* [routing-utils] Handle `null` phase at the beginning
* Add fixed list
* Add tests
* Change hit and miss order
* Put null at the start
* Undo order changes
Co-authored-by: Steven <steven@ceriously.com>
* fix VERCEL_REGION and NOW_REGION
* remove VERCEL_REGION from exposeSystemEnvs
* refactor exposeSystemEnvs
* refactor getDecryptedEnvRecords
* consider project envs in exposeSystemEnvs
* simplify exposeSystemEnvs
* correctly set value of VERCEL_URL system envs
* make exposeSystemEnvs return all envs object
* parse url in server
* simplify
* refactor getDecryptedEnvRecords
* add comment
* remove unnecessary code
* add test
* fix test
* fix dev server unit tests
* always expose NOW_REGION
* fix dev test
* fix dev test
* only retrieve system env values when autoExposeSystemEnvs is true
Ref: https://app.clubhouse.io/vercel/story/15112
We added a property called `autoExposeSystemEnvs` to projects. If that property is `true`, we automatically expose system env variables such as `VERCEL=1`, `VERCEL_ENV=<production | preview>`, ... to the runtime and build time.
This PR makes sure we mirror this behavior when running `vc dev` locally.
### 📋 Checklist
<!--
Please keep your PR as a Draft until the checklist is complete
-->
#### Tests
- [x] The code changed/added as part of this PR has been covered with tests
- [x] All tests pass locally with `yarn test-unit`
#### Code Review
- [x] This PR has a concise title and thorough description useful to a reviewer
- [x] Issue from task tracker has a link to this PR
Add E2E test for to test image optimization against `vc dev` as well as a prod deployment.
### 📋 Checklist
<!--
Please keep your PR as a Draft until the checklist is complete
-->
#### Tests
- [x] The code changed/added as part of this PR has been covered with tests
- [x] All tests pass locally with `yarn test-unit`
#### Code Review
- [x] This PR has a concise title and thorough description useful to a reviewer
- [x] Issue from task tracker has a link to this PR (CH13104)
`/.well-known` files shouldn't have trailing slashes added as these clients likely do not follow redirects
Specifically, `/.well-known/apple-developer-merchantid-domain-association` cannot have trailing slash.
### Related Issues
https://vercel.slack.com/archives/CLDDX2Y0G/p1605127589058800
#### Tests
- [x] The code changed/added as part of this PR has been covered with tests
- [x] All tests pass locally with `yarn test-unit`
#### Code Review
- [x] This PR has a concise title and thorough description useful to a reviewer
- [x] Issue from task tracker has a link to this PR
If a builder wants to set a header that isn't allowed to be overridden by users, it should use `important: true`
#### Tests
- [x] The code changed/added as part of this PR has been covered with tests
- [x] All tests pass locally with `yarn test-unit`
#### Code Review
- [x] This PR has a concise title and thorough description useful to a reviewer
- [x] Issue from task tracker has a link to this PR: CH-14921
* [build-utils] Include `installCommand` when empty string
An empty string for the Project's `installCommand` setting has different
behavior than `null`, so properly provide the empty string to the
Runtime.
* Move tests to proper section
* [@vercel/static-build] Add directory for Serverless Functions
* Update tests and only consider index.js files
* Import only once
* Only change for zeroConfig
* Update packages/now-static-build/src/utils/_shared.ts
Co-authored-by: Steven <steven@ceriously.com>
* Update packages/now-static-build/test/fixtures/62-function-output-directory-with-static/now.json
Co-authored-by: Steven <steven@ceriously.com>
* Update packages/now-static-build/test/fixtures/61-function-output-directory/now.json
Co-authored-by: Steven <steven@ceriously.com>
* Update build
* Fix type
* Remove line
* Add to .vercelignore
* Fix paths in test
* Move more files
* Remove special case for test
Co-authored-by: Steven <steven@ceriously.com>
* prompt to select env type
* improve copy
* create env variable with type
* remove nanoid dependency
* use encodeURIComponent
* refactor envType -> type
* refactor envName -> key
* do not hide value input
* adjust value prompt depending on type
* handle std input for plaintext env variables
* show custom error when secret is not found
* handle secret name input starting with `@`
* fix system env value question
* improve ui of prompts
* expand env list in vc rm
* adjust tests
* environment -> environments
* list multiple targets in vc env ls
* show value for system env vars
* adjust tests
* capitalize targets
* add <type> to arguments
* always use stdInput for envValue
* fix number of arguments error
* adjust tests
* refactor ProjectEnvType
* refactor SYSTEM_ENV_VALUES
* fix typo for typePlaceholder
* use getCommandName
* use title
* remove @ts-ignore
* improve types
* show key controls for checkbox prompt
* fix plain envs can not be retrieved
* add test
* add test for `vc dev`
* use v6 to retrieve env variables
* fix v6 return type
* use v6 to display env vars
* add test for vc env ls
* expand env vars with multiple targets
* minor type fixes
* always use v6 for getEnvVariables
Co-authored-by: luc <luc.leray@gmail.com>
We currently pass through `images` whenever its defined, but this is enabling Image Optimization in the Proxy for every Next.js project.
Instead, we should check to see if the default loader is used (the same use for `next dev`) as a signal to enable this feature in the deployment.
