Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
middy-middleware-json-error-handler
Advanced tools
A middy middleware that returns errors as http errors, compatible with http-errors.
Download node at nodejs.org and install it, if you haven't already.
npm install middy-middleware-json-error-handler --save
There is additional documentation.
import middy from '@middy/core'
import JSONErrorHandlerMiddleware from 'middy-middleware-json-error-handler'
import createHttpError from 'http-errors'
import { APIGatewayEvent } from 'aws-lambda'
// This is your AWS handler
async function helloWorld (event: APIGatewayEvent) {
if (event.queryStringParameters?.search == null) {
// If you throw an error with status code, the error will be returned as stringified JSON.
// Only the stack will be omitted.
throw createHttpError(400, 'Query has to include a search')
}
if (event.queryStringParameters?.search === 'error') {
// If you throw an error with status code greater than 500 and specify in options that the error
// must be exposed, then the error will be returned as stringified JSON
throw createHttpError(500, 'Something went wrong', { expose: true })
}
// If you throw an error with no status code, only a generic message will be shown to the user
// instead of the full error
throw new Error('Search is not implemented yet')
}
// Specify which are the error properties to omit in response (by default, only the stack is omitted)
const options = {
errorPropertiesToOmit: ['name', 'statusCode', 'stack']
}
// Let's "middyfy" our handler, then we will be able to attach middlewares to it (options parameter is optional)
export const handler = middy(helloWorld)
.use(JSONErrorHandlerMiddleware(options)) // This middleware is needed do handle the errors thrown by the handler
FAQs
A middy JSON error handler middleware.
We found that middy-middleware-json-error-handler demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.