@upstash/qstash - npm Package Compare versions

Comparing version 2.1.1 to 2.1.2-canary.0

./dist/index.js

@@ -7,7 +7,2 @@ "use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) { newObj[key] = obj[key]; } } } newObj.default = obj; return newObj; } }var __defProp = Object.defineProperty;
 var __propIsEnum = Object.prototype.propertyIsEnumerable;
-var __knownSymbol = (name, symbol) => {
-  if (symbol = Symbol[name])
-    return symbol;
-  throw Error("Symbol." + name + " is not defined");
-};
 var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
@@ -26,6 +21,2 @@ var __spreadValues = (a, b) => {
 var __spreadProps = (a, b) => __defProps(a, __getOwnPropDescs(b));
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
 var __async = (__this, __arguments, generator) => {
@@ -51,3 +42,2 @@ return new Promise((resolve, reject) => {
 };
-var __forAwait = (obj, it, method) => (it = obj[__knownSymbol("asyncIterator")]) ? it.call(obj) : (obj = obj[__knownSymbol("iterator")](), it = {}, method = (key, fn) => (fn = obj[key]) && (it[key] = (arg) => new Promise((yes, no, done) => (arg = fn.call(obj, arg), done = arg.done, Promise.resolve(arg.value).then((value) => yes({ value, done }), no)))), method("next"), method("return"), it);
 
@@ -478,129 +468,2 @@ // src/receiver.ts
 
-// src/nextjs.ts
-var nextjs_exports = {};
-__export(nextjs_exports, {
-  verifySignature: () => verifySignature,
-  verifySignatureEdge: () => verifySignatureEdge
-});
-var _server = require('next/server');
-function verifySignature(handler, config) {
-  var _a, _b;
-  const currentSigningKey = (_a = config == null ? void 0 : config.currentSigningKey) != null ? _a : process.env.QSTASH_CURRENT_SIGNING_KEY;
-  if (!currentSigningKey) {
-    throw new Error(
-      "currentSigningKey is required, either in the config or as env variable QSTASH_CURRENT_SIGNING_KEY"
-    );
-  }
-  const nextSigningKey = (_b = config == null ? void 0 : config.nextSigningKey) != null ? _b : process.env.QSTASH_NEXT_SIGNING_KEY;
-  if (!nextSigningKey) {
-    throw new Error(
-      "nextSigningKey is required, either in the config or as env variable QSTASH_NEXT_SIGNING_KEY"
-    );
-  }
-  const receiver = new Receiver({
-    currentSigningKey,
-    nextSigningKey
-  });
-  return (req, res) => __async(this, null, function* () {
-    const signature = req.headers["upstash-signature"];
-    if (!signature) {
-      res.status(400);
-      res.send("`Upstash-Signature` header is missing");
-      res.end();
-      return;
-    }
-    if (typeof signature !== "string") {
-      throw new Error("`Upstash-Signature` header is not a string");
-    }
-    const chunks = [];
-    try {
-      for (var iter = __forAwait(req), more, temp, error; more = !(temp = yield iter.next()).done; more = false) {
-        const chunk = temp.value;
-        chunks.push(typeof chunk === "string" ? Buffer.from(chunk) : chunk);
-      }
-    } catch (temp) {
-      error = [temp];
-    } finally {
-      try {
-        more && (temp = iter.return) && (yield temp.call(iter));
-      } finally {
-        if (error)
-          throw error[0];
-      }
-    }
-    const body = Buffer.concat(chunks).toString("utf-8");
-    const isValid = yield receiver.verify({
-      signature,
-      body,
-      clockTolerance: config == null ? void 0 : config.clockTolerance
-    });
-    if (!isValid) {
-      res.status(400);
-      res.send("Invalid signature");
-      res.end();
-      return;
-    }
-    try {
-      if (req.headers["content-type"] === "application/json") {
-        req.body = JSON.parse(body);
-      } else {
-        req.body = body;
-      }
-    } catch (e) {
-      req.body = body;
-    }
-    return handler(req, res);
-  });
-}
-function verifySignatureEdge(handler, config) {
-  var _a, _b;
-  const currentSigningKey = (_a = config == null ? void 0 : config.currentSigningKey) != null ? _a : process.env.QSTASH_CURRENT_SIGNING_KEY;
-  if (!currentSigningKey) {
-    throw new Error(
-      "currentSigningKey is required, either in the config or as env variable QSTASH_CURRENT_SIGNING_KEY"
-    );
-  }
-  const nextSigningKey = (_b = config == null ? void 0 : config.nextSigningKey) != null ? _b : process.env.QSTASH_NEXT_SIGNING_KEY;
-  if (!nextSigningKey) {
-    throw new Error(
-      "nextSigningKey is required, either in the config or as env variable QSTASH_NEXT_SIGNING_KEY"
-    );
-  }
-  const receiver = new Receiver({
-    currentSigningKey,
-    nextSigningKey
-  });
-  return (req, nfe) => __async(this, null, function* () {
-    const reqClone = req.clone();
-    const signature = req.headers.get("upstash-signature");
-    if (!signature) {
-      return new (0, _server.NextResponse)(new TextEncoder().encode("`Upstash-Signature` header is missing"), {
-        status: 403
-      });
-    }
-    if (typeof signature !== "string") {
-      throw new Error("`Upstash-Signature` header is not a string");
-    }
-    const body = yield req.text();
-    const isValid = yield receiver.verify({
-      signature,
-      body,
-      clockTolerance: config == null ? void 0 : config.clockTolerance
-    });
-    if (!isValid) {
-      return new (0, _server.NextResponse)(new TextEncoder().encode("invalid signature"), { status: 403 });
-    }
-    let parsedBody = void 0;
-    try {
-      if (req.headers.get("content-type") === "application/json") {
-        parsedBody = JSON.parse(body);
-      } else {
-        parsedBody = body;
-      }
-    } catch (e) {
-      parsedBody = body;
-    }
-    return handler(reqClone, nfe);
-  });
-}
 
