@arcjet/analyze 1.0.0-alpha.12 → 1.0.0-alpha.14

package/README.md

@@ -1,7 +1,7 @@
 <a href="https://arcjet.com" target="_arcjet-home">
   <picture>
-    <source media="(prefers-color-scheme: dark)" srcset="https://arcjet.com/arcjet-logo-dark-planet-arrival.svg">
-    <img src="https://arcjet.com/arcjet-logo-light-planet-arrival.svg" alt="Arcjet Logo" height="144" width="auto">
+    <source media="(prefers-color-scheme: dark)" srcset="https://arcjet.com/logo/arcjet-dark-lockup-voyage-horizontal.svg">
+    <img src="https://arcjet.com/logo/arcjet-light-lockup-voyage-horizontal.svg" alt="Arcjet Logo" height="128" width="auto">
   </picture>
 </a>
 
@@ -17,7 +17,7 @@
 </p>
 
 [Arcjet][arcjet] helps developers protect their apps in just a few lines of
-code. Implement rate limiting, bot protection, email verification & defend
+code. Implement rate limiting, bot protection, email verification, and defense
 against common attacks.
 
 This is the [Arcjet][arcjet] local analysis engine.

package/_virtual/arcjet_analyze_js_req.component.core.js

@@ -31,8 +31,9 @@ const wasmBase64 = "data:application/wasm;base64,AGFzbQEAAAAB3wIpYAF/AGADf39/AX9
  */
 // TODO: Switch back to top-level await when our platforms all support it
 async function wasm() {
-  // This uses fetch to decode the wasm data url
-  const wasmDecode = await fetch(wasmBase64);
+  // This uses fetch to decode the wasm data url, but disabling cache so files
+  // larger than 2mb don't fail to parse in the Next.js App Router
+  const wasmDecode = await fetch(wasmBase64, { cache: "no-store" });
   const buf = await wasmDecode.arrayBuffer();
   // And then we return it as a WebAssembly.Module
   return WebAssembly.compile(buf);

package/_virtual/arcjet_analyze_js_req.component.core2.js

@@ -31,8 +31,9 @@ const wasmBase64 = "data:application/wasm;base64,AGFzbQEAAAABBgFgAn9/AAMDAgAABAU
  */
 // TODO: Switch back to top-level await when our platforms all support it
 async function wasm() {
-  // This uses fetch to decode the wasm data url
-  const wasmDecode = await fetch(wasmBase64);
+  // This uses fetch to decode the wasm data url, but disabling cache so files
+  // larger than 2mb don't fail to parse in the Next.js App Router
+  const wasmDecode = await fetch(wasmBase64, { cache: "no-store" });
   const buf = await wasmDecode.arrayBuffer();
   // And then we return it as a WebAssembly.Module
   return WebAssembly.compile(buf);

package/_virtual/arcjet_analyze_js_req.component.core3.js

@@ -31,8 +31,9 @@ const wasmBase64 = "data:application/wasm;base64,AGFzbQEAAAABBgFgAn9/AAIaAwABMAA
  */
 // TODO: Switch back to top-level await when our platforms all support it
 async function wasm() {
-  // This uses fetch to decode the wasm data url
-  const wasmDecode = await fetch(wasmBase64);
+  // This uses fetch to decode the wasm data url, but disabling cache so files
+  // larger than 2mb don't fail to parse in the Next.js App Router
+  const wasmDecode = await fetch(wasmBase64, { cache: "no-store" });
   const buf = await wasmDecode.arrayBuffer();
   // And then we return it as a WebAssembly.Module
   return WebAssembly.compile(buf);

package/edge-light.d.ts

@@ -0,0 +1,28 @@
+import type { ArcjetLogger } from "@arcjet/protocol";
+import type { EmailValidationConfig, BotDetectionResult, BotType } from "./wasm/arcjet_analyze_js_req.component.js";
+interface AnalyzeContext {
+    log: ArcjetLogger;
+}
+export { type EmailValidationConfig, type BotType, 
+/**
+ * Represents the result of the bot detection.
+ *
+ * @property `botType` - What type of bot this is. This will be one of `BotType`.
+ * @property `botScore` - A score ranging from 0 to 99 representing the degree of
+ * certainty. The higher the number within the type category, the greater the
+ * degree of certainty. E.g. `BotType.Automated` with a score of 1 means we are
+ * sure the request was made by an automated bot. `BotType.LikelyNotABot` with a
+ * score of 30 means we don't think this request was a bot, but it's lowest
+ * confidence level. `BotType.LikelyNotABot` with a score of 99 means we are
+ * almost certain this request was not a bot.
+ */
+type BotDetectionResult, };
+/**
+ * Generate a fingerprint for the client. This is used to identify the client
+ * across multiple requests.
+ * @param ip - The IP address of the client.
+ * @returns A SHA-256 string fingerprint.
+ */
+export declare function generateFingerprint(context: AnalyzeContext, ip: string): Promise<string>;
+export declare function isValidEmail(context: AnalyzeContext, candidate: string, options?: EmailValidationConfig): Promise<boolean>;
+export declare function detectBot(context: AnalyzeContext, headers: string, patterns_add: string, patterns_remove: string): Promise<BotDetectionResult>;

package/edge-light.js

@@ -0,0 +1,112 @@
+import { instantiate } from './wasm/arcjet_analyze_js_req.component.js';
+import componentCoreWasm from './wasm/arcjet_analyze_js_req.component.core.wasm?module';
+import componentCore2Wasm from './wasm/arcjet_analyze_js_req.component.core2.wasm?module';
+import componentCore3Wasm from './wasm/arcjet_analyze_js_req.component.core3.wasm?module';
+
+async function moduleFromPath(path) {
+    if (path === "arcjet_analyze_js_req.component.core.wasm") {
+        return componentCoreWasm;
+    }
+    if (path === "arcjet_analyze_js_req.component.core2.wasm") {
+        return componentCore2Wasm;
+    }
+    if (path === "arcjet_analyze_js_req.component.core3.wasm") {
+        return componentCore3Wasm;
+    }
+    throw new Error(`Unknown path: ${path}`);
+}
+async function init(context) {
+    const { log } = context;
+    const coreImports = {
+        "arcjet:js-req/logger": {
+            debug(msg) {
+                log.debug(msg);
+            },
+            error(msg) {
+                log.error(msg);
+            },
+        },
+    };
+    try {
+        return instantiate(moduleFromPath, coreImports);
+    }
+    catch {
+        log.debug("WebAssembly is not supported in this runtime");
+    }
+}
+/**
+ * Generate a fingerprint for the client. This is used to identify the client
+ * across multiple requests.
+ * @param ip - The IP address of the client.
+ * @returns A SHA-256 string fingerprint.
+ */
+async function generateFingerprint(context, ip) {
+    if (ip == "") {
+        return "";
+    }
+    const analyze = await init(context);
+    if (typeof analyze !== "undefined") {
+        return analyze.generateFingerprint(ip);
+    }
+    if (hasSubtleCryptoDigest()) {
+        // Fingerprint v1 is just the IP address
+        const fingerprintRaw = `fp_1_${ip}`;
+        // Based on MDN example at
+        // https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest#converting_a_digest_to_a_hex_string
+        // Encode the raw fingerprint into a utf-8 Uint8Array
+        const fingerprintUint8 = new TextEncoder().encode(fingerprintRaw);
+        // Hash the message with SHA-256
+        const fingerprintArrayBuffer = await crypto.subtle.digest("SHA-256", fingerprintUint8);
+        // Convert the ArrayBuffer to a byte array
+        const fingerprintArray = Array.from(new Uint8Array(fingerprintArrayBuffer));
+        // Convert the bytes to a hex string
+        const fingerprint = fingerprintArray
+            .map((b) => b.toString(16).padStart(2, "0"))
+            .join("");
+        return fingerprint;
+    }
+    return "";
+}
+async function isValidEmail(context, candidate, options) {
+    const analyze = await init(context);
+    if (typeof analyze !== "undefined") {
+        return analyze.isValidEmail(candidate, options);
+    }
+    else {
+        // TODO: Fallback to JS if we don't have WASM?
+        return true;
+    }
+}
+async function detectBot(context, headers, patterns_add, patterns_remove) {
+    const analyze = await init(context);
+    if (typeof analyze !== "undefined") {
+        return analyze.detectBot(headers, patterns_add, patterns_remove);
+    }
+    else {
+        // TODO: Fallback to JS if we don't have WASM?
+        return {
+            botType: "not-analyzed",
+            botScore: 0,
+        };
+    }
+}
+function hasSubtleCryptoDigest() {
+    if (typeof crypto === "undefined") {
+        return false;
+    }
+    if (!("subtle" in crypto)) {
+        return false;
+    }
+    if (typeof crypto.subtle === "undefined") {
+        return false;
+    }
+    if (!("digest" in crypto.subtle)) {
+        return false;
+    }
+    if (typeof crypto.subtle.digest !== "function") {
+        return false;
+    }
+    return true;
+}
+
+export { detectBot, generateFingerprint, isValidEmail };

