Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@shelf/aws-lambda-brotli-unpacker
Advanced tools
Readme
Unpacks large Lambda binaries to /tmp, such as Tesseract, LibreOffice, Google Chrome, etc
Inspired by chrome-aws-lambda
Used in projects: aws-lambda-tesseract
$ yarn add @shelf/aws-lambda-brotli-unpacker
Version 1.x works with Node 10.x & 12.x only. For Node 8.10 use v0.0.2
Needs Docker installed.
$ npm test
Q: Why do I need this package?
A: It helps if you want to deploy pre-compiled software to use in Lambda. See list of projects where it is used above.
Q: Why bother?
A: Lambda environment has limited software installed. This package helps ship large binaries compiled for Lambda
which unpack to /tmp
folder when Lambda starts.
Q: Why
/tmp
?
A: Lambda has 500 MB of storage in /tmp
Q: Why brotli?
A: This compression algorithm is known for great speed/size ration. Perfect for scarce Lambda resources.
const {unpack} = require('@shelf/aws-lambda-brotli-unpacker');
const {execSync} = require('child_process');
const inputPath = path.join(__dirname, '..', 'bin', 'tt.tar.br'); // for example, tesseract
const outputPath = '/tmp/tesseract/tesseract';
module.exports.handler = async event => {
await unpack({inputPath, outputPath});
execSync(`${outputPath} -l eng image.png`);
};
$ git checkout master
$ yarn version
$ yarn publish
$ git push origin master --tags
MIT © Shelf
FAQs
Unpacks large Lambda binaries to /tmp
The npm package @shelf/aws-lambda-brotli-unpacker receives a total of 128 weekly downloads. As such, @shelf/aws-lambda-brotli-unpacker popularity was classified as not popular.
We found that @shelf/aws-lambda-brotli-unpacker demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 54 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.