Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
lambda-invoke-debug
Advanced tools
Invoke a locally running lambda function while debugging.
This project takes inspiration from Amplify CLI specifically the mocking functionality and how it invokes a local lambda function.
The purpose of this project is to serve a graphql schema and relay the requests to a locally running lambda function for the purpose of debugging.
npm install lambda-invoke-debug
lid
command to your cli or within the project run npm run start
Run lid serve <graphql schema file> <config file>
lid serve ~/project/schema.graphql ~/project/config.js
The config file is a javascript module that is loaded dynamically at runtime. This file should look like
module.exports = {
/*
type Query {
GetAccount(input: AccountGetInput!): Account
}
*/
// the name of the field in the schema
GetAccount : {
// the name of the process running your code
// for go debug process we use
debugProcess: '__debug_bin',
// a distinctive name in the file path to your code
// example ~/projects/myGraph/backend/functions/Account/src/main.go
// 'Account' is in the path and unique name that I can use to identify this function for my field
functionName: 'Account',
// the payload you want to mock and send to your function
// you can also return a promise
payload: (args, request, field) => ({
typeName: field.operation.operation,
fieldName: field.fieldName,
arguments: JSON.stringify(args, null)
})
}
}
FAQs
Invoke a running lambda function while debugging.
The npm package lambda-invoke-debug receives a total of 0 weekly downloads. As such, lambda-invoke-debug popularity was classified as not popular.
We found that lambda-invoke-debug demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.