@vercel/blob - npm Package Compare versions

Comparing version 0.9.0 to 0.9.1

dist/index.d.ts

@@ -57,2 +57,3 @@ import { Readable } from 'node:stream';
     allowedContentTypes?: string[];
+    validUntil?: number;
 }
@@ -59,0 +60,0 @@ declare function generateClientTokenFromReadWriteToken({ token, ...args }: GenerateClientTokenOptions): Promise<string>;

dist/index.js

@@ -1,1 +0,1 @@
-import*as f from"crypto";import{fetch as m}from"undici";var o=class extends Error{constructor(r){super(`Vercel Blob: ${r}`)}},l=class extends Error{constructor(){super("Vercel Blob: Access denied, please provide a valid token for this resource")}},c=class extends Error{constructor(){super("Vercel Blob: Unknown error, please contact support@vercel.com")}};async function y(e,r,t){if(!e)throw new o("pathname is required");if(!r)throw new o("body is required");if(!t||t.access!=="public")throw new o('access must be "public"');let n={authorization:`Bearer ${a(t)}`};t.contentType&&(n["x-content-type"]=t.contentType);let s=await m(`${p()}/${e}`,{method:"PUT",body:r,headers:n,duplex:"half"});if(s.status!==200)throw s.status===403?new l:new c;let i=await s.json();return d(i)}async function T(e,r){let t=await m(`${p()}/delete`,{method:"POST",headers:{authorization:`Bearer ${a(r)}`,"content-type":"application/json"},body:JSON.stringify({urls:Array.isArray(e)?e:[e]})});if(t.status!==200)throw t.status===403?new l:new c;let n=await t.json();return Array.isArray(e)?n.map(s=>s?d(s):null):n[0]?d(n[0]):null}async function R(e,r){let t=new URL(p());t.searchParams.set("url",e);let n=await m(t,{method:"GET",headers:{authorization:`Bearer ${a(r)}`}});if(n.status===404)return null;if(n.status!==200)throw n.status===403?new l:new c;let s=await n.json();return d(s)}async function x(e){let r=new URL(p());e!=null&&e.limit&&r.searchParams.set("limit",e.limit.toString()),e!=null&&e.prefix&&r.searchParams.set("prefix",e.prefix),e!=null&&e.cursor&&r.searchParams.set("cursor",e.cursor);let t=await m(r,{method:"GET",headers:{authorization:`Bearer ${a(e)}`}});if(t.status!==200)throw t.status===403?new l:new c;let n=await t.json();return{...n,blobs:n.blobs.map(d)}}async function A({token:e,...r}){if(typeof window!="undefined")throw new Error('"generateClientTokenFromReadWriteToken" must be called from a server environment');let t=new Date;t.setSeconds(t.getSeconds()+30);let n=a({token:e}),[,,,s=null]=n.split("_");if(!s)throw new Error(e?'Invalid "token" parameter':"Invalid BLOB_READ_WRITE_TOKEN");let i=Buffer.from(JSON.stringify({...r,validUntil:t.getTime()})).toString("base64"),u=await B(i,n);if(!u)throw new Error("Unable to sign client token");return`vercel_blob_client_${s}_${Buffer.from(`${u}.${i}`).toString("base64")}`}async function g(e){return globalThis.crypto.subtle.importKey("raw",new TextEncoder().encode(a({token:e})),{name:"HMAC",hash:"SHA-256"},!1,["sign","verify"])}async function B(e,r){if(!globalThis.crypto)return f.createHmac("sha256",r).update(e).digest("hex");let t=await globalThis.crypto.subtle.sign("HMAC",await g(r),new TextEncoder().encode(e));return Buffer.from(new Uint8Array(t)).toString("hex")}async function C({token:e,signature:r,body:t}){let n=a({token:e});if(!globalThis.crypto){let i=f.createHmac("sha256",n).update(t).digest("hex"),u=Buffer.from(i),b=Buffer.from(r);return u.length===b.length&&f.timingSafeEqual(u,b)}return await globalThis.crypto.subtle.verify("HMAC",await g(e),w(r),new TextEncoder().encode(t))}function w(e){if(e.length%2!==0)throw new RangeError("Expected string to be an even number of characters");let r=new Uint8Array(e.length/2);for(let t=0;t<e.length;t+=2)r[t/2]=parseInt(e.substring(t,t+2),16);return Buffer.from(r)}function O(e){let[,,,,r]=e.split("_"),t=Buffer.from(r!=null?r:"","base64").toString().split(".")[1],n=Buffer.from(t!=null?t:"","base64").toString();return JSON.parse(n)}function a(e){if(typeof window!="undefined"){if(!(e!=null&&e.token))throw new o('"token" is required');if(!e.token.startsWith("vercel_blob_client"))throw new o("client upload only supports client tokens")}if(e!=null&&e.token)return e.token;if(!process.env.BLOB_READ_WRITE_TOKEN)throw new Error("BLOB_READ_WRITE_TOKEN environment variable is not set. Please set it to your write token.");return process.env.BLOB_READ_WRITE_TOKEN}function p(){return process.env.VERCEL_BLOB_API_URL||process.env.NEXT_PUBLIC_VERCEL_BLOB_API_URL||"https://blob.vercel-storage.com"}function d(e){return{...e,uploadedAt:new Date(e.uploadedAt)}}export{l as BlobAccessError,o as BlobError,c as BlobUnknownError,T as del,A as generateClientTokenFromReadWriteToken,O as getPayloadFromClientToken,R as head,x as list,y as put,C as verifyCallbackSignature};
