Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
@vercel/og
Advanced tools
@vercel/og is a package designed to generate Open Graph images dynamically. It allows developers to create custom social media preview images on the fly using HTML and CSS, which can be particularly useful for generating unique images for each page or post on a website.
Generate Open Graph Images
This feature allows you to generate Open Graph images dynamically using HTML and CSS. The code sample demonstrates how to create an image with a custom title passed as a query parameter.
const { ImageResponse } = require('@vercel/og');
export default function handler(req, res) {
const { searchParams } = new URL(req.url, 'http://localhost');
const title = searchParams.get('title') || 'Default Title';
const image = new ImageResponse(
<div style={{
fontSize: 128,
color: 'white',
background: 'black',
width: '100%',
height: '100%',
display: 'flex',
alignItems: 'center',
justifyContent: 'center',
}}>
{title}
</div>,
{
width: 1200,
height: 630,
}
);
res.setHeader('Content-Type', 'image/png');
res.send(image);
}
Puppeteer is a Node library which provides a high-level API to control Chrome or Chromium over the DevTools Protocol. It can be used to generate screenshots and PDFs of web pages, which can include Open Graph images. Compared to @vercel/og, Puppeteer offers more flexibility and control over the browser environment but requires more setup and resources.
html-to-image is a library that allows you to convert HTML nodes to images in various formats. It is simpler and more lightweight compared to @vercel/og, but it may not offer the same level of customization and dynamic content generation capabilities.
Sharp is a high-performance image processing library for Node.js. It can be used to create, manipulate, and convert images. While it does not directly generate images from HTML/CSS like @vercel/og, it can be used in conjunction with other tools to achieve similar results.
Generate Open Graph images with Vercel’s Edge Function.
Install @vercel/og
, then use it inside an API route with Edge Runtime configured in your Next.js project:
// /pages/api/og.jsx
import { ImageResponse } from '@vercel/og'
export const config = {
runtime: 'experimental-edge',
}
export default function () {
return new ImageResponse(
(
<div
style={{
width: '100%',
height: '100%',
display: 'flex',
alignItems: 'center',
justifyContent: 'center',
fontSize: 128,
background: 'lavender',
}}
>
Hello!
</div>
)
)
}
Then run next dev
and access localhost:3000/api/og, the React element will be rendered and responded as a PNG from that endpoint:
Read more about the API, supported features and check out the examples in the following sections.
@vercel/og
only supports the Edge Runtime. The Node.js runtime will not work.
The package exposes an ImageResponse
constructor, with the following options available:
import { ImageResponse } from '@vercel/og'
// ...
new ImageResponse(
element: ReactElement,
options: {
width?: number = 1200
height?: number = 630
emoji?: 'twemoji' | 'blobmoji' | 'noto' | 'openmoji' | 'fluent' | 'fluentFlat' = 'twemoji',
fonts?: {
name: string,
data: ArrayBuffer,
weight: number,
style: 'normal' | 'italic'
}[]
debug?: boolean = false
// Options that will be passed to the HTTP response
status?: number = 200
statusText?: string
headers?: Record<string, string>
},
)
When running in production, these headers will be included by @vercel/og
:
'content-type': 'image/png',
'cache-control': 'public, immutable, no-transform, max-age=31536000',
During development, the cache-control: no-cache, no-store
header is used instead.
Please refer to Satori’s documentation for a list of supported HTML and CSS features.
By default, @vercel/og
only has the Noto Sans font included. If you need to use other fonts, you can pass them in the fonts
option. Check the Custom Font example below for more details.
pnpm i
inside the playground/
directorypnpm dev
to start the Next.js apppnpm i
inside the root directorypnpm build
to build the librarypnpm types
to generate the typesThis project will not be possible without the following projects:
FAQs
Generate Open Graph Images dynamically from HTML/CSS without a browser
The npm package @vercel/og receives a total of 47,392 weekly downloads. As such, @vercel/og popularity was classified as popular.
We found that @vercel/og demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 9 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.