serverless-es-proxy-logs - npm Package Compare versions

Comparing version 3.0.7-rc2 to 3.0.7-rc3

package.json

 {
   "name": "serverless-es-proxy-logs",
-  "version": "3.0.7-rc2",
+  "version": "3.0.7-rc3",
   "license": "MIT",
@@ -71,4 +71,3 @@ "description": "A Serverless plugin to transport logs to ElasticSearch",
     "fs-extra": "8.1.0",
-    "lodash": "4.17.15",
-    "socket.io-client": "^2.2.0"
+    "lodash": "4.17.15"
   },
@@ -75,0 +74,0 @@ "devDependencies": {

templates/code/logsToEs.js

 // v1.1.2
 var https = require('https');
 var zlib = require('zlib');
-import io from 'socket.io-client';
+import * as net from 'net';
 
@@ -9,6 +9,2 @@
 var indexPrefix = process.env.ES_INDEX_PREFIX;
-// TODO: Verify DLQ is empty
-// Disable TLS validation (want to remove this for production)
-// TODO: Pin proper CA.
-process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
 var tags = undefined;
@@ -44,62 +40,23 @@ try {
         console.log('connecting to socket ...');
-        const socket = io(endpoint);
-        socket.on('connect', () => {
+        const url = new URL(endpoint);
+        var client = new net.Socket();
+        client.connect(parseInt(url.port), url.host, function() {
             console.log('Successfully connected to es endpoint');
             console.log('Emitting data');
-            socket.emit(elasticsearchBulkPayload);
+            client.write(elasticsearchBulkPayload);
             console.log('sent data');
         });
-        socket.on('connect_failed', function() {
-            console.log("Sorry, there seems to be an issue with the connection!");
+
+        client.on('error', err => {
+            console.error(err);
+            process.exit(1);
         });
-        socket.on('error', function() {
-           console.log('Connection failed');
+
+        client.on('close', function() {
+            console.log('Connection closed');
         });
-        socket.on('connect_error', () => {
-            console.log('Error while connecting');
-        });
-        // post documents to the Amazon Elasticsearch Service
-        // put(elasticsearchBulkPayload, function(error, success, statusCode, failedItems) {
-        //     console.log('Response: ' + JSON.stringify({
-        //         "statusCode": statusCode
-        //     }));
-        //
-        //     if (error) {
-        //         console.log('Error: ' + JSON.stringify(error, null, 2));
-        //
-        //         if (failedItems && failedItems.length > 0) {
-        //             console.log("Failed Items: " +
-        //                 JSON.stringify(failedItems, null, 2));
-        //
-        //             var failedLogs = findFailedLogs(failedItems, elasticsearchBulkArray);
-        //             failedLogs.forEach( failedLog => {
-        //                 console.log("Failed log content: " + JSON.stringify(failedLog, null, 2));
-        //             });
-        //         }
-        //
-        //         context.fail(JSON.stringify(error));
-        //     } else {
-        //         console.log('Success: ' + JSON.stringify(success));
-        //         context.succeed('Success');
-        //     }
-        // });
     });
 };
 
-function findFailedLogs(failedItems, esBulkArray) {
-    var failedLogs = [];
 
-    failedItems.forEach(item => {
-        var _id = item && item.index && item.index._id;
-        if (_id) {
-            var failedLog = esBulkArray.find(esLog => esLog && esLog.id === _id);
-            if (failedLog) {
-                failedLogs.push(failedLog);
-            }
-        }
-    });
-
-    return failedLogs;
-}
-
 function esDocumentArrayToPayload(esDocumentArray) {
@@ -206,53 +163,1 @@ return esDocumentArray.map(
 }
-
-function put(body, callback) {
-    var requestParams = buildRequest(endpoint, body);
-
-    var request = https.request(requestParams, function(response) {
-        var responseBody = '';
-        response.on('data', function(chunk) {
-            responseBody += chunk;
-        });
-        response.on('end', function() {
-            var info = JSON.parse(responseBody);
-            var failedItems;
-            var success;
-            
-            if (response.statusCode >= 200 && response.statusCode < 299) {
-                failedItems = info.items.filter(function(x) {
-                    return x.index.status >= 300;
-                });
-
-                success = { 
-                    "attemptedItems": info.items.length,
-                    "successfulItems": info.items.length - failedItems.length,
-                    "failedItems": failedItems.length
-                };
-            }
-
-            var error = response.statusCode !== 200 || info.errors === true ? {
-                "statusCode": response.statusCode,
-                "responseBody": responseBody
-            } : null;
-
-            callback(error, success, response.statusCode, failedItems);
-        });
-    }).on('error', function(e) {
-        callback(e);
-    });
-    request.end(requestParams.body);
-}
-
-function buildRequest(endpoint, body) {
-    const [ep, port] = endpoint.split(':');
-    return request = {
-        host: ep,
-        port: port,
-        method: 'PUT',
-        path: '/',
-        body: JSON.stringify(body),
-        headers: {
-            'Content-Type': 'application/json',
-        },
-    };
-}

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Dependency count

2

decreased by-33.33%

Number of low supply chain risk alerts

4

decreased by-20%

Worsened metrics

Total package byte prevSize

53622

decreased by-5.97%

Lines of code

670

decreased by-11.61%

Number of medium supply chain risk alerts

2

increased by100%

Dependency changes

• - Removedsocket.io-client@^2.2.0

• - Removedafter@0.8.2(transitive)

• - Removedarraybuffer.slice@0.0.7(transitive)

• - Removedbacko2@1.0.2(transitive)

• - Removedbase64-arraybuffer@0.1.4(transitive)

• - Removedblob@0.0.5(transitive)

• - Removedcomponent-bind@1.0.0(transitive)

• - Removedcomponent-emitter@1.3.1(transitive)

• - Removedcomponent-inherit@0.0.3(transitive)

• - Removeddebug@3.1.0(transitive)

• - Removedengine.io-client@3.5.4(transitive)

• - Removedengine.io-parser@2.2.1(transitive)

• - Removedhas-binary2@1.0.3(transitive)

• - Removedhas-cors@1.1.0(transitive)

• - Removedindexof@0.0.1(transitive)

• - Removedisarray@2.0.1(transitive)

• - Removedms@2.0.0(transitive)

• - Removedparseqs@0.0.6(transitive)

• - Removedparseuri@0.0.6(transitive)

• - Removedsocket.io-client@2.5.0(transitive)

• - Removedsocket.io-parser@3.3.4(transitive)

• - Removedto-array@0.1.4(transitive)

• - Removedws@7.5.10(transitive)

• - Removedxmlhttprequest-ssl@1.6.3(transitive)

• - Removedyeast@0.1.2(transitive)