npm - @middy/secrets-manager - Versions diffs - 2.5.2 → 3.0.0-alpha.1 - Mend

@middy/secrets-manager 2.5.2 → 3.0.0-alpha.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/LICENSE CHANGED Viewed

@@ -1,6 +1,6 @@
 MIT License
-Copyright (c) 2017-2021 Luciano Mammino, will Farrell and the [Middy team](https://github.com/middyjs/middy/graphs/contributors)
+Copyright (c) 2017-2022 Luciano Mammino, will Farrell and the [Middy team](https://github.com/middyjs/middy/graphs/contributors)
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

package/README.md CHANGED Viewed

@@ -53,13 +53,10 @@ npm install --save @middy/secrets-manager
 - `disablePrefetch` (boolean) (default `false`): On cold start requests will trigger early if they can. Setting `awsClientAssumeRole` disables prefetch.
 - `cacheKey` (string) (default `secrets-manager`): Cache key for the fetched data responses. Must be unique across all middleware.
 - `cacheExpiry` (number) (default `-1`): How long fetch data responses should be cached for. `-1`: cache forever, `0`: never cache, `n`: cache for n ms.
-- `setToEnv` (boolean) (default `false`): Store secrets to `process.env`. **Storing secrets in `process.env` is considered security bad practice**
 - `setToContext` (boolean) (default `false`): Store secrets to `request.context`.
 NOTES:
 - Lambda is required to have IAM permission for `secretsmanager:GetSecretValue`
-- `setToEnv` and `setToContext` are included for legacy support and should be avoided for performance and security reasons. See main documentation for best practices.
-- `setToEnv` can only assign secrets of type string
 ## Sample usage
@@ -99,7 +96,7 @@ Everyone is very welcome to contribute to this repository. Feel free to [raise i
 ## License
-Licensed under [MIT License](LICENSE). Copyright (c) 2017-2021 Luciano Mammino, will Farrell, and the [Middy team](https://github.com/middyjs/middy/graphs/contributors).
+Licensed under [MIT License](LICENSE). Copyright (c) 2017-2022 Luciano Mammino, will Farrell, and the [Middy team](https://github.com/middyjs/middy/graphs/contributors).
 <a href="https://app.fossa.io/projects/git%2Bgithub.com%2Fmiddyjs%2Fmiddy?ref=badge_large">
   <img src="https://app.fossa.io/api/projects/git%2Bgithub.com%2Fmiddyjs%2Fmiddy.svg?type=large" alt="FOSSA Status"  style="max-width:100%;">

package/index.d.ts CHANGED Viewed

@@ -1,19 +1,8 @@
 import { SecretsManager } from 'aws-sdk'
-import { captureAWSClient } from 'aws-xray-sdk'
 import middy from '@middy/core'
+import { Options as MiddyOptions } from '@middy/util'
-interface Options<SM = SecretsManager> {
-  AwsClient?: new() => SM
-  awsClientOptions?: Partial<SecretsManager.Types.ClientConfiguration>
-  awsClientAssumeRole?: string
-  awsClientCapture?: typeof captureAWSClient
-  fetchData?: { [key: string]: string }
-  disablePrefetch?: boolean
-  cacheKey?: string
-  cacheExpiry?: number
-  setToEnv?: boolean
-  setToContext?: boolean
-}
+interface Options<SM = SecretsManager> extends MiddyOptions<SM, SecretsManager.Types.ClientConfiguration> {}
 declare function secretsManager (options?: Options): middy.MiddlewareObj