Related to https://github.com/vercel/next.js/issues/18122
Bumps [next](https://github.com/vercel/next.js) from 9.5.1 to 9.5.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/vercel/next.js/releases">next's releases</a>.</em></p>
<blockquote>
<h2>v9.5.4</h2>
<p><strong>This upgrade is <em>completely backwards compatible and recommended for all users on versions below 9.5.4.</em> For future security related communications of our OSS projects, please <a href="https://vercel.com/security">join this mailing list</a>.</strong></p>
<p>A security team from one of our partners noticed an issue in Next.js that allowed for open redirects to occur.</p>
<p>Specially encoded paths could be used with the trailing slash redirect to allow an open redirect to occur to an external site.</p>
<p>In general, this redirect does not directly harm users although can allow for phishing attacks by redirecting to an attackers domain from a trusted domain.</p>
<p>We recommend upgrading to the latest version of Next.js to improve the overall security of your application.</p>
<h2>How to Upgrade</h2>
<ul>
<li>We have released patch versions for both the stable and canary channels of Next.js.</li>
<li>To upgrade run <code>npm install next@latest --save</code></li>
</ul>
<h2>Impact</h2>
<ul>
<li><strong>Affected</strong>: Users of Next.js between 9.5.0 and 9.5.3</li>
<li><strong>Not affected</strong>: Deployments on Vercel (<a href="https://vercel.com">https://vercel.com</a>) are not affected</li>
<li><strong>Not affected</strong>: Deployments using <code>next export</code></li>
</ul>
<p>We recommend everyone to upgrade regardless of whether you can reproduce the issue or not.</p>
<h3>How to Assess Impact</h3>
<p>If you think users could have been affected, you can filter logs of affected sites by <code>%2F</code> with a 308 response.</p>
<h2>What is Being Done</h2>
<p>As Next.js has grown in popularity, it has received the attention of security teams and auditors. We are thankful to those that reached out for their investigation and discovery of the original bug and subsequent responsible disclosure.</p>
<p>We've landed a patch that ensures encoding is handled properly for these types of redirects so the open redirect can no longer occur.</p>
<p>Regression tests for this attack were added to the <a href="https://github.com/vercel/next.js/blob/canary/test/integration/production/test/security.js">security</a> integration test suite.</p>
<ul>
<li>We have notified known Next.js users in advance of this publication.</li>
<li>A public CVE was released.</li>
<li>If you want to stay on top of our security related news impacting Next.js or other Vercel projects, please <a href="https://zeit.co/security">join this mailing list</a>.</li>
<li>We encourage responsible disclosure of future issues. Please email us at <strong><a href="https://github.com/vercel/next.js/blob/HEAD/mailto:security@zeit.co">security@vercel.com</a>.</strong> We are actively monitoring this mailbox.</li>
</ul>
<hr />
<h3>Core Changes</h3>
<ul>
<li>Make the image post-processor ignore SVG images: <a href="https://github-redirect.dependabot.com/vercel/next.js/issues/16732">#16732</a></li>
<li>Only update lookups for dev overlay if mounted: <a href="https://github-redirect.dependabot.com/vercel/next.js/issues/16776">#16776</a></li>
<li>Ensure interpolating dynamic href values works correctly: <a href="https://github-redirect.dependabot.com/vercel/next.js/issues/16774">#16774</a></li>
<li>Add automatic reloading when editing GS(S)P methods: <a href="https://github-redirect.dependabot.com/vercel/next.js/issues/16744">#16744</a></li>
<li>Update to show build indicator while re-fetching GS(S)P data in dev: <a href="https://github-redirect.dependabot.com/vercel/next.js/issues/16789">#16789</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="6588108150"><code>6588108</code></a> v9.5.4</li>
<li><a href="7108567b06"><code>7108567</code></a> v9.5.4-canary.25</li>
<li><a href="5d79a8c0c4"><code>5d79a8c</code></a> Update workflow step to restore cache (<a href="https://github-redirect.dependabot.com/vercel/next.js/issues/17656">#17656</a>)</li>
<li><a href="4c38e3ed8e"><code>4c38e3e</code></a> fix typo (<a href="https://github-redirect.dependabot.com/vercel/next.js/issues/17653">#17653</a>)</li>
<li><a href="241f38eaa8"><code>241f38e</code></a> v9.5.4-canary.24</li>
<li><a href="7dec91175c"><code>7dec911</code></a> change anonymous functions to named in docs examples (<a href="https://github-redirect.dependabot.com/vercel/next.js/issues/17510">#17510</a>)</li>
<li><a href="1659e4da61"><code>1659e4d</code></a> Update migrating from Gatsby docs. (<a href="https://github-redirect.dependabot.com/vercel/next.js/issues/17636">#17636</a>)</li>
<li><a href="06a8b1ad67"><code>06a8b1a</code></a> Add docs on how to migrate from Gatsby. (<a href="https://github-redirect.dependabot.com/vercel/next.js/issues/17491">#17491</a>)</li>
<li><a href="04234cc312"><code>04234cc</code></a> Update to use hasNextSupport for custom-routes in next export check (<a href="https://github-redirect.dependabot.com/vercel/next.js/issues/17630">#17630</a>)</li>
<li><a href="742f5d9a46"><code>742f5d9</code></a> test(create-next-app): increase coverage (<a href="https://github-redirect.dependabot.com/vercel/next.js/issues/17507">#17507</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/vercel/next.js/compare/v9.5.1...v9.5.4">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/vercel/vercel/network/alerts).
