Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
projen-statemachine-example
Advanced tools
Build a custom construct based on an example in an AWS Blog post and use [projen](https://github.com/projen/projen) to publish to 4 language repositories, i.e., npm, PyPI, Central Maven, and NuGet. (Hope Go is coming soon) [![License](https://img.s
Build a custom construct based on an example in an AWS Blog post and use projen to publish to 4 language repositories, i.e., npm, PyPI, Central Maven, and NuGet.
(Hope Go is coming soon)
This library constrcution is referred to the first example in this AWS blog, Introducing Amazon API Gateway service integration for AWS Step Functions written by Benjanmin Smith. After you deploy the stack with whatever programming language you like, i.e., Typescript, Python, Java, or C sharp, you'll get a view similar to the following diagram:
$ cdk --init language typescript
$ yarn add projen-statemachine-example
import { StateMachineApiGatewayExample } from 'projen-statemachine-example';
export class TypescriptStack extends cdk.Stack {
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
const stageName = 'default';
const partPath = 'pets';
const exampleConstruct = new StateMachineApiGatewayExample(this, 'KerKer', {
stageName: stageName, partPath: partPath});
new cdk.CfnOutput(this, 'OStateMachine', {
value: exampleConstruct.stateMachine.stateMachineArn});
new cdk.CfnOutput(this, 'OExecutionOutput', {
value: exampleConstruct.executionInput, description: 'Sample input to StartExecution.'});
}
$ cdk init --language python
$ cat <<EOL > requirements.txt
aws-cdk.core
scotthsieh_projen_statemachine
EOL
$ python -m pip install -r requirements.txt
from aws_cdk import core as cdk
from scotthsieh_projen_statemachine import StateMachineApiGatewayExample
class PythonStack(cdk.Stack):
def __init__(self, scope: cdk.Construct, construct_id: str, **kwargs) -> None:
super().__init__(scope, construct_id, **kwargs)
stage_name = 'default'
part_path = 'pets'
example_construct = StateMachineApiGatewayExample(
self, 'PythonStatemachne', stage_name=stage_name, part_path=part_path,
)
cdk.CfnOutput(self, "OStateMachine",
value=example_construct.state_machine.state_machine_arn
)
cdk.CfnOutput(self, "OExecutionOutput", value=example_construct.execution_input, description="Sample input to StartExecution.")
$ cdk init --language java
$ mvn package
.
.
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<custom.construct.version>0.1.20</custom.construct.version>
<cdk.version>1.104.0</cdk.version>
<junit.version>5.7.1</junit.version>
</properties>
.
.
<dependencies>
<!-- AWS Cloud Development Kit -->
.
.
.
<dependency>
<groupId>io.github.hsiehshujeng</groupId>
<artifactId>projen-statemachine</artifactId>
<version>${custom.construct.version}</version>
</dependency>
.
.
.
</dependencies>
package com.myorg;
import software.amazon.awscdk.core.Construct;
import software.amazon.awscdk.core.CfnOutput;
import software.amazon.awscdk.core.CfnOutputProps;
import software.amazon.awscdk.core.Stack;
import software.amazon.awscdk.core.StackProps;
import io.github.hsiehshujeng.projen.statemachine.*;
public class JavaStack extends Stack {
public JavaStack(final Construct scope, final String id) {
this(scope, id, null);
}
public JavaStack(final Construct scope, final String id, final StackProps props) {
super(scope, id, props);
String stageName = "default";
String partPath = "pets";
StateMachineApiGatewayExample exampleConstruct = new StateMachineApiGatewayExample(this, "KerKer",
StateMachineApiGatewayExampleProps.builder()
.stageName(stageName)
.partPath(partPath)
.build());
new CfnOutput(this, "OStateMachine",
CfnOutputProps.builder()
.value(exampleConstruct.getStateMachine().getStateMachineArn())
.build());
new CfnOutput(this, "OExecutionOutput", CfnOutputProps.builder()
.value(exampleConstruct.getExecutionInput())
.description("Sample input to StartExecution.")
.build());
}
}
$ cdk init --language csharp
$ dotnet add src/Csharp package Projen.Statemachine --version 0.1.21
using Amazon.CDK;
using ScottHsieh.Examples;
namespace Csharp
{
public class CsharpStack : Stack
{
internal CsharpStack(Construct scope, string id, IStackProps props = null) : base(scope, id, props)
{
string stageName = "default";
string partPath = "pets";
var exampleConstruct = new StateMachineApiGatewayExample(this, "KerKer", new StateMachineApiGatewayExampleProps
{
StageName = stageName,
PartPath = partPath
});
new CfnOutput(this, "OStateMachine", new CfnOutputProps
{
Value = exampleConstruct.StateMachine.StateMachineArn
});
new CfnOutput(this, "OExecutionOutput", new CfnOutputProps
{
Value = exampleConstruct.ExecutionInput,
Description = "Sample input to StartExecution."
});
}
}
}
FAQs
An example construct for deploying to npm, PyPi, Maven, and Nuget with Amazon API Gateway and AWS Step Functions.
The npm package projen-statemachine-example receives a total of 608 weekly downloads. As such, projen-statemachine-example popularity was classified as not popular.
We found that projen-statemachine-example demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.