Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@vercel/fun
Advanced tools
Local serverless function λ development runtime.
Given a Lambda function like this one:
// example/index.js
exports.handler = function(event, context, callback) {
callback(null, { hello: 'world' });
};
You can invoke this function locally using the code below:
import { createFunction } from '@vercel/fun';
async function main() {
// Starts up the necessary server to be able to invoke the function
const fn = await createFunction({
Code: {
// `ZipFile` works, or an already unzipped directory may be specified
Directory: __dirname + '/example'
},
Handler: 'index.handler',
Runtime: 'nodejs8.10',
Environment: {
Variables: {
HELLO: 'world'
}
},
MemorySize: 512
});
// Invoke the function with a custom payload. A new instance of the function
// will be initialized if there is not an available one ready to process.
const res = await fn({ hello: 'world' });
console.log(res);
// Prints: { hello: 'world' }
// Once we are done with the function, destroy it so that the processes are
// cleaned up, and the API server is shut down (useful for hot-reloading).
await fn.destroy();
}
main().catch(console.error);
ƒun provides an execution environment that closely resembles the real Lambda environment, with some key differences that are documented here:
sbx_user1051
user./var/task
, /var/runtime
, /opt
, etc. Instead, your
function code should use the environment variables that represent these
locations (namely LAMBDA_TASK_ROOT
and LAMBDA_RUNTIME_DIR
).SIGSTOP
signal to the lambda process,
and unfrozen by sending the SIGCONT
signal, not using the cgroup freezer.ƒun aims to support all runtimes that AWS Lambda provides. Currently implemented are:
nodejs
for Node.js Lambda functions using the system node
binarynodejs6.10
for Node.js Lambda functions using a downloaded Node v6.10.0 binarynodejs8.10
for Node.js Lambda functions using a downloaded Node v8.10.0 binarynodejs10.x
for Node.js Lambda functions using a downloaded Node v10.15.3 binarynodejs12.x
for Node.js Lambda functions using a downloaded Node v12.22.7 binarynodejs14.x
for Node.js Lambda functions using a downloaded Node v14.18.1 binarypython
for Python Lambda functions using the system python
binarypython2.7
for Python Lambda functions using a downloaded Python v2.7.12 binarypython3
for Python Lambda functions using the system python3
binary (or fallback to python
)python3.6
for Python Lambda functions using a downloaded Python v3.6.8 binarypython3.7
for Python Lambda functions using a downloaded Python v3.7.2 binarygo1.x
for Lambda functions written in Go - binary must be compiled for your platformprovided
for custom runtimesFAQs
Local Lambda development environment
The npm package @vercel/fun receives a total of 427,900 weekly downloads. As such, @vercel/fun popularity was classified as popular.
We found that @vercel/fun demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.