@@ -613,5 +476,3 @@
 
-
-
-exports.Client = Client; exports.Messages = Messages; exports.Nextjs = nextjs_exports; exports.QstashError = QstashError; exports.Receiver = Receiver; exports.Schedules = Schedules; exports.SignatureError = SignatureError; exports.Topics = Topics;
+exports.Client = Client; exports.Messages = Messages; exports.QstashError = QstashError; exports.Receiver = Receiver; exports.Schedules = Schedules; exports.SignatureError = SignatureError; exports.Topics = Topics;
 //# sourceMappingURL=index.js.map

dist/index.d.ts

@@ -1,4 +0,1 @@
-import { NextApiHandler } from 'next';
-import { NextRequest, NextFetchEvent, NextResponse } from 'next/server';
-
 /**
@@ -562,32 +559,2 @@ * Necessary to verify the signature of a request.
 
-type VerifySignaturConfig = {
-    currentSigningKey?: string;
-    nextSigningKey?: string;
-    /**
-     * The url of this api route, including the protocol.
-     *
-     * If you omit this, the url will be automatically determined by checking the `VERCEL_URL` env variable and assuming `https`
-     */
-    url?: string;
-    /**
-     * Number of seconds to tolerate when checking `nbf` and `exp` claims, to deal with small clock differences among different servers
-     *
-     * @default 0
-     */
-    clockTolerance?: number;
-};
-declare function verifySignature(handler: NextApiHandler, config?: VerifySignaturConfig): NextApiHandler;
-declare function verifySignatureEdge(handler: (req: NextRequest, nfe: NextFetchEvent) => NextResponse | Promise<NextResponse>, config?: VerifySignaturConfig): (req: NextRequest, nfe: NextFetchEvent) => Promise<NextResponse<unknown>>;
-
-type nextjs_VerifySignaturConfig = VerifySignaturConfig;
-declare const nextjs_verifySignature: typeof verifySignature;
-declare const nextjs_verifySignatureEdge: typeof verifySignatureEdge;
-declare namespace nextjs {
-  export {
-    nextjs_VerifySignaturConfig as VerifySignaturConfig,
-    nextjs_verifySignature as verifySignature,
-    nextjs_verifySignatureEdge as verifySignatureEdge,
-  };
-}
-
-export { AddEndpointsRequest, Client, CreateScheduleRequest, Endpoint, Event, EventsRequest, GetEventsResponse, Message, Messages, nextjs as Nextjs, PublishJsonRequest, PublishRequest, QstashError, Receiver, ReceiverConfig, RemoveEndpointsRequest, Schedule, Schedules, SignatureError, State, Topic, Topics, VerifyRequest, WithCursor };
+export { AddEndpointsRequest, Client, CreateScheduleRequest, Endpoint, Event, EventsRequest, GetEventsResponse, Message, Messages, PublishJsonRequest, PublishRequest, QstashError, Receiver, ReceiverConfig, RemoveEndpointsRequest, Schedule, Schedules, SignatureError, State, Topic, Topics, VerifyRequest, WithCursor };

