npm - @arcjet/node - Versions diffs - 1.0.0-alpha.9 → 1.0.0-beta.10 - Mend

@arcjet/node 1.0.0-alpha.9 → 1.0.0-beta.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/README.md CHANGED Viewed

@@ -1,7 +1,7 @@
 <a href="https://arcjet.com" target="_arcjet-home">
   <picture>
-    <source media="(prefers-color-scheme: dark)" srcset="https://arcjet.com/arcjet-logo-dark-planet-arrival.svg">
-    <img src="https://arcjet.com/arcjet-logo-light-planet-arrival.svg" alt="Arcjet Logo" height="144" width="auto">
+    <source media="(prefers-color-scheme: dark)" srcset="https://arcjet.com/logo/arcjet-dark-lockup-voyage-horizontal.svg">
+    <img src="https://arcjet.com/logo/arcjet-light-lockup-voyage-horizontal.svg" alt="Arcjet Logo" height="128" width="auto">
   </picture>
 </a>
@@ -17,110 +17,103 @@
 </p>
 [Arcjet][arcjet] helps developers protect their apps in just a few lines of
-code. Implement rate limiting, bot protection, email verification & defend
+code. Implement rate limiting, bot protection, email verification, and defense
 against common attacks.
 This is the [Arcjet][arcjet] SDK for [Node.js][node-js].
 **Looking for our Next.js framework SDK?** Check out the
-[`@arcjet/next`](https://www.npmjs.com/package/@arcjet/next) package.
+[`@arcjet/next`][alt-sdk] package.
-## Installation
+- [npm package (`@arcjet/node`)](https://www.npmjs.com/package/@arcjet/node)
+- [GitHub source code (`arcjet-node/` in `arcjet/arcjet-js`)](https://github.com/arcjet/arcjet-js/tree/main/arcjet-node)
-```shell
-npm install -S @arcjet/node
-```
+## Getting started
-## Rate limit example
+Visit the [quick start guide][quick-start] to get started.
-The [Arcjet rate limit][rate-limit-concepts-docs] example below applies a token
-bucket rate limit rule to a route where we identify the user based on their ID
-e.g. if they are logged in. The bucket is configured with a maximum capacity of
-10 tokens and refills by 5 tokens every 10 seconds. Each request consumes 5
-tokens.
+## Example app
-```ts
-import arcjet, { tokenBucket } from "@arcjet/node";
-import http from "node:http";
+Try an Arcjet protected app live at [https://example.arcjet.com][example-url]
+([source code][example-source]).
-const aj = arcjet({
-  key: process.env.ARCJET_KEY!, // Get your site key from https://app.arcjet.com
-  rules: [
-    // Create a token bucket rate limit. Other algorithms are supported.
-    tokenBucket({
-      mode: "LIVE", // will block requests. Use "DRY_RUN" to log only
-      characteristics: ["userId"], // track requests by a custom user ID
-      refillRate: 5, // refill 5 tokens per interval
-      interval: 10, // refill every 10 seconds
-      capacity: 10, // bucket maximum capacity of 10 tokens
-    }),
-  ],
-});
+## What is this?
-const server = http.createServer(async function (
-  req: http.IncomingMessage,
-  res: http.ServerResponse,
-) {
-  const userId = "user123"; // Replace with your authenticated user ID
-  const decision = await aj.protect(req, { userId, requested: 5 }); // Deduct 5 tokens from the bucket
-  console.log("Arcjet decision", decision);
+This is our adapter to integrate Arcjet into Node.js.
+Arcjet helps you secure your Node server.
+This package exists so that we can provide the best possible experience to
+Node users.
-  if (decision.isDenied()) {
-    res.writeHead(429, { "Content-Type": "application/json" });
-    res.end(
-      JSON.stringify({ error: "Too Many Requests", reason: decision.reason }),
-    );
-  } else {
-    res.writeHead(200, { "Content-Type": "application/json" });
-    res.end(JSON.stringify({ message: "Hello world" }));
-  }
-});
+## When should I use this?
-server.listen(8000);
-```
+You can use this if you are using Node.js.
+See our [_Get started_ guide][arcjet-get-started] for other supported
+frameworks and runtimes.
+## Install
-## Shield example
+This package is ESM only.
+Install with npm in Node.js:
-[Arcjet Shield][shield-concepts-docs] protects your application against common
-attacks, including the OWASP Top 10. It’s enabled by default and runs on every
-request with negligible performance impact.
+```sh
+npm install @arcjet/node
+```
+## Use
 ```ts
-import arcjet from "@arcjet/node";
 import http from "node:http";
+import arcjet, { shield } from "@arcjet/node";
+// Get your Arcjet key at <https://app.arcjet.com>.
+// Set it as an environment variable instead of hard coding it.
+const arcjetKey = process.env.ARCJET_KEY;
+if (!arcjetKey) {
+  throw new Error("Cannot find `ARCJET_KEY` environment variable");
+}
 const aj = arcjet({
-  // Get your site key from https://app.arcjet.com
-  // and set it as an environment variable rather than hard coding.
-  // See: https://nextjs.org/docs/app/building-your-application/configuring/environment-variables
-  key: process.env.ARCJET_KEY,
-  rules: [], // Shield requires no rule configuration
+  key: arcjetKey,
+  rules: [
+    // Shield protects your app from common attacks.
+    // Use `DRY_RUN` instead of `LIVE` to only log.
+    shield({ mode: "LIVE" }),
+  ],
 });
 const server = http.createServer(async function (
-  req: http.IncomingMessage,
-  res: http.ServerResponse,
+  request: http.IncomingMessage,
+  response: http.ServerResponse,
 ) {
-  const decision = await aj.protect(req);
+  const decision = await aj.protect(request);
   if (decision.isDenied()) {
-    res.writeHead(403, { "Content-Type": "application/json" });
-    res.end(JSON.stringify({ error: "Forbidden" }));
-  } else {
-    res.writeHead(200, { "Content-Type": "application/json" });
-    res.end(JSON.stringify({ message: "Hello world" }));
+    response.writeHead(403, { "Content-Type": "application/json" });
+    response.end(JSON.stringify({ message: "Forbidden" }));
+    return;
   }
+  response.writeHead(200, { "Content-Type": "application/json" });
+  response.end(JSON.stringify({ message: "Hello world" }));
 });
 server.listen(8000);
 ```
+For more on how to configure Arcjet with Node.js and how to protect Node,
+see the [Arcjet Node.js SDK reference][arcjet-reference-node] on our website.
 ## License
-Licensed under the [Apache License, Version 2.0][apache-license].
+[Apache License, Version 2.0][apache-license] © [Arcjet Labs, Inc.][arcjet]
+[arcjet-get-started]: https://docs.arcjet.com/get-started
+[arcjet-reference-node]: https://docs.arcjet.com/reference/nodejs
 [arcjet]: https://arcjet.com
 [node-js]: https://nodejs.org/
-[rate-limit-concepts-docs]: https://docs.arcjet.com/rate-limiting/concepts
-[shield-concepts-docs]: https://docs.arcjet.com/shield/concepts
+[alt-sdk]: https://www.npmjs.com/package/@arcjet/next
+[example-url]: https://example.arcjet.com
+[quick-start]: https://docs.arcjet.com/get-started/nodejs
+[example-source]: https://github.com/arcjet/arcjet-js-example
 [apache-license]: http://www.apache.org/licenses/LICENSE-2.0

