Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
eb-fix-npm
Advanced tools
This module installs an .ebextensions
config file that will fix npm in various
ways in AWS Elastic Beanstalk to make your deploys faster and more reliable.
TL;DR This module makes it possible to upgrade from Node 4 to Node 6 on Elastic Beanstalk and speeds up npm install by 95%.
Looking for even bigger savings? You might consider disabling npm altogether. Mixmax no longer uses this module, though we will answer support questions to the best of our ability as well as accept others' PRs.
This module works by installing deployment hooks that perform setup and cleanup related to Elastic Beanstalk's use of npm:
The hooks expect that your Elastic Beanstalk application is using either platform version 3.1.0 or the previous version, version 2.1.3. It may work with newer versions—if it does not, PRs are welcome!
npm install eb-fix-npm --save-dev
(see here for why --save-dev
).ebextensions
file it creates..ebextensions
fileThis module will overwrite the file if/when it is updated.
Pull requests are welcome if you have some generally-useful modifications to suggest.
If you'd like to make modifications specific to your use case, you should uninstall
this module after installing the .ebextensions
file. Uninstallation won't take
the file with it.
Some of the hooks are based on logic from https://github.com/kopurando/better-faster-elastic-beanstalk.
FAQs
Fixes npm in Elastic Beanstalk environments.
The npm package eb-fix-npm receives a total of 91 weekly downloads. As such, eb-fix-npm popularity was classified as not popular.
We found that eb-fix-npm demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 21 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.