</details>
In some rare cases, the progress bar will still be in progress when the deployment completes, which causes the "Inspect" URL to print on the same line as the progress bar instead of a new line.
This PR fixes that corner case.
We don't support routing path aliases anymore, now that we've completely shut down the ZEIT Now 1.0 infrastructure. This PR removes path alias rules from Vercel CLI.
There was a regression when introducing multiple phases such as `hit` and `miss` which caused `routes` to stop working because the transition from `null` phase to the `filesystem` phase resets any dest rewrites.
The workaround is to detect when we don't have a `filesystem` phase and exit early.
Follow up to #5158 to add longer delay.
There is an issue with npm consistency after publishing so we wait longer before deprecating the `now` package because its a little larger than the others.
We have started migrating our projects to use Vue CLI with the Vercel zero-config builders. One particularly bug we ran into was due to the `Cache-Control` headers automatically applied on these resources that [differ from the documentation](https://vercel.com/docs/edge-network/caching#static-files):
> By default we return a `Cache-Control` header containing `public, max-age=0, must-revalidate` to prevent clients (e.g. browsers) from caching the file locally.
Instead of these headers, we were seeing `immutable` on all our resources. This is a good assumption for a vanilla Vue CLI setup because by default a content hash is used on every chunk, even the entry, which will change as soon as the file contents change. However, this may not always be the case, particularly on Vue CLI projects with any modifications to the build process, custom plugins, etc. that may exclude one or more files from the hash.
In our case this was breaking things in dramatic ways every time we deployed (and we deploy quite often!). Since the resources were being sent with the `immutable` header, the client browser was persisting these in cache and subsequent deployments with potentially breaking changes caused errors that were only resolved by clearing the client browser cache.
Example:
```
dist
├── css
│ ├── app.db598b39.css
│ └── common.css
├── js
│ ├── app.ac201ece.js
│ ├── chunk-587c608b.7d4361a1.js
│ ├── chunk-vendors.00676d62.js
│ └── common.js
└── index.html
```
In the above example, `common.css` and `common.js` are not hashed, but still have an `immutable` header preventing them from being re-validated by the client browser when a new deployment modifies their content.
To solve for this, I've updated the RegExp for Vue CLI to only apply the `immutable` caching header on files which have a content hash. This should solve for both vanilla Vue CLI setups and more advanced ones in which there may exist both files with and without a content hash.
Co-authored-by: Steven <steven@ceriously.com>
This PR solves an issue where tests would sometimes be rate limited when generating a token. This can be solved by caching the token like we do for E2E tests.
Example failure: https://github.com/vercel/vercel/runs/1098030228#step:11:9376
I also update the `@vercel/node` tests to compare the error message, exactly like how we do it with `@vercel/static-build`.
TypeScript supports comments in the `tsconfig.json` file, which is not
compatible with `JSON.parse()` so we have to use the built-in function
to parse the config file.
Fixes#4835.
Bumps [node-fetch](https://github.com/bitinn/node-fetch) from 2.6.0 to 2.6.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/bitinn/node-fetch/releases">node-fetch's releases</a>.</em></p>
<blockquote>
<h2>v2.6.1</h2>
<p><strong>This is an important security release. It is strongly recommended to update as soon as possible.</strong></p>
<p>See <a href="https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md#v261">CHANGELOG</a> for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md">node-fetch's changelog</a>.</em></p>
<blockquote>
<h2>v2.6.1</h2>
<p><strong>This is an important security release. It is strongly recommended to update as soon as possible.</strong></p>
<ul>
<li>Fix: honor the <code>size</code> option after following a redirect.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="b5e2e41b2b"><code>b5e2e41</code></a> update version number</li>
<li><a href="2358a6c256"><code>2358a6c</code></a> Honor the <code>size</code> option after following a redirect and revert data uri support</li>
<li><a href="8c197f8982"><code>8c197f8</code></a> docs: Fix typos and grammatical errors in README.md (<a href="https://github-redirect.dependabot.com/bitinn/node-fetch/issues/686">#686</a>)</li>
<li><a href="1e99050f94"><code>1e99050</code></a> fix: Change error message thrown with redirect mode set to error (<a href="https://github-redirect.dependabot.com/bitinn/node-fetch/issues/653">#653</a>)</li>
<li><a href="244e6f63d4"><code>244e6f6</code></a> docs: Show backers in README</li>
<li><a href="6a5d192034"><code>6a5d192</code></a> fix: Properly parse meta tag when parameters are reversed (<a href="https://github-redirect.dependabot.com/bitinn/node-fetch/issues/682">#682</a>)</li>
<li><a href="47a24a03eb"><code>47a24a0</code></a> chore: Add opencollective badge</li>
<li><a href="7b136627c5"><code>7b13662</code></a> chore: Add funding link</li>
<li><a href="5535c2ed47"><code>5535c2e</code></a> fix: Check for global.fetch before binding it (<a href="https://github-redirect.dependabot.com/bitinn/node-fetch/issues/674">#674</a>)</li>
<li><a href="1d5778ad0d"><code>1d5778a</code></a> docs: Add Discord badge</li>
<li>Additional commits viewable in <a href="https://github.com/bitinn/node-fetch/compare/v2.6.0...v2.6.1">compare view</a></li>
</ul>
</details>
<details>
<summary>Maintainer changes</summary>
<p>This version was pushed to npm by <a href="https://www.npmjs.com/~akepinski">akepinski</a>, a new releaser for node-fetch since your current version.</p>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/configuring-github-dependabot-security-updates)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/vercel/vercel/network/alerts).
