{"id":11221,"library":"lambda-api","title":"Lightweight Web Framework for AWS Lambda","description":"lambda-api is a zero-dependency, lightweight web framework designed specifically for building serverless applications on AWS Lambda. It supports both AWS API Gateway Lambda Proxy Integration and ALB Lambda Target Support, providing a minimal yet familiar API similar to Express.js or Fastify for routing, middleware, and error handling. Optimized for the stateless, single-run execution model of Lambda, it prioritizes fast cold starts and low memory consumption by eschewing external dependencies. The package is currently at version 1.2.0, with a consistent release cadence of minor versions to introduce new features, enhance TypeScript type definitions, and resolve bugs. Its primary differentiation lies in its minimal footprint and dedicated focus on the unique demands of serverless environments, making it ideal for high-performance, cost-efficient serverless APIs.","status":"active","version":"1.2.0","language":"javascript","source_language":"en","source_url":"https://github.com/jeremydaly/lambda-api","tags":["javascript","serverless","nodejs","api","AWS Lambda","API Gateway","web framework","json","schema","typescript"],"install":[{"cmd":"npm install lambda-api","lang":"bash","label":"npm"},{"cmd":"yarn add lambda-api","lang":"bash","label":"yarn"},{"cmd":"pnpm add lambda-api","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"Required if utilizing the built-in S3 service for operations like object handling or pre-signed URLs.","package":"@aws-sdk/client-s3","optional":true},{"reason":"Necessary for generating pre-signed S3 requests when using the S3 service functionality.","package":"@aws-sdk/s3-request-presigner","optional":true}],"imports":[{"note":"The default export is a function that needs to be invoked to get the API instance. For CommonJS, use `const api = require('lambda-api')();`.","wrong":"import { api } from 'lambda-api'; // Incorrectly assumes named export\nconst api = new API(); // Incorrectly assumes class constructor","symbol":"api","correct":"import lambdaApi from 'lambda-api';\nconst api = lambdaApi();"},{"note":"This is a type-only import for the main API interface, useful for TypeScript projects. Other types like `Request` and `Response` are also available for import.","wrong":"import { API } from 'lambda-api'; // Incorrectly imports the type as a value\nimport API from 'lambda-api'; // Incorrectly assumes default export is the type","symbol":"API","correct":"import type { API } from 'lambda-api';"},{"note":"For CommonJS modules, the `require` call must be immediately invoked as it exports a factory function that returns the API instance.","wrong":"const lambdaApi = require('lambda-api');\nconst api = lambdaApi; // Fails to invoke the factory function\nconst { api } = require('lambda-api'); // Incorrectly assumes named export","symbol":"CommonJS (API instance)","correct":"const api = require('lambda-api')();"}],"quickstart":{"code":"import lambdaApi from 'lambda-api';\n\nconst api = lambdaApi();\n\n// Define a route that responds with a status object\napi.get('/status', async (req, res) => {\n  return { status: 'ok', timestamp: new Date().toISOString() };\n});\n\n// Define a route that handles a POST request with a body\napi.post('/greet', async (req, res) => {\n  const name = req.body?.name || 'Guest';\n  return { message: `Hello, ${name}!` };\n});\n\n// Declare your Lambda handler function\nexport const handler = async (event, context) => {\n  // Run the request through the lambda-api framework\n  return await api.run(event, context);\n};","lang":"typescript","description":"This quickstart demonstrates how to initialize `lambda-api`, define a simple GET and POST route, and expose it as an AWS Lambda handler."},"warnings":[{"fix":"Install `@aws-sdk/client-s3` and `@aws-sdk/s3-request-presigner` via npm/yarn. Update any AWS SDK v2 S3 calls to their equivalent AWS SDK v3 syntax. If you must use SDK v2, pin `lambda-api` to `0.12.0`.","message":"Version 1.0.0 migrated to AWS SDK v3. If your application uses `lambda-api`'s S3 service functionality, you must ensure `@aws-sdk/client-s3` and `@aws-sdk/s3-request-presigner` (peer dependencies) are installed and your code is updated for SDK v3 syntax.","severity":"breaking","affected_versions":">=1.0.0"},{"fix":"Run `npm install @aws-sdk/client-s3 @aws-sdk/s3-request-presigner` (or `yarn add`) if you intend to use the S3 service provided by `lambda-api`.","message":"As of v1.0.1, AWS SDK v3 packages (`@aws-sdk/client-s3`, `@aws-sdk/s3-request-presigner`) are peer dependencies. They are not bundled with `lambda-api` and must be explicitly installed if your application leverages `lambda-api`'s S3 service.","severity":"gotcha","affected_versions":">=1.0.1"},{"fix":"If migrating to AWS SDK v3 is not feasible, restrict `lambda-api` to `0.12.0` in your `package.json` (`\"lambda-api\": \"^0.12.0\"`). Otherwise, upgrade your application's SDK usage to v3.","message":"Users still relying on AWS SDK v2 should use `lambda-api@0.12.0`. Version 1.x and above are exclusively built for AWS SDK v3.","severity":"deprecated","affected_versions":">=1.0.0"},{"fix":"Upgrade to `lambda-api@0.11.2` or any later version (e.g., `1.x.x`) to patch this security vulnerability.","message":"A prototype pollution vulnerability in the `deepMerge` utility was fixed in version 0.11.2. This could potentially allow an attacker to modify properties of `Object.prototype`, affecting all objects in the application.","severity":"security","affected_versions":"<0.11.2"}],"env_vars":null,"last_verified":"2026-04-19T00:00:00.000Z","next_check":"2026-07-18T00:00:00.000Z","problems":[{"fix":"Ensure `lambda-api` is `v1.0.0` or higher, and install `@aws-sdk/client-s3` and `@aws-sdk/s3-request-presigner`. If using `lambda-api@0.12.0` for AWS SDK v2, ensure `aws-sdk` is installed.","cause":"The built-in S3 service functionality is being accessed without the required AWS SDK v3 peer dependencies installed, or the `lambda-api` version is incompatible with the installed AWS SDK version.","error":"TypeError: Cannot read properties of undefined (reading 's3') OR TypeError: api.s3 is not a function"},{"fix":"Change your import statement to `import lambdaApi from 'lambda-api'; const api = lambdaApi();`. Alternatively, ensure your file is treated as CommonJS (e.g., change file extension to `.cjs` or set `\"type\": \"commonjs\"` in `package.json`).","cause":"Attempting to use CommonJS `require()` syntax in an environment configured for ES Modules (e.g., `\"type\": \"module\"` in `package.json`).","error":"ReferenceError: require is not defined in ES module scope"},{"fix":"Run `npm install lambda-api` or `yarn add lambda-api` in your project directory.","cause":"The `lambda-api` package has not been installed or is not resolvable from the current working directory.","error":"Error: Cannot find module 'lambda-api' or 'lambda-api/package.json'"}],"ecosystem":"npm"}