+import*as m from"crypto";import{fetch as b}from"undici";var o=class extends Error{constructor(r){super(`Vercel Blob: ${r}`)}},l=class extends Error{constructor(){super("Vercel Blob: Access denied, please provide a valid token for this resource")}},c=class extends Error{constructor(){super("Vercel Blob: Unknown error, please contact support@vercel.com")}};async function y(e,r,t){if(!e)throw new o("pathname is required");if(!r)throw new o("body is required");if(!t||t.access!=="public")throw new o('access must be "public"');let n={authorization:`Bearer ${a(t)}`};t.contentType&&(n["x-content-type"]=t.contentType);let s=await b(`${p()}/${e}`,{method:"PUT",body:r,headers:n,duplex:"half"});if(s.status!==200)throw s.status===403?new l:new c;let i=await s.json();return f(i)}async function T(e,r){let t=await b(`${p()}/delete`,{method:"POST",headers:{authorization:`Bearer ${a(r)}`,"content-type":"application/json"},body:JSON.stringify({urls:Array.isArray(e)?e:[e]})});if(t.status!==200)throw t.status===403?new l:new c;let n=await t.json();return Array.isArray(e)?n.map(s=>s?f(s):null):n[0]?f(n[0]):null}async function R(e,r){let t=new URL(p());t.searchParams.set("url",e);let n=await b(t,{method:"GET",headers:{authorization:`Bearer ${a(r)}`}});if(n.status===404)return null;if(n.status!==200)throw n.status===403?new l:new c;let s=await n.json();return f(s)}async function x(e){let r=new URL(p());e!=null&&e.limit&&r.searchParams.set("limit",e.limit.toString()),e!=null&&e.prefix&&r.searchParams.set("prefix",e.prefix),e!=null&&e.cursor&&r.searchParams.set("cursor",e.cursor);let t=await b(r,{method:"GET",headers:{authorization:`Bearer ${a(e)}`}});if(t.status!==200)throw t.status===403?new l:new c;let n=await t.json();return{...n,blobs:n.blobs.map(f)}}async function A({token:e,...r}){var d;if(typeof window!="undefined")throw new Error('"generateClientTokenFromReadWriteToken" must be called from a server environment');let t=new Date;t.setSeconds(t.getSeconds()+30);let n=a({token:e}),[,,,s=null]=n.split("_");if(!s)throw new Error(e?'Invalid "token" parameter':"Invalid BLOB_READ_WRITE_TOKEN");let i=Buffer.from(JSON.stringify({...r,validUntil:(d=r.validUntil)!=null?d:t.getTime()})).toString("base64"),u=await B(i,n);if(!u)throw new Error("Unable to sign client token");return`vercel_blob_client_${s}_${Buffer.from(`${u}.${i}`).toString("base64")}`}async function g(e){return globalThis.crypto.subtle.importKey("raw",new TextEncoder().encode(a({token:e})),{name:"HMAC",hash:"SHA-256"},!1,["sign","verify"])}async function B(e,r){if(!globalThis.crypto)return m.createHmac("sha256",r).update(e).digest("hex");let t=await globalThis.crypto.subtle.sign("HMAC",await g(r),new TextEncoder().encode(e));return Buffer.from(new Uint8Array(t)).toString("hex")}async function C({token:e,signature:r,body:t}){let n=a({token:e});if(!globalThis.crypto){let i=m.createHmac("sha256",n).update(t).digest("hex"),u=Buffer.from(i),d=Buffer.from(r);return u.length===d.length&&m.timingSafeEqual(u,d)}return await globalThis.crypto.subtle.verify("HMAC",await g(e),w(r),new TextEncoder().encode(t))}function w(e){if(e.length%2!==0)throw new RangeError("Expected string to be an even number of characters");let r=new Uint8Array(e.length/2);for(let t=0;t<e.length;t+=2)r[t/2]=parseInt(e.substring(t,t+2),16);return Buffer.from(r)}function O(e){let[,,,,r]=e.split("_"),t=Buffer.from(r!=null?r:"","base64").toString().split(".")[1],n=Buffer.from(t!=null?t:"","base64").toString();return JSON.parse(n)}function a(e){if(typeof window!="undefined"){if(!(e!=null&&e.token))throw new o('"token" is required');if(!e.token.startsWith("vercel_blob_client"))throw new o("client upload only supports client tokens")}if(e!=null&&e.token)return e.token;if(!process.env.BLOB_READ_WRITE_TOKEN)throw new Error("BLOB_READ_WRITE_TOKEN environment variable is not set. Please set it to your write token.");return process.env.BLOB_READ_WRITE_TOKEN}function p(){return process.env.VERCEL_BLOB_API_URL||process.env.NEXT_PUBLIC_VERCEL_BLOB_API_URL||"https://blob.vercel-storage.com"}function f(e){return{...e,uploadedAt:new Date(e.uploadedAt)}}export{l as BlobAccessError,o as BlobError,c as BlobUnknownError,T as del,A as generateClientTokenFromReadWriteToken,O as getPayloadFromClientToken,R as head,x as list,y as put,C as verifyCallbackSignature};