</details>
The [functions](https://vercel.com/docs/configuration#project/functions) property matches source files and it wasn't working for `index.js` or `.ts` files because `next build` converts the source file `pages/api/index.js` to the output `.next/server/pages/api.js`. So this PR fixes the logic to reverse the output page to source file.
This PR is a follow up to #5157 which was unable to deprecate a package immediately after publishing and failed with E405. So this PR adds a delay between publish and deprecate. It also uses the `-f` flag suggested in the error message. https://github.com/vercel/vercel/runs/1076007594#step:6:649
This PR is a follow up to #5119 which had the names backwards.
I fixed the variable names to avoid the confusion since "new" and "old" were ambiguous.
I also removed the incorrect deprecation message from packages published during commit c9597dc199.
We deprecated all the `now` scoped packages in favor of the `vercel` equivalents, however the deprecation message disappears after each publish, so we must to run `npm deprecate` after `npm publish` for legacy packages.
Currently on my machine, vercel --version takes 850ms to run. With this change, that execution time is reduced to ~550ms.
The reason is that source maps seem to significantly slow down Node.js execution, compounded by the size of the source map, even if it is not used.
I believe the benefits of this perf improvement outweigh the direct source maps and minification benefits.
If it is felt that direct per-file source maps are necessary for internal errors, then reducing the source map size should be investigated further to improve the runtime performance here.
This PR updates the `README.md` files with the following changes:
- Removal of CLI deployment.
- Amends Blitz.js to be in line with other `README.md` formats.
* Revert "[build-utils] Use `handle: error` for api 404 (#5064)"
This reverts commit 02e1c921ac.
* Re-enable cli changes
* Re-enable redwood changes
* Minor cleanup
Since released PR #5009, we had some users that depend on the broken behavior. This adds an arbitrary date so that old projects will use the old broken behavior, and new projects will use the new behavior from #5009.
The reason for the date is that we don't want to force users to create new projects who noticed this broken behavior months ago like this discussion: https://github.com/vercel/vercel/discussions/4138
Its better to be a bit aggressive and set the date far back because users with that want the old behavior have a workaround: select Next.js in the framework dropdown. However, users that want the new behavior with an old project will be stuck without a solution.
This PR does a few things:
- Consolidates build-utils to use both 404 routes in `handle: error` phase
- Fixes `vc dev` to process `handle: error` phase after the `handle: filesystem` phase
- Updates `/api` 404 route to be excluded for frameworks like RedwoodJS which use their own functions
The deployment API might return a learn more link to address warnings, tips, or notices
CH-568
```
HTTP/2 200
...
x-vercel-warning-bad-error: Something went wrong
x-vercel-link-bad-error: https://vercel.link/bad-error
x-vercel-notice-low-funds: You are low on funds
x-vercel-link-low-funds: https://vercel.link/increase-funds
...
```
Should output as:
```
Warning: Something went wrong
Learn More: https://vercel.link/bad-error
Notice: You are low on funds
Learn More: https://vercel.link/increase-funds
```
This pull request adds a method redirect, the behavior will be the same as that of Next.js with `pages/api`. This PR takes into account the change that is being made in Next.js with redirect due to the [error that was reported](https://github.com/vercel/next.js/issues/15594) a few hours ago.
Co-authored-by: Steven <steven@ceriously.com>
This corrects behavior that was changed when switching to use `safelyCompile` which caused some `path-to-regexp` replacing behavior to be changed like not removing brackets `{}` around params which are removed in Next.js. This updates to first attempt to use the normal replacing behavior from `path-to-regexp` falling back to the safe compiling logic added when that fails.
Additional tests have been added to ensure the brackets are stripped as expected when compiling with `path-to-regexp`
The update message was sometimes printed when there was no update.
This PR fixes the update check to ensure the that it is only printed when the latest version differs from the current version.
This fixes the case where `trailingSlash: true` is used with `next export` causing the `404` page to be output as `404/index.html` and we were previously only checking for the 404 output at `404`. This also adds a regression test for this behavior.
Closes: https://github.com/vercel/next.js/issues/16218
The CLI doesn't depend on `@vercel/redwood` for `vc dev` since PR #5036 so we can remove it.
Similarly, zero config does not install `@vercel/next` or `@vercel/static-build` during `vc dev` so these can be removed too.
In the case where the user defines `builds` in vercel.json, the runtimes will be installed during the first run of `vc dev`.
This updates to not automatically append params to the query for rewrites if one or more of the params are already used in the destination's path. No other behavior is being changed and if the user still wants the params in the query after using them in the destination's path they can manually add them like with redirects.
x-ref: https://github.com/vercel/next.js/pull/16189
This PR uses the the new property added in PR #5034 to determine if a framework has a frontend runtime defined.
It also reverts a couple workarounds add in PR #4937 which was added for RedwoodJS which is no longer necessary since RedwoodJS defines a frontend framework the same way Next.js does.
This PR adds two properties to `frameworks.json`:
1. `useRuntime` - this moves the special case for non `@vercel/static-build` frontends, so that any framework can do the same as Next.js and RedwoodJS
2. `ignoreRuntimes` - this allows a framework to opt out of api detection such as RedwoodJS which handle's its own `.js` extensions
This also fixes 2 bugs discovered during implementing the feature:
1. `test-unit.yml` was not testing Node 12, it was testing 10 for both runs
2. `sortFilesBySegmentCount()` was non-deterministic causing node 10 and 12 to sort differently
This PR updates the default build command per @thedavidprice
It also uses `@vercel/frameworks` as a source of truth for the build command.