package/edge-light.ts

@@ -0,0 +1,172 @@
+import type { ArcjetLogger } from "@arcjet/protocol";
+
+import * as core from "./wasm/arcjet_analyze_js_req.component.js";
+import type {
+  ImportObject,
+  EmailValidationConfig,
+  BotDetectionResult,
+  BotType,
+} from "./wasm/arcjet_analyze_js_req.component.js";
+
+import componentCoreWasm from "./wasm/arcjet_analyze_js_req.component.core.wasm?module";
+import componentCore2Wasm from "./wasm/arcjet_analyze_js_req.component.core2.wasm?module";
+import componentCore3Wasm from "./wasm/arcjet_analyze_js_req.component.core3.wasm?module";
+
+interface AnalyzeContext {
+  log: ArcjetLogger;
+}
+
+async function moduleFromPath(path: string): Promise<WebAssembly.Module> {
+  if (path === "arcjet_analyze_js_req.component.core.wasm") {
+    return componentCoreWasm;
+  }
+  if (path === "arcjet_analyze_js_req.component.core2.wasm") {
+    return componentCore2Wasm;
+  }
+  if (path === "arcjet_analyze_js_req.component.core3.wasm") {
+    return componentCore3Wasm;
+  }
+
+  throw new Error(`Unknown path: ${path}`);
+}
+
+async function init(context: AnalyzeContext) {
+  const { log } = context;
+
+  const coreImports: ImportObject = {
+    "arcjet:js-req/logger": {
+      debug(msg) {
+        log.debug(msg);
+      },
+      error(msg) {
+        log.error(msg);
+      },
+    },
+  };
+
+  try {
+    return core.instantiate(moduleFromPath, coreImports);
+  } catch {
+    log.debug("WebAssembly is not supported in this runtime");
+  }
+}
+
+export {
+  type EmailValidationConfig,
+  type BotType,
+  /**
+   * Represents the result of the bot detection.
+   *
+   * @property `botType` - What type of bot this is. This will be one of `BotType`.
+   * @property `botScore` - A score ranging from 0 to 99 representing the degree of
+   * certainty. The higher the number within the type category, the greater the
+   * degree of certainty. E.g. `BotType.Automated` with a score of 1 means we are
+   * sure the request was made by an automated bot. `BotType.LikelyNotABot` with a
+   * score of 30 means we don't think this request was a bot, but it's lowest
+   * confidence level. `BotType.LikelyNotABot` with a score of 99 means we are
+   * almost certain this request was not a bot.
+   */
+  type BotDetectionResult,
+};
+
+/**
+ * Generate a fingerprint for the client. This is used to identify the client
+ * across multiple requests.
+ * @param ip - The IP address of the client.
+ * @returns A SHA-256 string fingerprint.
+ */
+export async function generateFingerprint(
+  context: AnalyzeContext,
+  ip: string,
+): Promise<string> {
+  if (ip == "") {
+    return "";
+  }
+
+  const analyze = await init(context);
+
+  if (typeof analyze !== "undefined") {
+    return analyze.generateFingerprint(ip);
+  }
+
+  if (hasSubtleCryptoDigest()) {
+    // Fingerprint v1 is just the IP address
+    const fingerprintRaw = `fp_1_${ip}`;
+
+    // Based on MDN example at
+    // https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest#converting_a_digest_to_a_hex_string
+
+    // Encode the raw fingerprint into a utf-8 Uint8Array
+    const fingerprintUint8 = new TextEncoder().encode(fingerprintRaw);
+    // Hash the message with SHA-256
+    const fingerprintArrayBuffer = await crypto.subtle.digest(
+      "SHA-256",
+      fingerprintUint8,
+    );
+    // Convert the ArrayBuffer to a byte array
+    const fingerprintArray = Array.from(new Uint8Array(fingerprintArrayBuffer));
+    // Convert the bytes to a hex string
+    const fingerprint = fingerprintArray
+      .map((b) => b.toString(16).padStart(2, "0"))
+      .join("");
+
+    return fingerprint;
+  }
+
+  return "";
+}
+
+export async function isValidEmail(
+  context: AnalyzeContext,
+  candidate: string,
+  options?: EmailValidationConfig,
+) {
+  const analyze = await init(context);
+
+  if (typeof analyze !== "undefined") {
+    return analyze.isValidEmail(candidate, options);
+  } else {
+    // TODO: Fallback to JS if we don't have WASM?
+    return true;
+  }
+}
+
+export async function detectBot(
+  context: AnalyzeContext,
+  headers: string,
+  patterns_add: string,
+  patterns_remove: string,
+): Promise<BotDetectionResult> {
+  const analyze = await init(context);
+
+  if (typeof analyze !== "undefined") {
+    return analyze.detectBot(headers, patterns_add, patterns_remove);
+  } else {
+    // TODO: Fallback to JS if we don't have WASM?
+    return {
+      botType: "not-analyzed",
+      botScore: 0,
+    };
+  }
+}
+
+function hasSubtleCryptoDigest() {
+  if (typeof crypto === "undefined") {
+    return false;
+  }
+
+  if (!("subtle" in crypto)) {
+    return false;
+  }
+  if (typeof crypto.subtle === "undefined") {
+    return false;
+  }
+  if (!("digest" in crypto.subtle)) {
+    return false;
+  }
+  if (typeof crypto.subtle.digest !== "function") {
+    return false;
+  }
+
+  return true;
+}

package/index.d.ts

@@ -1,4 +1,8 @@
+import type { ArcjetLogger } from "@arcjet/protocol";
 import type { EmailValidationConfig, BotDetectionResult, BotType } from "./wasm/arcjet_analyze_js_req.component.js";
+interface AnalyzeContext {
+    log: ArcjetLogger;
+}
 export { type EmailValidationConfig, type BotType, 
 /**
  * Represents the result of the bot detection.
@@ -19,6 +23,6 @@ type BotDetectionResult, };
  * @param ip - The IP address of the client.
  * @returns A SHA-256 string fingerprint.
  */
-export declare function generateFingerprint(ip: string): Promise<string>;
-export declare function isValidEmail(candidate: string, options?: EmailValidationConfig): Promise<boolean>;
-export declare function detectBot(headers: string, patterns_add: string, patterns_remove: string): Promise<BotDetectionResult>;
+export declare function generateFingerprint(context: AnalyzeContext, ip: string): Promise<string>;
+export declare function isValidEmail(context: AnalyzeContext, candidate: string, options?: EmailValidationConfig): Promise<boolean>;
+export declare function detectBot(context: AnalyzeContext, headers: string, patterns_add: string, patterns_remove: string): Promise<BotDetectionResult>;

