@vercel/build-utils - npm Package Compare versions

Comparing version 13.14.2 to 13.15.0

dist/deserialize/create-functions-iterator.d.ts

+/**
+ * Creates an async iterator that scans a directory for sub-directories
+ * that end with the suffix `.func`.
+ *
+ * @param dir Absolute path to scan for `.func` directories
+ * @param root The root directory from where the scanning started
+ */
+export declare function createFunctionsIterator(dir: string, root?: string): AsyncIterable<string>;

dist/deserialize/create-functions-iterator.js

+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var create_functions_iterator_exports = {};
+__export(create_functions_iterator_exports, {
+  createFunctionsIterator: () => createFunctionsIterator
+});
+module.exports = __toCommonJS(create_functions_iterator_exports);
+var import_path = require("path");
+var import_fs_extra = require("fs-extra");
+const SUFFIX = ".func";
+async function* createFunctionsIterator(dir, root = dir) {
+  let paths;
+  try {
+    paths = await (0, import_fs_extra.readdir)(dir);
+  } catch (err) {
+    if (err.code !== "ENOENT" && err.code !== "ENOTDIR") {
+      throw err;
+    }
+    paths = [];
+  }
+  for (const path of paths) {
+    const abs = (0, import_path.join)(dir, path);
+    const s = await (0, import_fs_extra.stat)(abs);
+    if (s.isDirectory()) {
+      if (path.endsWith(SUFFIX)) {
+        yield (0, import_path.relative)(root, abs.substring(0, abs.length - SUFFIX.length));
+      } else {
+        yield* createFunctionsIterator(abs, root);
+      }
+    }
+  }
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  createFunctionsIterator
+});

dist/deserialize/hydrate-files-map.d.ts

+import type { Files } from '../types';
+import FileFsRef from '../file-fs-ref';
+export declare function hydrateFilesMap(files: Files, filesMap: Record<string, string>, repoRootPath: string, fileFsRefsCache: Map<string, FileFsRef>): Promise<void>;

dist/deserialize/hydrate-files-map.js

+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var hydrate_files_map_exports = {};
+__export(hydrate_files_map_exports, {
+  hydrateFilesMap: () => hydrateFilesMap
+});
+module.exports = __toCommonJS(hydrate_files_map_exports);
+var import_file_fs_ref = __toESM(require("../file-fs-ref"));
+var import_path = require("path");
+async function hydrateFilesMap(files, filesMap, repoRootPath, fileFsRefsCache) {
+  for (const [funcPath, projectPath] of Object.entries(filesMap)) {
+    files[funcPath] = await fileFsRefCached(
+      (0, import_path.join)(repoRootPath, projectPath),
+      fileFsRefsCache
+    );
+  }
+}
+async function fileFsRefCached(fsPath, cache) {
+  let file = cache.get(fsPath);
+  if (!file) {
+    file = await import_file_fs_ref.default.fromFsPath({ fsPath });
+    cache.set(fsPath, file);
+  }
+  return file;
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  hydrateFilesMap
+});

dist/deserialize/maybe-read-json.d.ts

+/**
+ * Reads the JSON file at `path`.
+ * Returns `undefined` if the file does not exist.
+ */
+export declare function maybeReadJSON<T = any>(path: string): Promise<T | undefined>;

dist/deserialize/maybe-read-json.js

+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var maybe_read_json_exports = {};
+__export(maybe_read_json_exports, {
+  maybeReadJSON: () => maybeReadJSON
+});
+module.exports = __toCommonJS(maybe_read_json_exports);
+var import_fs_extra = require("fs-extra");
+async function maybeReadJSON(path) {
+  try {
+    return await (0, import_fs_extra.readJSON)(path);
+  } catch (err) {
+    if (err.code !== "ENOENT")
+      throw err;
+  }
+  return void 0;
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  maybeReadJSON
+});

dist/deserialize/validate-framework-version.d.ts

+type FrameworkMeta = {
+    version: string;
+};
+export declare function validateFrameworkVersion(frameworkVersion: string | undefined): FrameworkMeta | undefined;
+export {};

