
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
@sls-next/lambda-at-edge
Advanced tools
Provides handlers that can be used in CloudFront Lambda@Edge to deploy next.js applications to the edge
Library to build and deploy Next.js apps for AWS Lambda@Edge
This library uses the handlers provided by @sls-next/core
and wraps them with a Lambda@Edge/CloudFront-compatible layer.
const path = require('path');
const { Builder } = require("@sls-next/lambda-at-edge");
const nextConfigPath = '/path/to/my/nextapp';
const outputDir = path.join(nextConfigPath, ".serverless_nextjs");
const builder = new Builder(
nextConfigPath,
outputDir,
{
cmd: './node_modules/.bin/next',
cwd: process.cwd(),
env: {},
args: ['build'],
minifyHandlers: true,
// it is recommended to let your CF distribution do the compression as per the docs - https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html
// however there have been issues in the past where CF doesn't compress lambda@edge responses, so we provide our own implementation in case is needed
enableHTTPCompression: false
}
);
await builder.build()
.then(() => {
console.log("Application built successfully!");
})
.catch((e) => {
console.log("Could not build app due the exception: ", e);
process.exit(1);
});
You can configure more options regarding building process. Configurable inputs you can find in 'build.ts' file ('packages/libs/lambda-at-edge/src/build.ts'). If you want to see debug logs during building, use 'await builder.build(true)' instead. After running the above, the output directory will contain the Lambda@Edge handlers necessary to server side render at the edge.
/dir/to/my/next-app/.serverless_nextjs/
> default-lambda
> manifest.json
> routes-manifest.json
> prerender-manifest.json
> pages/
> index.js # handler
> api-lambda
> manifest.json
> routes-manifest.json
> pages/api/
> index.js # handler
> image-lambda
> manifest.json
> routes-manifest.json
> images-manifest.json
> node_modules/...
> index.js # handler
The handlers need to be attached to the origin-request
trigger of CloudFront.
The api-lambda
edge function should be attached to a CloudFront behaviour that only triggers in the event of /api/*
requests.
The image-lambda
edge function should be attached to a CloudFront behaviour that only triggers in the event of _next/image*
requests.
For full usage docs, please refer to (TBA).
Once built and packaged, the app consists of the following components:
default-lambda
(v2): handles page and API requests.default-lambda
(v1): handles page requests only.api-lambda
(legacy v1 handlers only): handles API requests.regeneration-lambda
: handles regeneration requests used for ISR.image-lambda
: handles image optimization requests.assets
: all static assets used by your app.You will need the following infrastructure to deploy your app:
Currently, you will need to deploy via the Serverless Components deployer, @sls-next/serverless-component
. We also provide a CDK construct at @sls-next/nextjs-cdk-construct
.
If you'd like to write your own custom deployment logic, please see the CDK construct or legacy Serverless Components deployer to see an example of all the infrastructure you need to setup.
Special thanks for Daniel Conde Marin for the initial implementation.
3.7.0 (2022-03-31)
Note: Version bump only for package serverless-nextjs-monorepo
FAQs
Provides handlers that can be used in CloudFront Lambda@Edge to deploy next.js applications to the edge
The npm package @sls-next/lambda-at-edge receives a total of 5,003 weekly downloads. As such, @sls-next/lambda-at-edge popularity was classified as popular.
We found that @sls-next/lambda-at-edge demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.