package/index.js

@@ -1,5 +1,7 @@
-import logger from '@arcjet/logger';
 import { instantiate } from './wasm/arcjet_analyze_js_req.component.js';
+import { wasm } from './_virtual/arcjet_analyze_js_req.component.core.js';
+import { wasm as wasm$1 } from './_virtual/arcjet_analyze_js_req.component.core2.js';
+import { wasm as wasm$2 } from './_virtual/arcjet_analyze_js_req.component.core3.js';
 
 // TODO: Do we actually need this wasmCache or does `import` cache correctly?
 const wasmCache = new Map();
@@ -8,61 +10,40 @@ async function moduleFromPath(path) {
     if (typeof cachedModule !== "undefined") {
         return cachedModule;
     }
-    if (process.env["NEXT_RUNTIME"] === "edge") {
-        if (path === "arcjet_analyze_js_req.component.core.wasm") {
-            const mod = await import('./wasm/arcjet_analyze_js_req.component.core.wasm?module');
-            wasmCache.set(path, mod.default);
-            return mod.default;
-        }
-        if (path === "arcjet_analyze_js_req.component.core2.wasm") {
-            const mod = await import('./wasm/arcjet_analyze_js_req.component.core2.wasm?module');
-            wasmCache.set(path, mod.default);
-            return mod.default;
-        }
-        if (path === "arcjet_analyze_js_req.component.core3.wasm") {
-            const mod = await import('./wasm/arcjet_analyze_js_req.component.core3.wasm?module');
-            wasmCache.set(path, mod.default);
-            return mod.default;
-        }
+    if (path === "arcjet_analyze_js_req.component.core.wasm") {
+        const mod = await wasm();
+        wasmCache.set(path, mod);
+        return mod;
     }
-    else {
-        if (path === "arcjet_analyze_js_req.component.core.wasm") {
-            const { wasm } = await import('./_virtual/arcjet_analyze_js_req.component.core.js');
-            const mod = await wasm();
-            wasmCache.set(path, mod);
-            return mod;
-        }
-        if (path === "arcjet_analyze_js_req.component.core2.wasm") {
-            const { wasm } = await import('./_virtual/arcjet_analyze_js_req.component.core2.js');
-            const mod = await wasm();
-            wasmCache.set(path, mod);
-            return mod;
-        }
-        if (path === "arcjet_analyze_js_req.component.core3.wasm") {
-            const { wasm } = await import('./_virtual/arcjet_analyze_js_req.component.core3.js');
-            const mod = await wasm();
-            wasmCache.set(path, mod);
-            return mod;
-        }
+    if (path === "arcjet_analyze_js_req.component.core2.wasm") {
+        const mod = await wasm$1();
+        wasmCache.set(path, mod);
+        return mod;
+    }
+    if (path === "arcjet_analyze_js_req.component.core3.wasm") {
+        const mod = await wasm$2();
+        wasmCache.set(path, mod);
+        return mod;
     }
     throw new Error(`Unknown path: ${path}`);
 }
-const coreImports = {
-    "arcjet:js-req/logger": {
-        debug(msg) {
-            logger.debug(msg);
-        },
-        error(msg) {
-            logger.error(msg);
+async function init(context) {
+    const { log } = context;
+    const coreImports = {
+        "arcjet:js-req/logger": {
+            debug(msg) {
+                log.debug(msg);
+            },
+            error(msg) {
+                log.error(msg);
+            },
         },
-    },
-};
-async function init() {
+    };
     try {
         return instantiate(moduleFromPath, coreImports);
     }
     catch {
-        logger.debug("WebAssembly is not supported in this runtime");
+        log.debug("WebAssembly is not supported in this runtime");
     }
 }
 /**
@@ -71,11 +52,11 @@ async function init() {
  * @param ip - The IP address of the client.
  * @returns A SHA-256 string fingerprint.
  */
-async function generateFingerprint(ip) {
+async function generateFingerprint(context, ip) {
     if (ip == "") {
         return "";
     }
-    const analyze = await init();
+    const analyze = await init(context);
     if (typeof analyze !== "undefined") {
         return analyze.generateFingerprint(ip);
     }
@@ -98,8 +79,8 @@ async function generateFingerprint(ip) {
     }
     return "";
 }
-async function isValidEmail(candidate, options) {
-    const analyze = await init();
+async function isValidEmail(context, candidate, options) {
+    const analyze = await init(context);
     if (typeof analyze !== "undefined") {
         return analyze.isValidEmail(candidate, options);
     }
@@ -108,8 +89,8 @@ async function isValidEmail(candidate, options) {
         return true;
     }
 }
-async function detectBot(headers, patterns_add, patterns_remove) {
-    const analyze = await init();
+async function detectBot(context, headers, patterns_add, patterns_remove) {
+    const analyze = await init(context);
     if (typeof analyze !== "undefined") {
         return analyze.detectBot(headers, patterns_add, patterns_remove);
     }

package/index.ts

@@ -1,4 +1,4 @@
-import logger from "@arcjet/logger";
+import type { ArcjetLogger } from "@arcjet/protocol";
 
 import * as core from "./wasm/arcjet_analyze_js_req.component.js";
 import type {
@@ -8,6 +8,14 @@ import type {
   BotType,
 } from "./wasm/arcjet_analyze_js_req.component.js";
 