package/index.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-import { ArcjetDecision, ArcjetOptions, Primitive, Product, Runtime, ExtraProps, RemoteClient, RemoteClientOptions } from "arcjet";
+import type { ArcjetDecision, ArcjetOptions as CoreOptions, Primitive, Product, ExtraProps, CharacteristicProps } from "arcjet";
 export * from "arcjet";
 type Simplify<T> = {
     [KeyType in keyof T]: T[KeyType];
@@ -10,7 +10,12 @@ type WithoutCustomProps = {
 type PlainObject = {
     [key: string]: unknown;
 };
-export declare function createNodeRemoteClient(options?: RemoteClientOptions): RemoteClient;
+export type RemoteClientOptions = {
+    baseUrl?: string;
+    timeout?: number;
+};
+export declare function createRemoteClient(options?: RemoteClientOptions): import("@arcjet/protocol/client.js").Client;
+type EventHandlerLike = (event: string, listener: (...args: any[]) => void) => void;
 export interface ArcjetNodeRequest {
     headers?: Record<string, string | string[] | undefined>;
     socket?: Partial<{
@@ -20,13 +25,26 @@ export interface ArcjetNodeRequest {
     method?: string;
     httpVersion?: string;
     url?: string;
+    body?: unknown;
+    on?: EventHandlerLike;
+    removeListener?: EventHandlerLike;
+    readable?: boolean;
 }
+/**
+ * The options used to configure an {@link ArcjetNode} client.
+ */
+export type ArcjetOptions<Rules extends [...Array<Primitive | Product>], Characteristics extends readonly string[]> = Simplify<CoreOptions<Rules, Characteristics> & {
+    /**
+     * One or more IP Address of trusted proxies in front of the application.
+     * These addresses will be excluded when Arcjet detects a public IP address.
+     */
+    proxies?: Array<string>;
+}>;
 /**
  * The ArcjetNode client provides a public `protect()` method to
  * make a decision about how a Node.js request should be handled.
  */
 export interface ArcjetNode<Props extends PlainObject> {
-    get runtime(): Runtime;
     /**
      * Runs a request through the configured protections. The request is
      * analyzed and then a decision made on whether to allow, deny, or challenge
@@ -54,4 +72,4 @@ export interface ArcjetNode<Props extends PlainObject> {
  *
  * @param options - