{"id":14989466,"url":"https://github.com/janaz/lambda-request-handler","last_synced_at":"2026-03-01T18:31:44.676Z","repository":{"id":35017204,"uuid":"193418488","full_name":"janaz/lambda-request-handler","owner":"janaz","description":"Package your Node.js web app as a Lambda function executed by an API Gateway or ALB event","archived":false,"fork":false,"pushed_at":"2025-07-17T21:48:09.000Z","size":900,"stargazers_count":6,"open_issues_count":1,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-10-19T08:36:37.799Z","etag":null,"topics":["aws","aws-api-gateway","aws-apigateway","aws-apigw","aws-lambda","aws-lambda-node","connectjs","express","express-js","expressjs","hapi","hapijs","http","koa","koa2","koajs","lambda","request","response","serverless"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/janaz.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2019-06-24T02:13:35.000Z","updated_at":"2025-03-31T12:58:18.000Z","dependencies_parsed_at":"2025-04-12T01:35:29.464Z","dependency_job_id":"f8a8c98e-f074-493c-99bd-0c8169f17ab2","html_url":"https://github.com/janaz/lambda-request-handler","commit_stats":null,"previous_names":[],"tags_count":30,"template":false,"template_full_name":null,"purl":"pkg:github/janaz/lambda-request-handler","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/janaz%2Flambda-request-handler","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/janaz%2Flambda-request-handler/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/janaz%2Flambda-request-handler/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/janaz%2Flambda-request-handler/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/janaz","download_url":"https://codeload.github.com/janaz/lambda-request-handler/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/janaz%2Flambda-request-handler/sbom","scorecard":{"id":504873,"data":{"date":"2025-08-11","repo":{"name":"github.com/janaz/lambda-request-handler","commit":"0b85a4971b5568065951d1e726f68ec9e7dce387"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.2,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":0,"reason":"Found 1/25 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/janaz/lambda-request-handler/main.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/janaz/lambda-request-handler/main.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/janaz/lambda-request-handler/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/janaz/lambda-request-handler/publish.yml/master?enable=pin","Warn: npmCommand not pinned by hash: .github/workflows/main.yml:21","Warn: npmCommand not pinned by hash: .github/workflows/publish.yml:17","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/main.yml:1","Warn: no topLevel permission defined: .github/workflows/publish.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 6 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-76c9-3jph-rj3q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T23:03:42.603Z","repository_id":35017204,"created_at":"2025-08-19T23:03:42.603Z","updated_at":"2025-08-19T23:03:42.603Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29978506,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-01T16:35:47.903Z","status":"ssl_error","status_checked_at":"2026-03-01T16:35:44.899Z","response_time":124,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-api-gateway","aws-apigateway","aws-apigw","aws-lambda","aws-lambda-node","connectjs","express","express-js","expressjs","hapi","hapijs","http","koa","koa2","koajs","lambda","request","response","serverless"],"created_at":"2024-09-24T14:18:24.968Z","updated_at":"2026-03-01T18:31:44.658Z","avatar_url":"https://github.com/janaz.png","language":"TypeScript","readme":"# lambda-request-handler\n\nAn npm module that allows your Node.js web applications to be deployed as an AWS Lambda function and invoked in response to API Gateway, HTTP API, or Application Load Balancer requests.\n\n[![Build Status](https://travis-ci.org/janaz/lambda-request-handler.svg?branch=master)](https://travis-ci.org/janaz/lambda-request-handler)\n\nThe list of supported frameworks matches [in-process-request](https://github.com/janaz/in-process-request)\n\n- Express.js v3\n- Express.js v4\n- Express.js v5\n- Apollo Server v2\n- Hapi v19 (only supported in `nodejs12.x` runtime)\n- Hapi v20 (only supported in `nodejs12.x` runtime)\n- NestJS v7\n- Connect v3\n- Koa v2\n- Polka\n- Fastify v3\n\nInspired by [aws-serverless-express](https://github.com/awslabs/aws-serverless-express)\n\nIt supports `nodejs10.x` and `nodejs12.x` execution environments.\n\nThe main differences between this module and `aws-serverless-express` are\n\n- It's using [in-process-request](https://github.com/janaz/in-process-request) module to execute app handlers in-process without having to start background http server\n- Simpler setup as it doesn't require managing the internal http server\n- Support for applications that require asynchronous setup (for example reading config from network, or decrypting secrets from KMS)\n- It's faster, because it doesn't need to pass the request to the internal server through the unix socket\n- It's free from issues caused by limits in Node.js http module such as header size limit\n\nThe handler supports events from the following sources:\n\n- API Gateway [REST APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-rest-api.html)\n- API Gateway [HTTP APIs](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api.html)\n- [Application Load Balancer](https://docs.aws.amazon.com/lambda/latest/dg/services-alb.html)\n\n## Demo app\n\nThere's a [demo app](https://github.com/janaz/lambda-request-handler-example) showcasing the features of this library available [here](https://github.com/janaz/lambda-request-handler-example)\n\n## Usage\n\nThe default export of `lambda-request-handler` is a function that takes an application handler (i.e. Express.js app instance) as an argument and returns an AWS Lambda handler function.