+import { wasm as componentCoreWasm } from "./wasm/arcjet_analyze_js_req.component.core.wasm?js";
+import { wasm as componentCore2Wasm } from "./wasm/arcjet_analyze_js_req.component.core2.wasm?js";
+import { wasm as componentCore3Wasm } from "./wasm/arcjet_analyze_js_req.component.core3.wasm?js";
+
+interface AnalyzeContext {
+  log: ArcjetLogger;
+}
+
 // TODO: Do we actually need this wasmCache or does `import` cache correctly?
 const wasmCache = new Map<string, WebAssembly.Module>();
 
@@ -17,74 +25,43 @@ async function moduleFromPath(path: string): Promise<WebAssembly.Module> {
     return cachedModule;
   }
 
-  if (process.env["NEXT_RUNTIME"] === "edge") {
-    if (path === "arcjet_analyze_js_req.component.core.wasm") {
-      const mod = await import(
-        "./wasm/arcjet_analyze_js_req.component.core.wasm?module"
-      );
-      wasmCache.set(path, mod.default);
-      return mod.default;
-    }
-    if (path === "arcjet_analyze_js_req.component.core2.wasm") {
-      const mod = await import(
-        "./wasm/arcjet_analyze_js_req.component.core2.wasm?module"
-      );
-      wasmCache.set(path, mod.default);
-      return mod.default;
-    }
-    if (path === "arcjet_analyze_js_req.component.core3.wasm") {
-      const mod = await import(
-        "./wasm/arcjet_analyze_js_req.component.core3.wasm?module"
-      );
-      wasmCache.set(path, mod.default);
-      return mod.default;
-    }
-  } else {
-    if (path === "arcjet_analyze_js_req.component.core.wasm") {
-      const { wasm } = await import(
-        "./wasm/arcjet_analyze_js_req.component.core.wasm"
-      );
-      const mod = await wasm();
-      wasmCache.set(path, mod);
-      return mod;
-    }
-    if (path === "arcjet_analyze_js_req.component.core2.wasm") {
-      const { wasm } = await import(
-        "./wasm/arcjet_analyze_js_req.component.core2.wasm"
-      );
-      const mod = await wasm();
-      wasmCache.set(path, mod);
-      return mod;
-    }
-    if (path === "arcjet_analyze_js_req.component.core3.wasm") {
-      const { wasm } = await import(
-        "./wasm/arcjet_analyze_js_req.component.core3.wasm"
-      );
-      const mod = await wasm();
-      wasmCache.set(path, mod);
-      return mod;
-    }
+  if (path === "arcjet_analyze_js_req.component.core.wasm") {
+    const mod = await componentCoreWasm();
+    wasmCache.set(path, mod);
+    return mod;
+  }
+  if (path === "arcjet_analyze_js_req.component.core2.wasm") {
+    const mod = await componentCore2Wasm();
+    wasmCache.set(path, mod);
+    return mod;
+  }
+  if (path === "arcjet_analyze_js_req.component.core3.wasm") {
+    const mod = await componentCore3Wasm();
+    wasmCache.set(path, mod);
+    return mod;
   }
 
   throw new Error(`Unknown path: ${path}`);
 }
 
-const coreImports: ImportObject = {
-  "arcjet:js-req/logger": {
-    debug(msg) {
-      logger.debug(msg);
+async function init(context: AnalyzeContext) {
+  const { log } = context;
+
+  const coreImports: ImportObject = {
+    "arcjet:js-req/logger": {
+      debug(msg) {
+        log.debug(msg);
+      },
+      error(msg) {
+        log.error(msg);
+      },
     },
-    error(msg) {
-      logger.error(msg);
-    },
-  },
-};
+  };
 
-async function init() {
   try {
     return core.instantiate(moduleFromPath, coreImports);
   } catch {
-    logger.debug("WebAssembly is not supported in this runtime");
+    log.debug("WebAssembly is not supported in this runtime");
   }
 }
 
@@ -112,12 +89,15 @@ export {
  * @param ip - The IP address of the client.
  * @returns A SHA-256 string fingerprint.
  */
-export async function generateFingerprint(ip: string): Promise<string> {
+export async function generateFingerprint(
+  context: AnalyzeContext,
+  ip: string,
+): Promise<string> {
   if (ip == "") {
     return "";
   }
 
