@vercel/node
Advanced tools
@vercel/node - npm Package Compare versions
+22
-56
@@ -531,3 +531,3 @@ var __create = Object.create; | ||
| import { EdgeRuntime, runServer } from "edge-runtime"; | ||
| import { fetch, Headers as Headers2 } from "undici"; | ||
| import { Headers as Headers2, request as undiciRequest } from "undici"; | ||
| import { isError } from "@vercel/error-utils"; | ||
@@ -593,2 +593,3 @@ import { readFileSync } from "fs"; | ||
| import exitHook from "exit-hook"; | ||
| import { buildToHeaders } from "@edge-runtime/node-utils"; | ||
| import { fileURLToPath } from "url"; | ||
@@ -602,2 +603,3 @@ var NODE_VERSION_MAJOR = process.version.match(/^v(\d+)\.\d+/)?.[1]; | ||
| } | ||
| var toHeaders = buildToHeaders({ Headers: Headers2 }); | ||
| var __dirname = fileURLToPath(new URL(".", import.meta.url)); | ||
@@ -730,16 +732,15 @@ var edgeHandlerTemplate = readFileSync( | ||
| } | ||
| const headers = new Headers2(request.headers); | ||
| const body = await serializeBody(request); | ||
| if (body !== void 0) | ||
| headers.set("content-length", String(body.length)); | ||
| request.headers["content-length"] = String(body.length); | ||
| const url = new URL(request.url ?? "/", server.url); | ||
| const response = await fetch(url, { | ||
| const response = await undiciRequest(url, { | ||
| body, | ||
| headers, | ||
| method: request.method, | ||
| redirect: "manual" | ||
| headers: request.headers, | ||
| method: request.method || "GET" | ||
| }); | ||
| const isUserError = response.headers.get("x-vercel-failed") === "edge-wrapper"; | ||
| if (isUserError && response.status >= 500) { | ||
| const body2 = await response.text(); | ||
| const resHeaders = toHeaders(response.headers); | ||
| const isUserError = resHeaders.get("x-vercel-failed") === "edge-wrapper"; | ||
| if (isUserError && response.statusCode >= 500) { | ||
| const body2 = await response.body.text(); | ||
| const fakeStackTrace = ` at (${entrypointRelativePath})`; | ||
@@ -757,4 +758,4 @@ const requestPath = entrypointToRequestPath( | ||
| return { | ||
| status: response.status, | ||
| headers: response.headers, | ||
| status: response.statusCode, | ||
| headers: resHeaders, | ||
| body: response.body, | ||
@@ -980,7 +981,8 @@ encoding: "utf8" | ||
| import exitHook2 from "exit-hook"; | ||
| import { Headers as Headers3, fetch as fetch2 } from "undici"; | ||
| import { Headers as Headers3, request as undiciRequest2 } from "undici"; | ||
| import { listen } from "async-listen"; | ||
| import { isAbsolute } from "path"; | ||
| import { pathToFileURL } from "url"; | ||
| import zlib from "zlib"; | ||
| import { buildToHeaders as buildToHeaders2 } from "@edge-runtime/node-utils"; | ||
| var toHeaders2 = buildToHeaders2({ Headers: Headers3 }); | ||
| var [NODE_MAJOR] = process.versions.node.split(".").map((v) => Number(v)); | ||
@@ -996,22 +998,2 @@ var HTTP_METHODS = [ | ||
| ]; | ||
| function compress(body, encoding) { | ||
| switch (encoding) { | ||
| case "br": | ||
| return zlib.brotliCompressSync(body, { | ||
| params: { | ||
| [zlib.constants.BROTLI_PARAM_QUALITY]: 0 | ||
| } | ||
| }); | ||
| case "gzip": | ||
| return zlib.gzipSync(body, { | ||
| level: zlib.constants.Z_BEST_SPEED | ||
| }); | ||
| case "deflate": | ||
| return zlib.deflateSync(body, { | ||
| level: zlib.constants.Z_BEST_SPEED | ||
| }); | ||
| default: | ||
