Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
lambda-serverless-api
Advanced tools
This project abstracts the creation of a basic API and the most commonly desired features.
Provides support for:
$ npm install --save lambda-serverless-api
First we need to wrap our lambda endpoint. Inside the lambda function we can then use ApiError
and JsonResponse
as following:
const api = require("lambda-serverless-api")({
limiter: {},
rollbar: {}
});
module.exports = api.wrap("POST register", [
api.Str("name", "json", false),
api.Email("email", "json"),
api.Str("password", "json")
], process.env.RATE_LIMIT_PER_IP, ([name, email, password], context, rb) => {
// handle registration logic here ...
if (new Date().getHours() === 4) {
throw api.ApiError("I am a teapot", 418);
}
return api.JsonResponse({ message: "Success!" });
});
where RATE_LIMIT_PER_IP
allows to set different limits per endpoint. Rate limiting is explained below.
The first api.wrap
parameter defines the route and is re-declared in serverless.yml
.
A list of supported parameters can be found here.
If you want to send plain text instead of json, you can use ApiResponse
. You can also set custom status codes and headers as second and third parameter respectively.
To generate swagger documentation we can call api.generateSwagger()
after the api is initialized with routes.
To validate that your swagger documentation matches your serverless.yml
you can run api.generateDifference()
.
Examples can be found here.
You can pass an additional messageId
and context
to the ApiError
constructor.
These will be returned with the error response.
Rate limiting uses lambda-rate-limiter. Note that there are some serious restrictions because it does not use centralized storage!
To customize rate limiting, the package options are passed as limiter
into the constructor.
To monitor api errors and exceptions lambda-rollbar can be enabled. Options are passed by putting them as rollbar
into the constructor.
Consider using yaml-boost
FAQs
Basic Api Wrapper for Serverless Framework.
We found that lambda-serverless-api demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.