dist/deserialize/validate-framework-version.js

+"use strict";
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+var validate_framework_version_exports = {};
+__export(validate_framework_version_exports, {
+  validateFrameworkVersion: () => validateFrameworkVersion
+});
+module.exports = __toCommonJS(validate_framework_version_exports);
+var import_errors = require("../errors");
+const MAX_FRAMEWORK_VERSION_LENGTH = 50;
+function validateFrameworkVersion(frameworkVersion) {
+  if (!frameworkVersion) {
+    return void 0;
+  }
+  if (typeof frameworkVersion !== "string") {
+    throw new import_errors.NowBuildError({
+      message: `Invalid config.json: "framework.version" type "${typeof frameworkVersion}" should be "string"`,
+      code: "VC_BUILD_INVALID_CONFIG_JSON_FRAMEWORK_VERSION_TYPE"
+    });
+  }
+  if (frameworkVersion.length > MAX_FRAMEWORK_VERSION_LENGTH) {
+    const trimmedFrameworkVersion = frameworkVersion.slice(
+      0,
+      MAX_FRAMEWORK_VERSION_LENGTH
+    );
+    throw new import_errors.NowBuildError({
+      message: `Invalid config.json: "framework.version" length ${frameworkVersion.length} > ${MAX_FRAMEWORK_VERSION_LENGTH}. "${trimmedFrameworkVersion}..."`,
+      code: "VC_BUILD_INVALID_CONFIG_JSON_FRAMEWORK_VERSION_LENGTH"
+    });
+  }
+  return {
+    version: frameworkVersion
+  };
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  validateFrameworkVersion
+});

CHANGELOG.md

 # @vercel/build-utils
 
+## 13.15.0
+
+### Minor Changes
+
+- [services] allow multiple v2beta triggers for a single Lambda when config is coming from services ([#15890](https://github.com/vercel/vercel/pull/15890))
+
+### Patch Changes
+
+- Add deserialization utilities ([#15927](https://github.com/vercel/vercel/pull/15927))
+
 ## 13.14.2
@@ -4,0 +14,0 @@

dist/index.d.ts

@@ -53,1 +53,5 @@ import FileBlob from './file-blob';
 export { validateLambdaSize, validateUncompressedLambdaSize, FunctionSizeError, MAX_LAMBDA_SIZE, MAX_LAMBDA_UNCOMPRESSED_SIZE, validateEnvWrapperSupport, ENV_WRAPPER_SUPPORTED_FAMILIES, } from './validate-lambda-size';
+export { validateFrameworkVersion } from './deserialize/validate-framework-version';
+export { hydrateFilesMap } from './deserialize/hydrate-files-map';
+export { createFunctionsIterator } from './deserialize/create-functions-iterator';
+export { maybeReadJSON } from './deserialize/maybe-read-json';

dist/lambda.js

@@ -213,8 +213,2 @@ "use strict";
         );
-        if (trigger.type === "queue/v2beta") {
-          (0, import_assert.default)(
-            experimentalTriggers.length === 1,
-            '"experimentalTriggers" can only have one item for queue/v2beta'
-          );
-        }
         if (trigger.maxDeliveries !== void 0) {
@@ -372,2 +366,7 @@ (0, import_assert.default)(
         );
+        if (experimentalTriggers && experimentalTriggers.length > 1 && experimentalTriggers.some((t) => t.type === "queue/v2beta")) {
+          throw new Error(
+            `functions["${pattern}"].experimentalTriggers can only have one item for queue/v2beta`
+          );
+        }
         return {
@@ -374,0 +373,0 @@ architecture: fn.architecture,

package.json

 {
   "name": "@vercel/build-utils",
-  "version": "13.14.2",
+  "version": "13.15.0",
   "license": "Apache-2.0",
@@ -5,0 +5,0 @@ "main": "./dist/index.js",

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 11 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 3 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Shell access

Supply chain risk

This module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.

Found 1 instance in 1 package

Dynamic require

Supply chain risk

Dynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 11 instances in 1 package

Filesystem access

Supply chain risk

Accesses the file system, and could potentially read sensitive data.

Found 3 instances in 1 package

Long strings

Supply chain risk

Contains long string literals, which may be a sign of obfuscated or packed code.

Found 1 instance in 1 package

URL strings

Supply chain risk

Package contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

1518582

0.81%

Number of package files

126

6.78%

Lines of code

34036

0.92%

Worsened metrics

Number of low supply chain risk alerts

49

4.26%

No dependency changes