-  const analyze = await init();
+  const analyze = await init(context);
 
   if (typeof analyze !== "undefined") {
     return analyze.generateFingerprint(ip);
@@ -151,10 +131,11 @@ export async function generateFingerprint(ip: string): Promise<string> {
 }
 
 export async function isValidEmail(
+  context: AnalyzeContext,
   candidate: string,
   options?: EmailValidationConfig,
 ) {
-  const analyze = await init();
+  const analyze = await init(context);
 
   if (typeof analyze !== "undefined") {
     return analyze.isValidEmail(candidate, options);
@@ -165,11 +146,12 @@ export async function isValidEmail(
 }
 
 export async function detectBot(
+  context: AnalyzeContext,
   headers: string,
   patterns_add: string,
   patterns_remove: string,
 ): Promise<BotDetectionResult> {
-  const analyze = await init();
+  const analyze = await init(context);
 
   if (typeof analyze !== "undefined") {
     return analyze.detectBot(headers, patterns_add, patterns_remove);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@arcjet/analyze",
-  "version": "1.0.0-alpha.12",
+  "version": "1.0.0-alpha.14",
   "description": "Arcjet local analysis engine",
   "license": "Apache-2.0",
   "homepage": "https://arcjet.com",
@@ -24,6 +24,11 @@
   "type": "module",
   "main": "./index.js",
   "types": "./index.d.ts",
+  "exports": {
+    "edge-light": "./edge-light.js",
+    "workerd": "./workerd.js",
+    "default": "./index.js"
+  },
   "files": [
     "LICENSE",
     "README.md",
@@ -46,15 +51,15 @@
     "./wasm/arcjet_analyze_js_req_bg.js"
   ],
   "dependencies": {
-    "@arcjet/logger": "1.0.0-alpha.12"
+    "@arcjet/protocol": "1.0.0-alpha.14"
   },
   "devDependencies": {
-    "@arcjet/eslint-config": "1.0.0-alpha.12",
-    "@arcjet/rollup-config": "1.0.0-alpha.12",
-    "@arcjet/tsconfig": "1.0.0-alpha.12",
-    "@bytecodealliance/jco": "1.1.1",
+    "@arcjet/eslint-config": "1.0.0-alpha.14",
+    "@arcjet/rollup-config": "1.0.0-alpha.14",
+    "@arcjet/tsconfig": "1.0.0-alpha.14",
+    "@bytecodealliance/jco": "1.2.4",
     "@jest/globals": "29.7.0",
-    "@rollup/wasm-node": "4.14.3",
+    "@rollup/wasm-node": "4.18.0",
     "@types/node": "18.18.0",
     "jest": "29.7.0",
     "typescript": "5.4.5"

package/wasm/arcjet_analyze_js_req.component.js

@@ -45,6 +45,7 @@ function utf8Encode(s, realloc, memory) {
   return ptr;
 }
 
+
 async function instantiate(getCoreModule, imports, instantiateCore = WebAssembly.instantiate) {
   const module0 = getCoreModule('arcjet_analyze_js_req.component.core.wasm');
   const module1 = getCoreModule('arcjet_analyze_js_req.component.core2.wasm');

package/wasm.d.ts

@@ -1,17 +1,28 @@
 /**
- * Cloudflare uses the `.wasm?module` suffix to make WebAssembly
- * available in their Workers product. This is documented at
- * https://developers.cloudflare.com/workers/runtime-apis/webassembly/javascript/#bundling
- * Next.js supports the same syntax, but it is undocumented.
+ * Vercel uses the `.wasm?module` suffix to make WebAssembly available in their
+ * Vercel Functions product.
+ *
+ * https://vercel.com/docs/functions/wasm#using-a-webassembly-file
  */
 declare module "*.wasm?module" {
   export default WebAssembly.Module;
 }
 
 /**
- * Our Rollup build turns plain `.wasm` imports into JS imports that provide the
- * `wasm()` function which decodes a base64 Data URL into a WebAssembly Module
+ * The Cloudflare docs say they support the `.wasm?module` suffix, but that
+ * seems to no longer be the case with Wrangler 2 so we need to have separate
+ * imports for just the `.wasm` files.
+ *
+ * https://developers.cloudflare.com/workers/runtime-apis/webassembly/javascript/#bundling
  */
 declare module "*.wasm" {
+  export default WebAssembly.Module;
+}
+
+/**
+ * Our Rollup build turns `.wasm?js` imports into JS imports that provide the
+ * `wasm()` function which decodes a base64 Data URL into a WebAssembly Module
+ */
+declare module "*.wasm?js" {
   export function wasm(): Promise<WebAssembly.Module>;
 }

