/replay-aws-dlq
Advanced tools
Re-drive AWS (dead letter) queue messages to target queue
$ npm install -g @cnnrrss/replay-aws-dlq
The following command will move all messages in [from]
queue [to]
queue where source queue is usually a dead-letter queue, and the destination queue is it's pairing queue.
replay-aws-dlq \
--from https://sqs.ap-southeast-2.amazonaws.com/718583902179/samstarter-v2-UploadAssetDLQ-XXFMZ0C9N5KP \
--to https://sqs.ap-southeast-2.amazonaws.com/718583902179/samstarter-v2-UploadAsset-1CF6W6RO07PGF \
# throttle messages in seconds, optional
--throttle 1 \
# maxAttempts to redrive from dlq to destination queue, default 1
--maxAttempts 1 \
# message attributes to copy, optional
--attrs replay-aws-dlq another-one a-third-one
This module use AWS sdk beneath so you shall be able to use env variables to work across different accounts, e.g. the example below use AWS profile.
AWS_PROFILE=staging replay-aws-dlq ...
Please be aware if destination queue you're driving messages to, is FIFO queue that has enabled deduplication, and messages in DLQ were original come from it, you'll need to cool down for at least 5 mins internal before you can start driving messages back, otherwise you messages will end up not showing in the dest queue.
Thanks Garry Yao for the initial verion of this package. This package is a simple fork of his efforts of the same name, extended to provide a few additional options.
MIT © Garry Yao
FAQs
Re-drive dead letter queue messages to another queue
The npm package @cnnrrss/replay-aws-dlq receives a total of 7 weekly downloads. As such, @cnnrrss/replay-aws-dlq popularity was classified as not popular.
We found that @cnnrrss/replay-aws-dlq demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.