![Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts](https://cdn.sanity.io/images/cgdhsj6q/production/961d431fdd53c410d9d320bccdf279bdf6066d4a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@lunara/lift
Advanced tools
Lift is a plugin that leverages the AWS CDK to expand the Serverless Framework beyond functions.
Deploy production-ready websites, queues, storage buckets and more with a few lines in serverless.yml.
Lift is a Serverless Framework plugin, install it in your project:
serverless plugin install -n serverless-lift
If you prefer, you can install Lift via NPM:
npm install --save-dev serverless-lift
. Then, register theserverless-lift
plugin inserverless.yml
(see the example below).
Once installed, start using Lift constructs in serverless.yml
:
service: my-app
provider:
name: aws
plugins:
- serverless-lift
functions:
# ...
constructs:
# Include Lift constructs here
landing-page:
type: static-website
path: 'landing/dist'
avatars:
type: storage
The AWS CDK is extremely powerful, but it is very complex and cannot be used in serverless.yml
. Lift changes that: use the best of the CDK in Serverless, without having to learn about it!
Lift provides components, aka "constructs", specifically selected for serverless applications. They are all built using the CDK and its best practices, with unique features to provide an awesome developer experience.
Deploy static websites and single-page applications, for example React, VueJS or Angular apps.
constructs:
landing:
type: static-website
path: dist
Deploy preconfigured S3 buckets to store files.
constructs:
avatars:
type: storage
Deploy SQS queues and workers for asynchronous processing.
constructs:
my-queue:
type: queue
worker:
handler: src/report-generator.handler
Deploy webhooks to receive notifications from 3rd party applications.
constructs:
stripe-webhook:
type: webhook
path: /my-webhook-endpoint
authorizer:
handler: myAuthorizer.main
Deploy databases leveraging DynamoDB Single Table Design principles.
constructs:
database:
type: database/dynamodb-single-table
More constructs are coming soon! Got suggestions? Open and upvote drafts.
You can eject from Lift at any time: Lift is based on CloudFormation. That allows anyone to kickstart a project with Lift, and fallback to CloudFormation if you ever grow out of it.
To eject:
serverless lift eject
resources
section of serverless.ymlserverless.yml
the Lift constructs you have turned into CloudFormationTypeScript users can use serverless.ts
instead of serverless.yml
. Lift provides type definitions to help.
Lift is built and maintained with love ❤️ by
FAQs
Lift
We found that @lunara/lift demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.