![Create React App Officially Deprecated Amid React 19 Compatibility Issues](https://cdn.sanity.io/images/cgdhsj6q/production/04fa08cf844d798abc0e1a6391c129363cc7e2ab-1024x1024.webp?w=400&fit=max&auto=format)
Security News
Create React App Officially Deprecated Amid React 19 Compatibility Issues
Create React App is officially deprecated due to React 19 issues and lack of maintenance—developers should switch to Vite or other modern alternatives.
@lendi/ralph
Advanced tools
Ralph is a CLI tool that automates security incident response for AWS resources.
It's the tool you use when this happens:
Ralph loads and executes a collection of pre-defined runbook to automate incident response.
Removing IAM Instance Profile - Detaches the current IAM Instance Profile of an instance.
Enable Termination Protection - Enables termination protection for an instance. This gives an extra step to prevent accidental termination of an instance.
Set Shutdown Behavior to Stop - Sets shutdown behavior to stop guarantees that the shutting down the instance will not result to termination of the instance.
Taking EBS Snapshot and Export - Creates latest EBS snapshot from volumes
of an instance and possibly send it to a quarantine AWS account.
See Setup
section below on how to configure env variables for this runbook.
To install Ralph using NPM, run:
$ npm i @lendi/ralph
/usr/local/bin/ralph -> /usr/local/lib/node_modules/@lendi/ralph/lib/index.js
+ @lendi/ralph@1.0.3
added 125 packages from 126 contributors in 7.843s
See https://www.npmjs.com/package/@lendi/ralph.
Setup your AWS credentials (~/.aws/credentials
) by following this guide.
Add AWS_REGION in your environment variables. Here's an example with AWS_REGION set to "ap-southeast-2":
$ export AWS_REGION="ap-southeast-2"
...
EBS Snapshot export runbook:
export QUARANTINE_AWS_REGION="ap-southeast-1"
export QUARANTINE_AWS_ACCOUNTS="0000,0001,0002"
export TRANSFER_ALL_SNAPSHOTS="false"
QUARANTINE_AWS_REGION
- the region used for the quarantine AWS
account. If not defined, this will use the AWS REGION of
the current AWS account.
QUARANTINE_AWS_ACCOUNTS
- list of quarantine AWS account
whom to share the snapshots to. If not defined,
the current AWS account will be treated as
the quarantine AWS account.
TRANSFER_ALL_SNAPSHOTS
- decides whether to
copy and share just the latest snapshot or all of them.
execute
command$ ralph execute
? Which instance do you want to lock down?
i-00000000000000001 (kafka-instance)
i-00000000000000002
i-00000000000000003
❯ i-00000000000000004 (vulnerable-instance)
i-00000000000000005 (machine-learning-instance)
i-00000000000000006
i-00000000000000007
(Move up and down to reveal more choices)
? Which instance do you want to lock down? i-00000000000000004(vulnerable-instance)
{"level":30,"time":1574209361754,"pid":20037,"hostname":"","msg":"RemoveIamInstanceProfile:
This will disassociate the following Iam Instance Profiles: ['arn:aws:iam::000000000000:instance-profile/SampleIamInstanceProfile']
for i-00000000000000004","v":1}
{"level":30,"time":1574209361870,"pid":20037,"hostname":"",
"msg":"setShutdownBehaviorToTerminate: The attribute instanceInitiatedShutdownBehavior
will be changed from 'terminate' to 'stop' for i-00000000000000004.","v":1}
{"level":30,"time":1574209361987,"pid":20037,"hostname":"",
"msg":"enableTerminationProtection: The attribute disableApiTermination will be changed
from false to true for i-00000000000000004.","v":1}
? Do you want to proceed with the changes? Yes
{"level":30,"time":1574209377228,"pid":20037,"hostname":"","msg":"Disassociated IAM
Instance Profile for i-00000000000000004.","v":1}
{"level":30,"time":1574209377413,"pid":20037,"hostname":"","msg":"Changed shutdown
behavior to stop for i-00000000000000004.","v":1}
{"level":30,"time":1574209377547,"pid":20037,"hostname":"","msg":"Changed termination
protection to true for i-00000000000000004.","v":1}
Retrieving EBS snapshots and exporting to separate AWS account for quarantine.
Security Groups / VPC Lockdown
Retrieving EC2 Memory Acquisition and export options
Use more user-friendly logger
FAQs
ralph is a CLI tool that automates security incident response
The npm package @lendi/ralph receives a total of 6 weekly downloads. As such, @lendi/ralph popularity was classified as not popular.
We found that @lendi/ralph demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 46 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Create React App is officially deprecated due to React 19 issues and lack of maintenance—developers should switch to Vite or other modern alternatives.
Security News
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
Security News
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.