New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@dankochetov/commercetools-serverless-plugin

Package Overview
Dependencies
Maintainers
1
Versions
6
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@dankochetov/commercetools-serverless-plugin

Commercetools Serverless plugin

  • 2.3.0
  • latest
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
7
Maintainers
1
Weekly downloads
 
Created
Source

CommerceTools Serverless plugin

Known Vulnerabilities contributions welcome

This plugin allows you to seamlessly integrate CommerceTools subscriptions and extensions with Serverless functions.

Installation npm version

npm i -D @dankochetov/commercetools-serverless-plugin

Configuration

custom:
  commerceTools:
    projectKey: string
    clientId: string
    clientSecret: string
    authHost: "https://auth.<region>.<provider>.commercetools.com/"
    apiHost: "https://api.<region>.<provider>.commercetools.com/"

Subscription

Only SQS destination is supported.

functions:
  Subscription:
    events:
      - commerceTools:
          subscription:
            createQueue: true # skip if queueArn is used
            batchSize: <number> # skip if queueArn is used
            queueArn: <arn> # skip if createQueue is used
            changes: # optional
              - resourceTypeId: product
              - ...
            messages: # optional
              - resourceTypeId: order
                types: # optional
                  - DeliveryAdded
                  - OrderStateChanged
                  - ...
              - ...

If you specify createQueue: true option, SQS queue will be created as a part of the current stack. Its batch size can be configured with the batchSize option and is set to 1 by default.

Extension

Only AWSLambda destination is supported.

functions:
  Extension:
    events:
      - commerceTools:
          extension:
            timeoutInMs: 1000 # optional
            triggers:
              - resourceTypeId: cart
                actions:
                  - Create
                  - Update
              - ...

How does it work?

For every subscription/extension configuration, the plugin adds the following list of resources to the template:

  • IAM user with minimal permissions and a set of security credentials;
  • CFN custom resource that manages the creation, modification and deletion of the subscription/extension;
  • (Subscriptions with createQueue: true only) SQS queue and corresponding sqs event to the function.

Contribution

After you change the code, don't forget to run npm run build to update the artifacts.

FAQs

Package last updated on 21 Jul 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

North Korean APT Lazarus Targets Developers with Malicious npm Package

Research

Security News

North Korean APT Lazarus Targets Developers with Malicious npm Package

Malicious npm package postcss-optimizer delivers BeaverTail malware, targeting developer systems; similarities to past campaigns suggest a North Korean connection.

By Kirill Boychenko, Peter van der Zee  -  Jan 29, 2025
CISA Brings KEV Data to GitHub

Security News

CISA Brings KEV Data to GitHub

CISA's KEV data is now on GitHub, offering easier access, API integration, commit history tracking, and automated updates for security teams and researchers.

By Sarah Gooding  -  Jan 29, 2025
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc