Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
The aws-crt npm package is a low-level client library for AWS services, providing a high-performance, cross-platform implementation of the AWS Common Runtime (CRT). It offers functionalities for networking, cryptography, and other foundational services that are essential for building AWS SDKs and other AWS-related applications.
MQTT Client
This feature allows you to create an MQTT client to connect to AWS IoT Core. The code sample demonstrates how to set up the client, connect to the broker, subscribe to a topic, and handle incoming messages.
const { mqtt } = require('aws-crt');
const client = mqtt.Client({
host: 'example.iot.region.amazonaws.com',
port: 8883,
clientId: 'myClientId',
clean: true,
keepAlive: 60,
protocol: 'mqtts',
key: 'path/to/private-key.pem',
cert: 'path/to/certificate.pem',
ca: 'path/to/ca.pem'
});
client.on('connect', () => {
console.log('Connected to MQTT broker');
client.subscribe('my/topic', { qos: 1 });
});
client.on('message', (topic, message) => {
console.log(`Received message: ${message.toString()} on topic: ${topic}`);
});
client.connect();
HTTP Client
This feature provides an HTTP client for making HTTP requests. The code sample shows how to create an HTTP client, make a GET request, and handle the response.
const { http } = require('aws-crt');
const client = new http.HttpClient();
const request = new http.HttpRequest('https://example.com', 'GET');
client.request(request, (response) => {
console.log(`Status Code: ${response.statusCode}`);
response.on('data', (chunk) => {
console.log(`Body: ${chunk.toString()}`);
});
});
WebSocket Client
This feature allows you to create a WebSocket client for real-time communication. The code sample demonstrates how to set up the client, connect to a WebSocket server, send messages, and handle incoming messages.
const { websocket } = require('aws-crt');
const client = new websocket.WebSocketClient('wss://example.com/socket');
client.on('open', () => {
console.log('WebSocket connection opened');
client.send('Hello, WebSocket!');
});
client.on('message', (message) => {
console.log(`Received message: ${message}`);
});
client.on('close', () => {
console.log('WebSocket connection closed');
});
client.connect();
The aws-sdk package is the official AWS SDK for JavaScript, providing a higher-level abstraction over AWS services. It is more user-friendly and feature-rich compared to aws-crt, which is a lower-level library focused on performance and foundational services.
The mqtt package is a popular MQTT client for Node.js. While it offers similar MQTT functionalities as aws-crt, it does not provide the same level of integration with AWS services and lacks the additional features like HTTP and WebSocket clients.
Axios is a widely-used HTTP client for Node.js and the browser. It provides a simpler and more user-friendly API for making HTTP requests compared to the low-level HTTP client in aws-crt.
The ws package is a simple and fast WebSocket client for Node.js. It offers similar WebSocket functionalities as aws-crt but does not include the additional AWS-specific features.
NodeJS/Browser bindings for the AWS Common Runtime
This library is licensed under the Apache 2.0 License.
To build the package locally
npm install
Normally, you just declare aws-crt
as a dependency in your package.json file.
You can either add it to package.json (if using a tool like webpack), or just import the dist.browser/
folder into your web project
npm install aws-crt
Please note that on Mac, once a private key is used with a certificate, that certificate-key pair is imported into the Mac Keychain. All subsequent uses of that certificate will use the stored private key and ignore anything passed in programmatically. Beginning in v1.1.11, when a stored private key from the Keychain is used, the following will be logged at the "info" log level:
static: certificate has an existing certificate-key pair that was previously imported into the Keychain. Using key from Keychain instead of the one provided.
FAQs
NodeJS/browser bindings to the aws-c-* libraries
The npm package aws-crt receives a total of 72,782 weekly downloads. As such, aws-crt popularity was classified as popular.
We found that aws-crt demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.