awspilot / cli-lambda-deploy Goto Github PK
View Code? Open in Web Editor NEWLicense: MIT License
License: MIT License
Hi there,
According to this blog-post top-level awaits should be fully supported. However, when I try this with the fetch API, I still have to use the await
keyword within my handler function otherwise response.text()
will be empty.
In short:
message: await response.text(),
vs
message: response.text(),
Am I misunderstanding something?
import { APIGatewayProxyEvent, APIGatewayProxyHandler, APIGatewayProxyResult} from 'aws-lambda'
const url = 'https://aws.amazon.com/'
// fetch API method is available from Nodejs 18
const response = await fetch(url)
export const handler: APIGatewayProxyHandler = async (event: APIGatewayProxyEvent): Promise<APIGatewayProxyResult> => {
try {
return {
statusCode: response.status,
body: JSON.stringify({
message: await response.text(), // <- HERE
// input: event,
}),
}
} catch (error) {
console.log(error)
return {
statusCode: 500,
body: JSON.stringify({message: error.body})
}
}
}
I am trying to type the event object coming from my AWS Amplify/NextJS front-end. It is sent via Amplify/GraphQL and being received in a NodeJS AWS Lambda. The typescript interface contained in import { AppSyncResolverEvent } from "aws-lambda";
- but this doesn't quite match the event object that's being received. Can someone please advise what I'm doing wrong?
Details:
I'm successfully firing an event from my front-end (NextJS) with aws-amplify
and @aws-amplify/api-graphql
packages:
import { graphqlOperation, GraphQLResult } from "@aws-amplify/api-graphql"; // "version": "2.3.11",
import { API } from "aws-amplify"; // "aws-amplify": "^4.3.28",
...
// Retrieve schemas from Lambda
const response = (await API.graphql<{ myAppSyncFunctionResponse: any }>(
graphqlOperation(myAppSyncFunction),
{ input: "foo" }
)) as GraphQLResult<{ myAppSyncFunctionResponse: string }>;
The event is being successfully received in my Serverless Lambda and resembles the following:
{
typeName: "Mutation",
fieldName: "myAppSyncFunction",
arguments: { input: { ... } },
identity: {...},
source: ...,
request: ...,
prev:...
}
However, when I try to use aws-lambda
in my nodejs Lambda environment:
import { AppSyncResolverEvent } from "aws-lambda";
export async function eventBridgeResolver(
event: AppSyncResolverEvent
) {...}
AppSyncResolverEvent
contains different properties:
// node_modules/@types/aws-lambda/trigger/appsync-resolver.d.ts
{
arguments: TArguments;
identity?: AppSyncIdentity;
source: TSource;
request: {
headers: AppSyncResolverEventHeaders;
};
info: {
selectionSetList: string[];
selectionSetGraphQL: string;
parentTypeName: string;
fieldName: string;
variables: { [key: string]: any };
};
prev: { result: { [key: string]: any } } | null;
stash: { [key: string]: any };
}
This tools is published on npmjs as aws-lambda
- which in its naming collides with @types/aws-lambda
from AWS, while in the meantime is a match with the package repo name whitch is cli-lambda-deploy
.
Considering that this tool is indeed a cli deploy tool - and it hs nothing to do with lambda development - you might wanna consider renaming your package on npmjs?
Also, is this project dead? No updates for over a year now. If so, you might as well mention this in your README.md?
I am writting a very simple TypeScript HTTP API behind API Gateway
import { APIGatewayProxyHandler } from "aws-lambda"
export const myFunction: APIGatewayProxyHandler = async (event) => {
console.log('event', event)
console.log(event.rawQueryString) // Property 'rawQueryString' does not exist on type 'APIGatewayProxyEvent'
}
It says that rawQueryString
doesn't exist
But when I log event
I see that it exists in CloudWatch
{
version: '2.0',
routeKey: 'GET /',
rawPath: '/',
rawQueryString: 'xdddd=1223&xyyyyy=5667',
headers: {
accept: '*/*',
'accept-encoding': 'gzip, deflate, br',
'content-length': '0',
host: 'api.example.com',
'x-forwarded-for': 'XXX.XXX.XXX.XXX',
'x-forwarded-port': '443',
'x-forwarded-proto': 'https'
},
queryStringParameters: { xdddd: '1223', xyyyyy: '5667' },
requestContext: {
accountId: '123451234512',
apiId: '35453sdfs354',
domainName: 'api.example.com',
domainPrefix: 'api',
http: {
method: 'GET',
path: '/',
protocol: 'HTTP/1.1',
sourceIp: 'XXX.XXX.XXX.XXX',
userAgent: 'PostmanRuntime/7.28.4'
},
requestId: 'XXXXXXXXXXXXX',
routeKey: 'GET /',
stage: '$default',
time: '28/Apr/2022:17:07:28 +0000',
timeEpoch: 16541656384673
},
isBase64Encoded: false
}
I am using localstack - this means setting the aws endpoint-url
config. Is that achievable with this package?
Would you be interested in a pull request if not?
Hi ,
We are observing an security issue with version of aws-lambda version 1.0.6 due the aws-sdk dependency referred.
Comments
This affects the package @aws-sdk/shared-ini-file-loader before 1.0.0-rc.9; the package aws-sdk before 2.814.0. if an attacker submits a malicious ini file to an application that parses it with loadsharedconfigfiles , they will pollute the prototype on the application. this can be exploited further depending on the context.
References:
aws/aws-sdk-js-v3@a209082
aws/aws-sdk-js@7d72aff
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1059426
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1059425
https://snyk.io/vuln/SNYK-JS-AWSSDK-1059424
https://snyk.io/vuln/SNYK-JS-AWSSDKSHAREDINIFILELOADER-1049304
Hi there!
Is it possible to upgrade aws-lambda library to start using aws-sdk V3?
Best,
Peter
The name aws-lambda
in package.json seems to be a rather unfortunate name:
aws-lambda
doesn't immediately link in my head to awspilot/cli-lambda-deploy
, and that name describes way better what the package actually contains: A CLI tool for deploying (AWS) lambda functionsCould you please consider changing the name
entry in package.json?
On a fresh clone:
~/code/cli-lambda-deploy $ npm i
npm notice created a lockfile as package-lock.json. You should commit this file.
added 46 packages from 507 contributors and audited 46 packages in 2.365s
found 1 low severity vulnerability
run `npm audit fix` to fix them, or `npm audit` for details
~/code/cli-lambda-deploy $ npm test
> [email protected] test /Users/gmauer/code/cli-lambda-deploy
> mocha --timeout 100000 -S -R spec --exit
new-function JSON config
Lambda config not found (./test/res/new-function-json-v14.lambda )
/Users/gmauer/code/cli-lambda-deploy/node_modules/mocha/lib/runner.js:726
err.uncaught = true;
^
TypeError: Cannot create property 'uncaught' on string 'process exit code 255'
at Runner.uncaught (/Users/gmauer/code/cli-lambda-deploy/node_modules/mocha/lib/runner.js:726:16)
at process.uncaught (/Users/gmauer/code/cli-lambda-deploy/node_modules/mocha/lib/runner.js:839:10)
at process.emit (events.js:314:20)
at process._fatalException (internal/process/execution.js:163:25)
npm ERR! Test failed. See above for more details.
~/code/cli-lambda-deploy $
Hi. Can we please upgrade aws-sdk
to v2.1365.0? The reason is there's a vulnerability issue with xml2js
which aws-sdk
depends on:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.