package.json

 {
   "name": "@vercel/blob",
-  "version": "0.9.0",
+  "version": "0.9.1",
   "description": "The Vercel Blob JavaScript API client",
@@ -5,0 +5,0 @@ "homepage": "https://vercel.com/storage/blob",

README.md

@@ -136,3 +136,3 @@ # 🍙 @vercel/blob
 
-Once created, a client token is valid for 30 seconds. This means you have 30 seconds to initiate an upload with this token.
+Once created, a client token is valid by default for 30 seconds (can be customized by configuring the `validUntil` field). This means you have 30 seconds to initiate an upload with this token.
 
@@ -149,2 +149,3 @@ ```ts
   allowedContentTypes?: string[];
+  validUntil?: number; // timestamp in ms
 }): string {}
@@ -303,2 +304,4 @@ ```
 
+  const timestamp = new Date();
+  timestamp.setSeconds(timestamp.getSeconds() + 60);
   return NextResponse.json({
@@ -315,2 +318,3 @@ clientToken: await generateClientTokenFromReadWriteToken({
       allowedContentTypes: 'text/plain',
+      validUntil: timestamp.getTime(), // default to 30s
     }),
@@ -317,0 +321,0 @@ });

No alert changes

Improved metrics

Total package byte prevSize

42738

increased by0.88%

Lines of code

138

increased by1.47%

Number of lines in readme file

472

increased by0.85%

No dependency changes