If the user has a `build` script in `package.json`, that will take precedence over the default.
Some files require execution privileges, such as Prisma, so we must preserve the file mode.
We also want redwood to behave the same as other frameworks and use `yarn build` if available.
CH Story:
https://app.clubhouse.io/vercel/story/5291/cli-connection-pooling
(Mac) script for watching count of active connections to API:
`watch -n 0.1 'netstat -a -n | grep -E \'(13.52.46.156|52.9.164.177)\' | wc -l'`
Limiting the active connections to 50 greatly decreased the amount of active connections but did not noticeably increase the time to upload files.
For each semaphore size below, I tested uploading 200 files of random size (between 50kb and 100kb) 5 times. More tests on varying file sizes / amounts showed similar results.
Results:
```
Size: Average time in ms
50 : 25740 ms
700 : 28763 ms
10 : 29339 ms
```
I also moved the the agent creation outside of the forEach loop when uploading. This is functionally the same (as node would use the same socket for the same hostname) but makes it easier to access the agent object if we need to debug in the future, and it seems unnecessary to create a new object each call.
This fixes the scenario where 1) is Windows and 2) there is no
`.gitignore` file in the project, so `vc link` creates one. Before, it was
defaulting to `\n`. Updated to use `os.EOL` so that `\r\n` is used on
Windows.
Also removed `encoding` option to `writeFile()` since `utf8` is already the
default.
Related to #4965.
We don't need to report these errors to Sentry because the user attempted a command that requires them to login.
https://sentry.io/organizations/vercel/issues/1498276418/?project=1323225
This will print:
- `NOT_AUTHORIZED`: "The specified token is not valid. Use vc login to generate a new token."
- `TEAM_DELETED`: "Your team was deleted. You can switch to a different one using vc switch"
### Related
- Related to #4082
- Related to #3857
* [cli] Adjust output for recently changed domain commands
* Update the inspect and list page
* Remove test
* Update packages/now-cli/src/commands/domains/inspect.ts
Co-authored-by: Steven <steven@ceriously.com>
* Change output
* Remove workaround
* Update error
* Include contextName
Co-authored-by: Steven <steven@ceriously.com>
This makes sure the routes mapping to the serverless functions handle the trailing slash being present or not. This also adds additional test cases to ensure it is functioning correctly
This adds handling for more cases while updating header values to make sure to escape any characters that could break compiling with `path-to-regexp`
x-ref: https://github.com/vercel/next.js/pull/15592
This makes sure we detect a fully static `/index` page correctly since the `prerender-manifest` lists it as `/` and we were expecting `/index` during the lambda building opt-out check
x-ref: https://github.com/vercel/next.js/discussions/15619
This PR fixes a bug when running `vercel link` command in a directory with `vercel.json` that contains `builds` property. The problem is that framework auto-detection doesn't run when `builds` is used, only for zero config. So we skip the API and instead create the project without auto-detection during `vc link`.
This updates our Next.js test fixtures to run against canary.
It looks like the mono-repo fixtures will need to be updated to run against canary separately since there may be a conflict with legacy routes and the trailing slash redirect
* [client] Export `buildFileTree()` and return the ignore list
The ignore list from this function will be used in production to
render a warning if there are files listed in the `.vercelignore` file
that are being comitted to the project's git repo.
* Tests for `ignoreList`
* Update packages/now-client/src/utils/index.ts
Co-authored-by: Steven <steven@ceriously.com>
Co-authored-by: Steven <steven@ceriously.com>
Previously, the zero detection would see js files in the `/api` directory and attempt to use `@vercel/node`. However, this doesn't work with RedwoodJS which uses a different format for [`/api`](https://github.com/vercel/vercel/tree/master/examples/redwoodjs/api) so we must only use `@vercel/redwood` when RedwoodJS is detected.
## Problem
`api-frameworks` is not being cached by our edge when used via the fallback-to-front mechanism. That's because the headers are only applied to `/api/frameworks` but not `/api/v1/frameworks` which is the actual path being used.
