Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
node-riffraff-artefact
Advanced tools
Plugin for building deployable RiffRaff artefacts in Node. Supports RiffRaff deployment types:
cloud-formation
aws-lambda
autoscaling
This is a node plugin for creating RiffRaff artefacts that can then be deployed by RiffRaff. It builds the same package structure as the SBT equivalent.
To use it, ensure you have a package.json
located in the root directory of your project. There must be at the very minimum the name
field.
isAwsLambda
: true
or false
(optional - defaults to false
)cloudformation
: false
or the location of your cloudformation (optional - defaults to cloudformation.json
)Some example package.json
:
{
"name": "s3watcher",
"...": "...",
"cloudformation": "my_clouformation.json"
}
{
"name": "s3watcher",
"...": "...",
"isAwsLambda": true,
"cloudformation": false
}
You should also have a deploy.json
in your root directory that can be read by RiffRaff, although the plugin will work without one.
Once you've set up the equivalent package.json, you will need to add an npm task riffraff-artefact
. Running this will then generate the artefact for you and upload it to S3.
You may then wish to add build hooks into whatever continuous deployment you're using to deploy your artefact.
You can enable more verbose logging setting the environment variable VERBOSE=true
.
By default, this plugin will build the tgz file from the default directory (the root). You can configure this by setting buildDir
to whatever you want in the package.json file. Note that this is the root directory that node will be run on. So a package.json
with relevant run scripts must be present.
Works on:
If you want to support other continuous integration tools, have a look at settings.js
and configure the relevant environment variables to get information about the build.
npm build
FAQs
Deploy RiffRaff Artefacts
The npm package node-riffraff-artefact receives a total of 13 weekly downloads. As such, node-riffraff-artefact popularity was classified as not popular.
We found that node-riffraff-artefact demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 22 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.