package/workerd.d.ts

@@ -0,0 +1,28 @@
+import type { ArcjetLogger } from "@arcjet/protocol";
+import type { EmailValidationConfig, BotDetectionResult, BotType } from "./wasm/arcjet_analyze_js_req.component.js";
+interface AnalyzeContext {
+    log: ArcjetLogger;
+}
+export { type EmailValidationConfig, type BotType, 
+/**
+ * Represents the result of the bot detection.
+ *
+ * @property `botType` - What type of bot this is. This will be one of `BotType`.
+ * @property `botScore` - A score ranging from 0 to 99 representing the degree of
+ * certainty. The higher the number within the type category, the greater the
+ * degree of certainty. E.g. `BotType.Automated` with a score of 1 means we are
+ * sure the request was made by an automated bot. `BotType.LikelyNotABot` with a
+ * score of 30 means we don't think this request was a bot, but it's lowest
+ * confidence level. `BotType.LikelyNotABot` with a score of 99 means we are
+ * almost certain this request was not a bot.
+ */
+type BotDetectionResult, };
+/**
+ * Generate a fingerprint for the client. This is used to identify the client
+ * across multiple requests.
+ * @param ip - The IP address of the client.
+ * @returns A SHA-256 string fingerprint.
+ */
+export declare function generateFingerprint(context: AnalyzeContext, ip: string): Promise<string>;
+export declare function isValidEmail(context: AnalyzeContext, candidate: string, options?: EmailValidationConfig): Promise<boolean>;
+export declare function detectBot(context: AnalyzeContext, headers: string, patterns_add: string, patterns_remove: string): Promise<BotDetectionResult>;

package/workerd.js

@@ -0,0 +1,112 @@
+import { instantiate } from './wasm/arcjet_analyze_js_req.component.js';
+import componentCoreWasm from './wasm/arcjet_analyze_js_req.component.core.wasm';
+import componentCore2Wasm from './wasm/arcjet_analyze_js_req.component.core2.wasm';
+import componentCore3Wasm from './wasm/arcjet_analyze_js_req.component.core3.wasm';
+
+async function moduleFromPath(path) {
+    if (path === "arcjet_analyze_js_req.component.core.wasm") {
+        return componentCoreWasm;
+    }
+    if (path === "arcjet_analyze_js_req.component.core2.wasm") {
+        return componentCore2Wasm;
+    }
+    if (path === "arcjet_analyze_js_req.component.core3.wasm") {
+        return componentCore3Wasm;
+    }
+    throw new Error(`Unknown path: ${path}`);
+}
+async function init(context) {
+    const { log } = context;
+    const coreImports = {
+        "arcjet:js-req/logger": {
+            debug(msg) {
+                log.debug(msg);
+            },
+            error(msg) {
+                log.error(msg);
+            },
+        },
+    };
+    try {
+        return instantiate(moduleFromPath, coreImports);
+    }
+    catch {
+        log.debug("WebAssembly is not supported in this runtime");
+    }
+}
+/**
+ * Generate a fingerprint for the client. This is used to identify the client
+ * across multiple requests.
+ * @param ip - The IP address of the client.
+ * @returns A SHA-256 string fingerprint.
+ */
+async function generateFingerprint(context, ip) {
+    if (ip == "") {
+        return "";
+    }
+    const analyze = await init(context);
+    if (typeof analyze !== "undefined") {
+        return analyze.generateFingerprint(ip);
+    }
+    if (hasSubtleCryptoDigest()) {
+        // Fingerprint v1 is just the IP address
+        const fingerprintRaw = `fp_1_${ip}`;
+        // Based on MDN example at
+        // https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest#converting_a_digest_to_a_hex_string
+        // Encode the raw fingerprint into a utf-8 Uint8Array
+        const fingerprintUint8 = new TextEncoder().encode(fingerprintRaw);
+        // Hash the message with SHA-256
+        const fingerprintArrayBuffer = await crypto.subtle.digest("SHA-256", fingerprintUint8);
+        // Convert the ArrayBuffer to a byte array
+        const fingerprintArray = Array.from(new Uint8Array(fingerprintArrayBuffer));
+        // Convert the bytes to a hex string
+        const fingerprint = fingerprintArray
+            .map((b) => b.toString(16).padStart(2, "0"))
+            .join("");
+        return fingerprint;
+    }
+    return "";
+}
+async function isValidEmail(context, candidate, options) {
+    const analyze = await init(context);
+    if (typeof analyze !== "undefined") {
+        return analyze.isValidEmail(candidate, options);
+    }
+    else {
+        // TODO: Fallback to JS if we don't have WASM?
+        return true;
+    }
+}
+async function detectBot(context, headers, patterns_add, patterns_remove) {
+    const analyze = await init(context);
+    if (typeof analyze !== "undefined") {
+        return analyze.detectBot(headers, patterns_add, patterns_remove);
+    }
+    else {
+        // TODO: Fallback to JS if we don't have WASM?
+        return {
+            botType: "not-analyzed",
+            botScore: 0,
+        };
+    }
+}
+function hasSubtleCryptoDigest() {
+    if (typeof crypto === "undefined") {
+        return false;
+    }
+    if (!("subtle" in crypto)) {
+        return false;
+    }
+    if (typeof crypto.subtle === "undefined") {
+        return false;
+    }
+    if (!("digest" in crypto.subtle)) {
+        return false;
+    }
+    if (typeof crypto.subtle.digest !== "function") {
+        return false;
+    }
+    return true;
+}
+
+export { detectBot, generateFingerprint, isValidEmail };