## Solution
Also apply the caching headers to `/api/<version>/frameworks`
* [now-cli] Change `now domains add` workflow to match dashboard
* Fix error throwing and add --force
* Remove `now domains verify`
* Count projects when removing a domain
* Include projects for `now inspect`
* Updated `now domains ls`
* Fix `now domains ls`
* Use Finally
* Add tests
* Use --force for domain tests
* Adjust tests
* Adjust test and fix output
* Fix padding
* Adjust more tests
* Ensure the project exists
* Log the deployment
* Fix tests again
* Remove project after test
* Fix command
* Fix test
* Change user after a couple of tests
* Add check
* Use random name for domain
* More logging
* Add more logging
* Remove logging
* Remove .now/project.json every time
* Skip test
* Add test to change user
* More logging
* Use now login
* Remove duplicated test
* Consider linked project for `domains add`
* Fix linting
* Remove unused docs
* Undo changes
* Undo more changes
* Fix typo
* Do not sort projects when there is only one record
* Fix loop
* Deploy with `-V 2`
* Remove verification
* Remove outdated link
* Update packages/now-cli/src/commands/domains/add.ts
Co-authored-by: Steven <steven@ceriously.com>
* Update packages/now-cli/src/commands/domains/add.ts
Co-authored-by: Steven <steven@ceriously.com>
* Use utils for public suffix and service type
* Update packages/now-cli/src/commands/domains/ls.ts
Co-authored-by: Steven <steven@ceriously.com>
* Update packages/now-cli/src/commands/domains/add.ts
Co-authored-by: Steven <steven@ceriously.com>
* Change link
* Undo test changes
* Fix type issues
* Update packages/now-cli/src/commands/domains/add.ts
Co-authored-by: Steven <steven@ceriously.com>
* Use domain config to print info
* Check apex domain when removing a domain
* Remove psl
* List projects when removing a domain
* Do not list projects
* Change user earlier
* Update packages/now-cli/src/commands/domains/inspect.ts
Co-authored-by: Steven <steven@ceriously.com>
* Apply suggestions from code review
Co-authored-by: Steven <steven@ceriously.com>
* Apply suggestions from code review
Co-authored-by: Steven <steven@ceriously.com>
Co-authored-by: Mark Glagola <mark.glagola@gmail.com>
Co-authored-by: Steven <steven@ceriously.com>
Follow up to #4897
* `vc link` - Update message to say `Set up ~/proj`
* `vc dev` - Update message to say `Set up and develop ~/proj`
* `vc link --help` - Updated example message to include `vc link ~/proj` usage
When pages are fully static and don't leverage preview mode or revalidation we can skip tracing the pages for generating the lambdas since lambdas aren't needed in this case
* [build-utils] Make `runPackageJsonScript()` run the `vercel-` or `now-` if defined in `package.json`
* [build-utils] Export `getScriptName()`
* [next] Use `getScriptName()` and `remove()`
* [node] Update for `vercel-`
* [static-build] Update for `vercel-`
* Remove debug
* Add `getScriptName()` unit tests
* Test for `vercel-build` in e2e
* Make platform name behavior be opt-in
So that it's not a breaking behavior change.
* Check for only "vercel-build" or "now-build", but not "build"
* Simplify `getScriptName()` to return the first existing script in a possible set
* Revert change
* Fix test
Co-authored-by: Joe Haddad <joe.haddad@zeit.co>
Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com>
Bumps [codecov](https://github.com/codecov/codecov-node) from 3.6.5 to 3.7.1.
<details>
<summary>Commits</summary>
<ul>
<li><a href="29dd5b6b03"><code>29dd5b6</code></a> 3.7.1</li>
<li><a href="c0711c6566"><code>c0711c6</code></a> Switch from execSync to execFileSync (<a href="https://github-redirect.dependabot.com/codecov/codecov-node/issues/180">#180</a>)</li>
<li><a href="5f6cc62d4f"><code>5f6cc62</code></a> Bump lodash from 4.17.15 to 4.17.19 (<a href="https://github-redirect.dependabot.com/codecov/codecov-node/issues/183">#183</a>)</li>
<li><a href="0c4d7f3c6f"><code>0c4d7f3</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/codecov/codecov-node/issues/182">#182</a> from codecov/update-readme-badges</li>
<li><a href="cc5e121842"><code>cc5e121</code></a> Update depstat image and urls</li>
<li><a href="b44b44e1f8"><code>b44b44e</code></a> Update readme with 400 error info (<a href="https://github-redirect.dependabot.com/codecov/codecov-node/issues/181">#181</a>)</li>
<li><a href="bb79335719"><code>bb79335</code></a> V3.7.0 (<a href="https://github-redirect.dependabot.com/codecov/codecov-node/issues/179">#179</a>)</li>
<li><a href="0d7b9b01cb"><code>0d7b9b0</code></a> Remove <code>'x-amz-acl': 'public-read'</code> header (<a href="https://github-redirect.dependabot.com/codecov/codecov-node/issues/178">#178</a>)</li>
<li><a href="eeff4e1953"><code>eeff4e1</code></a> Bump acorn from 5.7.3 to 5.7.4 (<a href="https://github-redirect.dependabot.com/codecov/codecov-node/issues/174">#174</a>)</li>
<li><a href="eb8a527470"><code>eb8a527</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/codecov/codecov-node/issues/172">#172</a> from RoboCafaz/bugfix/codebuild-pr-parser</li>
<li>Additional commits viewable in <a href="https://github.com/codecov/codecov-node/compare/v3.6.5...v3.7.1">compare view</a></li>
</ul>
</details>
<br />
[](https://help.github.com/articles/configuring-automated-security-fixes)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/vercel/vercel/network/alerts).
</details>
Previously, users would have to run `vc env pull` to fetch cloud environment
variables into `.env`. After this PR, if no `.env` or `.build.env` file is present,
environment variables will be pulled by `vc dev` from your Vercel Environment
Variables settings, no file necessary.
This makes the updating logic be asynchronous instead of synchronous, and as such will make boot-up of CLI be faster.
The actual update notification display is identical to previous, we are not using `update-notifier`'s default boxen rendering.
Now that `@vercel/static-build` is being symlinked to CLI due to the
yarn workspace, `vc dev` will always use the latest code for
zero-config, so this "npm pack" logic is no longer necessary.
The `vercel.json` also no longer gets created in this test so that
zero-config is used.
Ensures that `VERCEL_REGION` is set for API calls when the runtime
implements `startDevServer()`.