\n\nAn additional header is injected into the request\n\n- `x-aws-lambda-request-id` - AWS Lambda Request Id\n\n```sh\n$ npm install lambda-request-handler\n```\n\n### Express.js\n\n```javascript\nconst express = require('express')\nconst lambdaRequestHandler = require('lambda-request-handler')\n\nconst app = express()\n\napp.get('/user/:id', (req, res) =\u003e {\n  res.json({\n    id: req.params.id,\n    lambdaRequestId: req.header('x-aws-lambda-request-id')\n    name: 'John'\n  })\n})\n\nconst handler = lambdaRequestHandler(app)\n\nmodule.exports = { handler }\n```\n\nIf the above file in your Lambda source was called `index.js` then the name of the handler in the Lambda configuration is `index.handler`\n\n#### Advanced example with asynchronous setup\n\nSometimes the application needs to read configuration from remote source before it can start processing requests. For example it may need to decrypt some secrets managed by KMS. For this use case a special helper `deferred` has been provided. It takes a factory function which returns a Promise that resolves to the app instance. The factory function will be called only once.\n\n```javascript\nconst lambdaRequestHandler = require(\"lambda-request-handler\")\nconst AWS = require(\"aws-sdk\")\nconst express = require(\"express\")\n\nconst createApp = (secret) =\u003e {\n  const app = express()\n  app.get(\"/secret\", (req, res) =\u003e {\n    res.json({\n      secret: secret,\n    })\n  })\n}\n\nconst myAppPromise = async () =\u003e {\n  const kms = new AWS.KMS()\n  const data = await kms\n    .decrypt({\n      CiphertextBlob: Buffer.from(process.env.ENCRYPTED_SECRET, \"base64\"),\n    })\n    .promise()\n  const secret = data.Plaintext.toString(\"ascii\")\n  return createApp(secret)\n}\n\nconst handler = lambdaRequestHandler.deferred(myAppPromise)\n\nmodule.exports = { handler }\n```\n\n### Hapi\n\nPlease note that Hapi v19 dropped support for Node v10. The only AWS Lambda runtime that supports it is `nodejs12.x`.\n\n```javascript\nconst Hapi = require(\"@hapi/hapi\")\nconst lambdaRequestHandler = require(\"lambda-request-handler\")\n\n// create custom listener for Hapi\nconst myListener = new lambdaRequestHandler.HapiListener()\n\n// Pass the custom listener to Hapi.server\nconst server = Hapi.server({\n  listener: myListener,\n})\n\nserver.route({\n  method: \"GET\",\n  path: \"/\",\n  handler: (_request: any, _h: any) =\u003e {\n    return \"Hello World!\"\n  },\n})\n\nconst myAppPromise = async () =\u003e {\n  //wait for the server to initialize\n  await server.start()\n  // return the request listener function\n  return myListener.handler\n}\n\nconst handler = lambdaRequestHandler.deferred(myAppPromise)\n\nmodule.exports = { handler }\n```\n\nIf the above file in your Lambda source was called `index.js` then the name of the handler in the Lambda configuration is `index.handler`\n\n### NestJS\n\nThis example is in Typescript\n\n```typescript\nimport lambdaRequestHandler from \"lambda-request-handler\"\n\nimport { NestFactory } from \"@nestjs/core\"\nimport { Module, Get, Controller } from \"@nestjs/common\"\nimport { NestExpressApplication } from \"@nestjs/platform-express\"\n\n@Controller()\nclass AppController {\n  @Get()\n  render() {\n    return { hello: \"world\" }\n  }\n}\n\n@Module({\n  imports: [],\n  controllers: [AppController],\n})\nclass AppModule {}\n\nconst getApp = async () =\u003e {\n  const app = await NestFactory.create\u003cNestExpressApplication\u003e(AppModule)\n\n  return await lambdaRequestHandler.nestHandler(app)\n}\n\nconst handler = lambdaRequestHandler.deferred(getApp)\n\nmodule.exports = { handler }\n```\n\nIf the above file in your Lambda source was called `index.ts`, compiled to `index.js` then the name of the handler in the Lambda configuration is `index.handler`\n\n### Polka\n\n```javascript\nconst polka = require('polka')\nconst lambdaRequestHandler = require('lambda-request-handler')\n\nconst app = polka()\n\napp.get('/user/:id', (req, res) =\u003e {\n  res.json({\n    id: req.params.id,\n    lambdaRequestId: req.header('x-aws-lambda-request-id')\n    name: 'John'\n  })\n})\n\nconst handler = lambdaRequestHandler(app.handler.bind(app))\n\nmodule.exports = { handler }\n```\n\nIf the above file in your Lambda source was called `index.js` then the name of the handler in the Lambda configuration is `index.handler`\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjanaz%2Flambda-request-handler","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjanaz%2Flambda-request-handler","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjanaz%2Flambda-request-handler/lists"}