dist/index.js

@@ -7,7 +7,2 @@ "use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) { newObj[key] = obj[key]; } } } newObj.default = obj; return newObj; } }var __defProp = Object.defineProperty;
 var __propIsEnum = Object.prototype.propertyIsEnumerable;
-var __knownSymbol = (name, symbol) => {
-  if (symbol = Symbol[name])
-    return symbol;
-  throw Error("Symbol." + name + " is not defined");
-};
 var __defNormalProp = (obj, key, value) => key in obj ? __defProp(obj, key, { enumerable: true, configurable: true, writable: true, value }) : obj[key] = value;
@@ -26,6 +21,2 @@ var __spreadValues = (a, b) => {
 var __spreadProps = (a, b) => __defProps(a, __getOwnPropDescs(b));
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
 var __async = (__this, __arguments, generator) => {
@@ -51,3 +42,2 @@ return new Promise((resolve, reject) => {
 };
-var __forAwait = (obj, it, method) => (it = obj[__knownSymbol("asyncIterator")]) ? it.call(obj) : (obj = obj[__knownSymbol("iterator")](), it = {}, method = (key, fn) => (fn = obj[key]) && (it[key] = (arg) => new Promise((yes, no, done) => (arg = fn.call(obj, arg), done = arg.done, Promise.resolve(arg.value).then((value) => yes({ value, done }), no)))), method("next"), method("return"), it);
 