Also adds `VERCEL_URL` which was previously not defined.
The Vercel proxy request headers (`x-vercel-deployment-url` for example)
were not being sent to the dev server when the Runtime defines
`startDevServer()`. This is now fixed.
Also updates the header names to match production:
- `now` -> `vercel`
- 'x-now-trace', 'x-now-id', and 'x-now-log-id' are removed
Fixes#4729.
CH-3242
When a user has project configuration in `.vercel` that corresponds to a team that they are not a part of, we currently throw a 403 error. This adds special handling so that we can show a specific message when this happens.
I didn't want to update the return type of `getProjectByIdOrName` because we only want to handle this 403 in a special case, so I `throw` it instead.
Other changes are linter.
This is for `@vercel/go` to work on Windows, which currently fails with
this error:
```
panic: write pipe: The handle is invalid.
goroutine 1 [running]:
main.main()
C:/Users/Nathan/Code/casca/vercel-go-test/.vercel/cache/go/2flefmhra8o/api/vercel-dev-server-main.go:25 +0x1ec
exit status 2
```
So this fallback writes the port number to a temp file that
`startDevServer()` polls for in order to figure out the port number.
This PR adds an optional property called `sort` to each framework so that we can change the order returned in the API.
The reason this is necessary is because the order of the original array determines the precedence of framework detection. So we need another way to indicate the order of templates/examples returned from the API.
In particular, we need "Next.js" to be first and "Other" to be last.
I also updated the deprecated `@now/node` usage to `@vercel/node` in the API.
* [@vercel/build-utils] Improve Nuxt build
Need review from @pi0 and @danielroe
* Update packages/now-static-build/src/frameworks.ts
Co-authored-by: Daniel Roe <daniel@roe.dev>
Co-authored-by: Daniel Roe <daniel@roe.dev>
Co-authored-by: Andy <AndyBitz@users.noreply.github.com>
This fixes dynamic routes missing inside of shared lambdas for non-revalidate pages that leverage preview mode which causes them to not be able to render. Additional tests have also been added to ensure preview mode is working properly
This adds failing page names to our tests which should be resolved once the correct regexes is being generated for the routes-manifest in Next.js
Co-authored-by: Joe Haddad <joe.haddad@zeit.co>
Co-authored-by: Steven <steven@ceriously.com>
When a user performs an action such as trying to add a domain they don't own, the API returns a 400-499 response code.
Previously, we would save this error in Sentry but this PR changes the behavior so that the error is printed locally for the user but not saved in Sentry.
This reverts commit f11eb32b2c.
Reverts PR #4816
This PR adds back the Blitz.js demo now that we confirmed the example works and is deployed to the correct account.
This is a re-introduction of #4697, which was reverted for performance
resons. But now that #4760 and #4793 have landed, we can enable this
behavior again.
The first version of `routeKeys` which was Array based could contain invalid named regexes which would break the build during route validation so this disables using them in that version of the manifest instead of trying to leverage them still. It also adds an additional test fixture with this version of the manifest to ensure it is still working properly
This adds [Blitz.js](https://github.com/blitz-js/blitz) to the zero-config frameworks.
Blitz compiles to a Next.js app, so it uses the same `@vercel/next` builder.
The change in `packages/now-build-utils/src/detect-builders.ts` was made according to @styfle's suggestion in Slack.
---
**This is a rerun of #4219 which had to be reverted because of this:**
> It looks like the @vercel/next package still requires next in the dependencies.
>
> When I've deployed the example I've got only a file listing, but when I added next to the dependencies it worked. I'll revert for now.
This new PR fixes that problem with a small refactor to `@vercel/next`.
`@vercel/next` was getting the Next version two different ways:
1. By checking project root package.json for `next` in deps or devDeps
2. By trying to resolve the installed next version and get `version` from its package.json
My refactor consolidates those two approaches by changing the existing `getNextVersion()` function to first try and resolve the real next version. If that fails, fall back to checking the project root.
Blitz bundles Next, so the real next package version should always be resolved.
The current code uses `getAllProjectFiles()` which globs for every file
in the project, not considering the `.vercelignore` file and default
ignore list. For example, every file in the `node_modules` directory is
selected, just for `vercel dev` to manually ignore them afterwards,
which is very slow and wasteful. For a simple Next.js project, this
globbing was taking over 3 seconds on my machine 🤯!
Solution is to use the `staticFiles()` function which is the same as
`vercel dev` uses at boot-up time. This function properly considers the
ignore list and thus is much faster, and the manual filtering is no
longer necessary by `vercel dev`. For the same simple Next.js project,
this function takes on average 10 milliseconds.
Also did a bit of cleanup and removed the `getAllProjectFiles()`
function since it is no longer used anywhere.
For `getServerSideProps` routes the non-named data route was being used for routes causing dynamic route params that were being trusted from the proxy to be incorrect. Our tests weren't failing after trusting the values from the proxy was landed in Next.js on canary due to the `21-server-props` test suite not running against the latest canary which is updated in this PR.
Note: the below Next.js PR is not needed or can be reverted if this PR is landed
x-ref: https://github.com/vercel/next.js/pull/14829
* [cli] Reduce number of times `getNowConfig()` is invoked in `vercel dev`
When using the `vercel dev` command, the `getNowConfig()` function was
being invoked many times per HTTP-request. It should only be read _once_
per HTTP request as it may be an expensive function depending on the
project size.
