Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
lambda-mechanic
Advanced tools
Tiny NodeJS server that mocks AWS Lambda requests for local development
Tiny NodeJS server that mocks AWS Lambda requests for local development.
Install the library and dependencies
% npm install -d lambda-mechanic node-dev
If you're using Typescript you can opt for ts-node-dev
% npm install -d lambda-mechanic ts-node-dev
Create a simple script called server.js
with the following content:
const { Mechanic } = require('lambda-mechanic');
// adjust to import your Lambda handler function
import { handler } from './src';
const mechanic = new Mechanic(
[
['/', handler],
['/test', async () => ({ statusCode: 200, body: 'Test' })],
],
{ port: 3001 },
);
mechanic.listen();
Or for Typescript, create a script called server.ts
with the following content:
import { Mechanic } from 'lambda-mechanic';
// adjust to import your Lambda handler function
import { handler } from './src';
const mechanic = new Mechanic(
[
['/', handler],
['/test', async () => ({ statusCode: 200, body: 'Test' })],
],
{ port: 3001 },
);
mechanic.listen();
In a new terminal window run:
% npx node-dev server.js
Or for Typescript:
% npx ts-node-dev server.ts
You can now experiment with your Lambda handler by sending requests to https://localhost:3000.
Mechanic constructor
The Mechanic constructor expects two paramters on instantiation, an array of handler "tuples" and an options object:
new Mechanic(
handler: HandlerTuple[],
options: MechanicOptions,
)
HandlerTuple array
The handler "tuple" describes a route and handler function pairing.
Technically it is a Javascript array with a route string (or regular expression) at the first index and a handler function at the second index.
String example:
const handler = async () => ({ statusCode: 200, body: 'Hello World!' });
const route = ['/path', handler];
RegEx example:
const handler = async () => ({ statusCode: 200, body: 'Handles everything...' });
const route = [/.*/, handler];
Handler function
The handler function expects an event that conforms to the Lambda APIGatewayProxyEvent
interface and returns a promise that resolves an object that confirms to the APIGatewayProxyResult
interface.
If you're using Typescript the types can be imported from the aws-lambda
package.
import { APIGatewayProxyEvent, APIGatewayProxyResult } from 'aws-lambda';
const handler = async (
event: APIGatewayProxyEvent,
): Promise<APIGatewayProxyResult> => ({
statusCode: 200,
body: 'Hello World!',
});
MechanicOptions object
There are currently only two options port
and headers
. The defaults are:
const defaultOptions = {
port: 3000,
headers: {},
};
The options interface is:
interface MechanicOptions {
port?: number;
headers?: {
[key: string]: string;
};
}
If you spot bugs please open an issue.
FAQs
Tiny NodeJS server that mocks AWS Lambda requests for local development
The npm package lambda-mechanic receives a total of 0 weekly downloads. As such, lambda-mechanic popularity was classified as not popular.
We found that lambda-mechanic demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.