Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@iopipe/iopipe
Advanced tools
Readme
This package provides the IOpipe agent and plugins pre-bundled.
Install via npm:
npm install --save @iopipe/iopipe
Or via yarn:
yarn add @iopipe/iopipe
Then require this module, passing it an object with your project token (get a free account), and it will automatically monitor and collect metrics from your applications running on AWS Lambda.
If you are using the Serverless Framework to deploy your lambdas, check out our serverless plugin.
Example:
const iopipe = require('@iopipe/iopipe')({ token: 'PROJECT_TOKEN' });
exports.handler = iopipe((event, context) => {
context.succeed('This is my serverless function!');
});
By default this package will enable @iopipe/trace
and @iopipe/event-info
plugins. It also includes the @iopipe/profiler
plugin, which is disabled by default. For more information on how to use IOpipe and these plugins, see the documentation below:
Example With Tracing, Custom Metrics, and Labels (ES6 Module Format):
import iopipe, {mark, metric, label} from '@iopipe/iopipe';
exports.handler = iopipe()(async (event, context) => {
// add a trace measurement for the database call
mark.start('db-call');
// fetch some data from the database
const rows = await sql(`select * from dogs where status = 'goodboy'`);
mark.end('db-call');
// add a custom metric for IOpipe search and alerts
metric('rows-from-db', rows.length);
// add a label to this invocation for easy filter/sort on dashboard.iopipe.com
label('used-db-cache');
context.succeed('This is my serverless function!');
});
IOpipe publishes AWS Lambda Layers which are publicly available on AWS. Using a framework that supports lambda layers (such as SAM or Serverless), you can use the following ARNs for your runtime:
arn:aws:lambda:$REGION:146318645305:layer:IOpipeNodeJS10:$VERSION_NUMBER
arn:aws:lambda:$REGION:146318645305:layer:IOpipeNodeJS810:$VERSION_NUMBER
Where $REGION
is your AWS region and $VERSION_NUMBER
is an integer representing the IOpipe release. You can get the version number via the Releases page.
Then in your SAM template (for example), you can add:
Globals:
Function:
Layers:
- arn:aws:lambda:us-east-1:146318645305:layer:IOpipeNodeJS810:1
And the IOpipe library will be included in your function automatically.
You can also wrap your IOpipe functions without a code change using layers. For example, in your SAM template you can do the following:
Resources:
YourFunctionHere:
Type: 'AWS::Serverless::Function'
Properties:
CodeUri: path/to/your/code
# Automatically wraps the handler with IOpipe
Handler: @iopipe/iopipe.handler
Runtime: nodejs8.10
Environment:
Variables:
# Specifies which handler IOpipe should run
IOPIPE_HANDLER: path/to/your.handler
Or with the Serverless framework:
functions:
your-function-here:
environment:
IOPIPE_HANDLER: path/to/your.handler
handler: @iopipe/iopipe.handler
layers:
- arn:aws:lambda:us-east-1:146318645305:layer:IOpipeNodeJS810:1
runtime: nodejs8.10
Lambda can't find the file @iopipe/iopipe.js
If you're seeing this error, it's likely that the node runtime isn't resolving NPM_PATH
for the @iopipe/iopipe
module in /opt/nodejs/node_modules
.
These steps should fix the problem:
iopipe_wrapper.js
script in your project's root.module.exports = require('@iopipe/iopipe');
. (And that's all that needs to be in it.)iopipe_wrapper.handler
.Apache 2.0
FAQs
The IOpipe agent and plugins
The npm package @iopipe/iopipe receives a total of 20 weekly downloads. As such, @iopipe/iopipe popularity was classified as not popular.
We found that @iopipe/iopipe demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.