This change reduces the number of times the function is called to once
per HTTP request, and passes around the resulting `nowConfig` object to
the functions that require it.
* Fix default values
* Remove unnecessary type narrowing
* Remove one more `getNowConfig()` invocation
Co-authored-by: kodiakhq[bot] <49736102+kodiakhq[bot]@users.noreply.github.com>
This adds the Lockfile from Gatsby's official starter to fix deployments.
```
❯ npx gatsby-cli new ~/Desktop/scratch/test-default
❯ cp ~/Desktop/scratch/test-default/yarn.lock examples/gatsby
❯ cd examples/gatsby
❯ yarn
❯ git add examples/gatsby/yarn.lock
```
@@ -68,13 +68,13 @@ In such cases you can visit the URL of the failed deployment and append `/_logs`
The logs of this deployment will contain the actual error which may help you to understand what went wrong.
### @zeit/node-file-trace
### @vercel/nft
Some of the Builders use `@zeit/node-file-trace` to tree-shake files before deployment. If you suspect an error with this tree-shaking mechanism, you can create the following script in your project:
Some of the Builders use `@vercel/nft` to tree-shake files before deployment. If you suspect an error with this tree-shaking mechanism, you can create the following script in your project:
When you run this script, you'll see all imported files. If anything file is missing, the bug is in [@zeit/node-file-trace](https://github.com/vercel/node-file-trace) and not the Builder.
When you run this script, you'll see all imported files. If anything file is missing, the bug is in [@vercel/nft](https://github.com/vercel/nft) and not the Builder.
The domain you supplied cannot be verified using either the intended set of nameservers or the given verification TXT record.
The domain you supplied cannot be verified using the intended nameservers.
#### Possible Ways to Fix It
#### Possible Way to Fix It
Apply the intended set of nameservers to your domain or add the given TXT verification record through your domain provider.
Apply the intended set of nameservers to your domain.
You can retrieve both the intended nameservers and TXT verification record for the domain you wish to verify by running `vercel domains inspect <domain>`.
When you have added either verification method to your domain, you can run `vercel domains verify <domain>` again to complete verification for your domain.
Vercel will also automatically check periodically that your domain has been verified and automatically mark it as such if we detect either verification method on the domain.
If you would not like to verify your domain, you can remove it from your account using `vercel domains rm <domain>`.
You specified a path as the value for the `--dotenv` flag, but the target of the path doesn't exist.
#### Possible Ways to Fix It
Make sure the target file you've specified exists and is readable by Vercel CLI. In addition, please ensure that the filename starts with a dot (example: `.env`) - then it should work.
This directory is a brief example of a [Blitz.js](https://blitzjs.com/) project that can be deployed with Vercel and zero configuration.
## Deploy Your Own
Deploy your own Blitz.js project with Vercel by viewing the [documentation on deploying to Vercel](https://blitzjs.com/docs/deploy-vercel)
[](https://vercel.com/import/project?template=https://github.com/vercel/vercel/tree/master/examples/blitzjs)
### How We Created This Example
To get started with Blitz.js, you can use [npx](https://www.npmjs.com/package/npx) to initialize the project:
@@ -19,11 +19,3 @@ To get started with React, along with [Serverless Functions](https://vercel.com/
```shell
$ npx create-react-app my-app
```
### Deploying From Your Terminal
You can deploy your new React project, along with [Serverless Functions](https://vercel.com/docs/v2/serverless-functions/introduction), with a single command from your terminal using [Vercel CLI](https://vercel.com/download):
@@ -19,11 +19,3 @@ To get started with Gatsby on Vercel, you can use the [Gatsby CLI](https://www.g
```shell
$ gatsby new gatsby-site
```
### Deploying From Your Terminal
You can deploy your new Gatsby project, along with [Serverless Functions](https://vercel.com/docs/v2/serverless-functions/introduction), with a single command from your terminal using [Vercel CLI](https://vercel.com/download):
This is a [Next.js](https://nextjs.org/) project bootstrapped with [`create-next-app`](https://github.com/zeit/next.js/tree/canary/packages/create-next-app).
This is a [Next.js](https://nextjs.org/) project bootstrapped with [`create-next-app`](https://github.com/vercel/next.js/tree/canary/packages/create-next-app).
## Getting Started
@@ -21,7 +21,7 @@ To learn more about Next.js, take a look at the following resources:
- [Next.js Documentation](https://nextjs.org/docs) - learn about Next.js features and API.
- [Learn Next.js](https://nextjs.org/learn) - an interactive Next.js tutorial.
You can check out [the Next.js GitHub repository](https://github.com/zeit/next.js) - your feedback and contributions are welcome!
You can check out [the Next.js GitHub repository](https://github.com/vercel/next.js/) - your feedback and contributions are welcome!
This directory is a brief example of a [RedwoodJS](https://redwoodjs.com) app with [Serverless Functions](https://vercel.com/docs/v2/serverless-functions/introduction) that can be deployed with Vercel and zero configuration.
## Deploy Your Own
Deploy your own RedwoodJS project, along with Serverless Functions, with Vercel.
[](https://vercel.com/import/project?template=https://github.com/vercel/vercel/tree/master/examples/redwoodjs)
To get started with RedwoodJS on Vercel, you can [use Yarn to initialize](https://redwoodjs.com/tutorial/installation-starting-development) the project:
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