package/index.js CHANGED Viewed

@@ -1,32 +1,14 @@
-"use strict";
-const {
-  canPrefetch,
-  createPrefetchClient,
-  createClient,
-  processCache,
-  getCache,
-  modifyCache,
-  jsonSafeParse,
-  getInternal
-} = require('@middy/util');
-const SecretsManager = require('aws-sdk/clients/secretsmanager'); // v2
-// const { SecretsManager } = require('@aws-sdk/client-secrets-manager')  // v3
+import { canPrefetch, createPrefetchClient, createClient, processCache, getCache, modifyCache, jsonSafeParse, getInternal } from '@middy/util';
+import SecretsManager from 'aws-sdk/clients/secretsmanager.js';
 const defaults = {
   AwsClient: SecretsManager,
   awsClientOptions: {},
   awsClientAssumeRole: undefined,
   awsClientCapture: undefined,
   fetchData: {},
-  // If more than 2, consider writing own using ListSecrets
   disablePrefetch: false,
   cacheKey: 'secrets-manager',
   cacheExpiry: -1,
-  setToEnv: false,
-  // can return object when requesting db credentials, cannot set to process.env
   setToContext: false
 };
@@ -36,20 +18,14 @@ const secretsManagerMiddleware = (opts = {}) => {
   };
   const fetch = (request, cachedValues = {}) => {
-    const values = {}; // Multiple secrets can be requested in a single requests,
-    // however this is likely uncommon IRL, increases complexity to handle,
-    // and will require recursive promise resolution impacting performance.
-    // See https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/SecretsManager.html#listSecrets-property
+    const values = {};
     for (const internalKey of Object.keys(options.fetchData)) {
       if (cachedValues[internalKey]) continue;
       values[internalKey] = client.getSecretValue({
         SecretId: options.fetchData[internalKey]
-      }).promise() // Required for aws-sdk v2
-      .then(resp => jsonSafeParse(resp.SecretString)).catch(e => {
-        var _getCache$value, _getCache;
-        const value = (_getCache$value = (_getCache = getCache(options.cacheKey)) === null || _getCache === void 0 ? void 0 : _getCache.value) !== null && _getCache$value !== void 0 ? _getCache$value : {};
+      }).promise().then(resp => jsonSafeParse(resp.SecretString)).catch(e => {
+        const value = getCache(options.cacheKey).value ?? {};
         value[internalKey] = undefined;
         modifyCache(options.cacheKey, value);
         throw e;
@@ -67,21 +43,18 @@ const secretsManagerMiddleware = (opts = {}) => {
   }
   const secretsManagerMiddlewareBefore = async request => {
-    var _prefetch;
     if (!client) {
       client = await createClient(options, request);
     }
     const {
       value
-    } = (_prefetch = prefetch) !== null && _prefetch !== void 0 ? _prefetch : processCache(options, fetch, request);
+    } = prefetch ?? processCache(options, fetch, request);
     Object.assign(request.internal, value);
-    if (options.setToContext || options.setToEnv) {
+    if (options.setToContext) {
       const data = await getInternal(Object.keys(options.fetchData), request);
-      if (options.setToEnv) Object.assign(process.env, data);
-      if (options.setToContext) Object.assign(request.context, data);
+      Object.assign(request.context, data);
     }
     prefetch = null;
@@ -92,4 +65,4 @@ const secretsManagerMiddleware = (opts = {}) => {
   };
 };
-module.exports = secretsManagerMiddleware;
+export default secretsManagerMiddleware;

package/package.json CHANGED Viewed

@@ -1,18 +1,19 @@
 {
   "name": "@middy/secrets-manager",
-  "version": "2.5.2",
+  "version": "3.0.0-alpha.1",
   "description": "Secrets Manager middleware for the middy framework",
-  "type": "commonjs",
+  "type": "module",
   "engines": {
-    "node": ">=12"
+    "node": ">=14"
   },
   "engineStrict": true,
   "publishConfig": {
     "access": "public"
   },
-  "main": "index.js",
+  "exports": "./index.js",
   "types": "index.d.ts",
   "files": [
+    "index.js",
     "index.d.ts"
   ],
   "scripts": {
@@ -44,12 +45,12 @@
   },
   "homepage": "https://github.com/middyjs/middy#readme",
   "dependencies": {
-    "@middy/util": "^2.5.2"
+    "@middy/util": "^3.0.0-alpha.1"
   },
   "devDependencies": {
-    "@middy/core": "^2.5.2",
+    "@middy/core": "^3.0.0-alpha.1",
     "aws-sdk": "^2.939.0",
     "aws-xray-sdk": "^3.3.3"
   },
-  "gitHead": "a2bb757a7a13638ae64277f8eecfcf11c1af17d4"
+  "gitHead": "a14125c6b2e21b181824f9985a919a47f1e4711f"
 }