| throw new Error(`encoding '${encoding}' not supported`); | ||
| } | ||
| } | ||
| async function createServerlessServer(userCode) { | ||
@@ -1050,6 +1032,4 @@ const server = createServer(userCode); | ||
| const url = new URL(request.url ?? "/", server.url); | ||
| const response = await fetch2(url, { | ||
| const response = await undiciRequest2(url, { | ||
| body: await serializeBody(request), | ||
| compress: !isStreaming, | ||
| // @ts-expect-error | ||
| headers: { | ||
@@ -1059,26 +1039,13 @@ ...request.headers, | ||
| }, | ||
| method: request.method, | ||
| redirect: "manual" | ||
| method: request.method || "GET" | ||
| }); | ||
| let body = null; | ||
| let headers = response.headers; | ||
| let headers = toHeaders2(response.headers); | ||
| if (isStreaming) { | ||
| body = response.body; | ||
| } else { | ||
| body = Buffer.from(await response.arrayBuffer()); | ||
| const contentEncoding = response.headers.get("content-encoding"); | ||
| if (contentEncoding) { | ||
| body = compress(body, contentEncoding); | ||
| const clonedHeaders = []; | ||
| for (const [key, value] of response.headers.entries()) { | ||
| if (key !== "transfer-encoding") { | ||
| clonedHeaders.push([key, value]); | ||
| } | ||
| } | ||
| clonedHeaders.push(["content-length", String(Buffer.byteLength(body))]); | ||
| headers = new Headers3(clonedHeaders); | ||
| } | ||
| body = Buffer.from(await response.body.arrayBuffer()); | ||
| } | ||
| return { | ||
| status: response.status, | ||
| status: response.statusCode, | ||
| headers, | ||
@@ -1092,3 +1059,2 @@ body, | ||
| // src/dev-server.mts | ||
| import { toToReadable } from "@edge-runtime/node-utils"; | ||
| import { getConfig } from "@vercel/static-config"; | ||
@@ -1170,3 +1136,3 @@ import { Project } from "ts-morph"; | ||
| } else { | ||
| toToReadable(body).pipe(res); | ||
| body.pipe(res); | ||
| } | ||
@@ -1173,0 +1139,0 @@ } catch (error) { |
+2
-1
| import type { ServerResponse, IncomingMessage } from 'http'; | ||
| import type { Headers } from 'undici'; | ||
| import type { Readable } from 'stream'; | ||
@@ -47,4 +48,4 @@ export type VercelRequestCookies = { [key: string]: string }; | ||
| headers: Headers; | ||
| body: ReadableStream<Uint8Array> | Buffer | null; | ||
| body: Readable | Buffer | null; | ||
| encoding: BufferEncoding; | ||
| } |
+2
-2
| { | ||
| "name": "@vercel/node", | ||
| "version": "3.0.8", | ||
| "version": "3.0.9", | ||
| "license": "Apache-2.0", | ||
@@ -34,3 +34,3 @@ "main": "./dist/index", | ||
| "typescript": "4.9.5", | ||
| "undici": "5.23.0" | ||
| "undici": "5.26.5" | ||
| }, | ||
@@ -37,0 +37,0 @@ "devDependencies": { |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 4 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Fixed alerts
Network access
Supply chain riskThis module accesses the network.
Found 2 instances in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 4 instances in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Improved metrics
- Number of low supply chain risk alerts
19
-5%- Number of medium supply chain risk alerts
3
-50%Worsened metrics
- Total package byte prevSize
3806525
-0.02%- Lines of code
106399
-0.03%Dependency changes
+ Added
@fastify/busboy@2.1.1(transitive)+ Added
undici@5.26.5(transitive)- Removed
busboy@1.6.0(transitive)- Removed
streamsearch@1.1.0(transitive)- Removed
undici@5.23.0(transitive)Updated
undici@5.26.5