@@ -478,129 +468,2 @@ // src/receiver.ts
 
-// src/nextjs.ts
-var nextjs_exports = {};
-__export(nextjs_exports, {
-  verifySignature: () => verifySignature,
-  verifySignatureEdge: () => verifySignatureEdge
-});
-var _server = require('next/server');
-function verifySignature(handler, config) {
-  var _a, _b;
-  const currentSigningKey = (_a = config == null ? void 0 : config.currentSigningKey) != null ? _a : process.env.QSTASH_CURRENT_SIGNING_KEY;
-  if (!currentSigningKey) {
-    throw new Error(
-      "currentSigningKey is required, either in the config or as env variable QSTASH_CURRENT_SIGNING_KEY"
-    );
-  }
-  const nextSigningKey = (_b = config == null ? void 0 : config.nextSigningKey) != null ? _b : process.env.QSTASH_NEXT_SIGNING_KEY;
-  if (!nextSigningKey) {
-    throw new Error(
-      "nextSigningKey is required, either in the config or as env variable QSTASH_NEXT_SIGNING_KEY"
-    );
-  }
-  const receiver = new Receiver({
-    currentSigningKey,
-    nextSigningKey
-  });
-  return (req, res) => __async(this, null, function* () {
-    const signature = req.headers["upstash-signature"];
-    if (!signature) {
-      res.status(400);
-      res.send("`Upstash-Signature` header is missing");
-      res.end();
-      return;
-    }
-    if (typeof signature !== "string") {
-      throw new Error("`Upstash-Signature` header is not a string");
-    }
-    const chunks = [];
-    try {
-      for (var iter = __forAwait(req), more, temp, error; more = !(temp = yield iter.next()).done; more = false) {
-        const chunk = temp.value;
-        chunks.push(typeof chunk === "string" ? Buffer.from(chunk) : chunk);
-      }
-    } catch (temp) {
-      error = [temp];
-    } finally {
-      try {
-        more && (temp = iter.return) && (yield temp.call(iter));
-      } finally {
-        if (error)
-          throw error[0];
-      }
-    }
-    const body = Buffer.concat(chunks).toString("utf-8");
-    const isValid = yield receiver.verify({
-      signature,
-      body,
-      clockTolerance: config == null ? void 0 : config.clockTolerance
-    });
-    if (!isValid) {
-      res.status(400);
-      res.send("Invalid signature");
-      res.end();
-      return;
-    }
-    try {
-      if (req.headers["content-type"] === "application/json") {
-        req.body = JSON.parse(body);
-      } else {
-        req.body = body;
-      }
-    } catch (e) {
-      req.body = body;
-    }
-    return handler(req, res);
-  });
-}
-function verifySignatureEdge(handler, config) {
-  var _a, _b;
-  const currentSigningKey = (_a = config == null ? void 0 : config.currentSigningKey) != null ? _a : process.env.QSTASH_CURRENT_SIGNING_KEY;
-  if (!currentSigningKey) {
-    throw new Error(
-      "currentSigningKey is required, either in the config or as env variable QSTASH_CURRENT_SIGNING_KEY"
-    );
-  }
-  const nextSigningKey = (_b = config == null ? void 0 : config.nextSigningKey) != null ? _b : process.env.QSTASH_NEXT_SIGNING_KEY;
-  if (!nextSigningKey) {
-    throw new Error(
-      "nextSigningKey is required, either in the config or as env variable QSTASH_NEXT_SIGNING_KEY"
-    );
-  }
-  const receiver = new Receiver({
-    currentSigningKey,
-    nextSigningKey
-  });
-  return (req, nfe) => __async(this, null, function* () {
-    const reqClone = req.clone();
-    const signature = req.headers.get("upstash-signature");
-    if (!signature) {
-      return new (0, _server.NextResponse)(new TextEncoder().encode("`Upstash-Signature` header is missing"), {
-        status: 403
-      });
-    }
-    if (typeof signature !== "string") {
-      throw new Error("`Upstash-Signature` header is not a string");
-    }
-    const body = yield req.text();
-    const isValid = yield receiver.verify({
-      signature,
-      body,
-      clockTolerance: config == null ? void 0 : config.clockTolerance
-    });
-    if (!isValid) {
-      return new (0, _server.NextResponse)(new TextEncoder().encode("invalid signature"), { status: 403 });
-    }
-    let parsedBody = void 0;
-    try {
-      if (req.headers.get("content-type") === "application/json") {
-        parsedBody = JSON.parse(body);
-      } else {
-        parsedBody = body;
-      }
-    } catch (e) {
-      parsedBody = body;
-    }
-    return handler(reqClone, nfe);
-  });
-}
 
@@ -613,5 +476,3 @@
 
-
-
-exports.Client = Client; exports.Messages = Messages; exports.Nextjs = nextjs_exports; exports.QstashError = QstashError; exports.Receiver = Receiver; exports.Schedules = Schedules; exports.SignatureError = SignatureError; exports.Topics = Topics;
+exports.Client = Client; exports.Messages = Messages; exports.QstashError = QstashError; exports.Receiver = Receiver; exports.Schedules = Schedules; exports.SignatureError = SignatureError; exports.Topics = Topics;
 //# sourceMappingURL=index.js.map

package.json

 {
   "name": "@upstash/qstash",
-  "version": "2.1.1",
+  "version": "2.1.2-canary.0",
   "description": "Official Typescript client for QStash",
@@ -9,3 +9,3 @@ "repository": {
   },
-  "module": "./dist/index.mjs",
+  "module": "./dist/index.js",
   "main": "./dist/index.js",
@@ -27,3 +27,3 @@ "types": "./dist/index.d.ts",
   "files": [
-    "./dist"
+    "dist"
   ],
@@ -42,2 +42,12 @@ "devDependencies": {
   },
+  "typesVersions": {
+    "*": {
+      ".": [
+        "./dist/index.d.ts"
+      ],
+      "nextjs": [
+        "./dist/nextjs.d.ts"
+      ]
+    }
+  },
   "scripts": {
@@ -44,0 +54,0 @@ "build": "tsup",

New alerts

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Fixed alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 2 instances in 1 package

Improved metrics

Number of low supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

135029

decreased by-18.61%

Lines of code

1929

decreased by-18.74%

Number of low quality alerts

1

increased byInfinity%

No dependency changes