package/workerd.ts

@@ -0,0 +1,172 @@
+import type { ArcjetLogger } from "@arcjet/protocol";
+
+import * as core from "./wasm/arcjet_analyze_js_req.component.js";
+import type {
+  ImportObject,
+  EmailValidationConfig,
+  BotDetectionResult,
+  BotType,
+} from "./wasm/arcjet_analyze_js_req.component.js";
+
+import componentCoreWasm from "./wasm/arcjet_analyze_js_req.component.core.wasm";
+import componentCore2Wasm from "./wasm/arcjet_analyze_js_req.component.core2.wasm";
+import componentCore3Wasm from "./wasm/arcjet_analyze_js_req.component.core3.wasm";
+
+interface AnalyzeContext {
+  log: ArcjetLogger;
+}
+
+async function moduleFromPath(path: string): Promise<WebAssembly.Module> {
+  if (path === "arcjet_analyze_js_req.component.core.wasm") {
+    return componentCoreWasm;
+  }
+  if (path === "arcjet_analyze_js_req.component.core2.wasm") {
+    return componentCore2Wasm;
+  }
+  if (path === "arcjet_analyze_js_req.component.core3.wasm") {
+    return componentCore3Wasm;
+  }
+
+  throw new Error(`Unknown path: ${path}`);
+}
+
+async function init(context: AnalyzeContext) {
+  const { log } = context;
+
+  const coreImports: ImportObject = {
+    "arcjet:js-req/logger": {
+      debug(msg) {
+        log.debug(msg);
+      },
+      error(msg) {
+        log.error(msg);
+      },
+    },
+  };
+
+  try {
+    return core.instantiate(moduleFromPath, coreImports);
+  } catch {
+    log.debug("WebAssembly is not supported in this runtime");
+  }
+}
+
+export {
+  type EmailValidationConfig,
+  type BotType,
+  /**
+   * Represents the result of the bot detection.
+   *
+   * @property `botType` - What type of bot this is. This will be one of `BotType`.
+   * @property `botScore` - A score ranging from 0 to 99 representing the degree of
+   * certainty. The higher the number within the type category, the greater the
+   * degree of certainty. E.g. `BotType.Automated` with a score of 1 means we are
+   * sure the request was made by an automated bot. `BotType.LikelyNotABot` with a
+   * score of 30 means we don't think this request was a bot, but it's lowest
+   * confidence level. `BotType.LikelyNotABot` with a score of 99 means we are
+   * almost certain this request was not a bot.
+   */
+  type BotDetectionResult,
+};
+
+/**
+ * Generate a fingerprint for the client. This is used to identify the client
+ * across multiple requests.
+ * @param ip - The IP address of the client.
+ * @returns A SHA-256 string fingerprint.
+ */
+export async function generateFingerprint(
+  context: AnalyzeContext,
+  ip: string,
+): Promise<string> {
+  if (ip == "") {
+    return "";
+  }
+
+  const analyze = await init(context);
+
+  if (typeof analyze !== "undefined") {
+    return analyze.generateFingerprint(ip);
+  }
+
+  if (hasSubtleCryptoDigest()) {
+    // Fingerprint v1 is just the IP address
+    const fingerprintRaw = `fp_1_${ip}`;
+
+    // Based on MDN example at
+    // https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest#converting_a_digest_to_a_hex_string
+
+    // Encode the raw fingerprint into a utf-8 Uint8Array
+    const fingerprintUint8 = new TextEncoder().encode(fingerprintRaw);
+    // Hash the message with SHA-256
+    const fingerprintArrayBuffer = await crypto.subtle.digest(
+      "SHA-256",
+      fingerprintUint8,
+    );
+    // Convert the ArrayBuffer to a byte array
+    const fingerprintArray = Array.from(new Uint8Array(fingerprintArrayBuffer));
+    // Convert the bytes to a hex string
+    const fingerprint = fingerprintArray
+      .map((b) => b.toString(16).padStart(2, "0"))
+      .join("");
+
+    return fingerprint;
+  }
+
+  return "";
+}
+
+export async function isValidEmail(
+  context: AnalyzeContext,
+  candidate: string,
+  options?: EmailValidationConfig,
+) {
+  const analyze = await init(context);
+
+  if (typeof analyze !== "undefined") {
+    return analyze.isValidEmail(candidate, options);
+  } else {
+    // TODO: Fallback to JS if we don't have WASM?
+    return true;
+  }
+}
+
+export async function detectBot(
+  context: AnalyzeContext,
+  headers: string,
+  patterns_add: string,
+  patterns_remove: string,
+): Promise<BotDetectionResult> {
+  const analyze = await init(context);
+
+  if (typeof analyze !== "undefined") {
+    return analyze.detectBot(headers, patterns_add, patterns_remove);
+  } else {
+    // TODO: Fallback to JS if we don't have WASM?
+    return {
+      botType: "not-analyzed",
+      botScore: 0,
+    };
+  }
+}
+
+function hasSubtleCryptoDigest() {
+  if (typeof crypto === "undefined") {
+    return false;
+  }
+
+  if (!("subtle" in crypto)) {
+    return false;
+  }
+  if (typeof crypto.subtle === "undefined") {
+    return false;
+  }
+  if (!("digest" in crypto.subtle)) {
+    return false;
+  }
+  if (typeof crypto.subtle.digest !== "function") {
+    return false;
+  }
+
+  return true;
+}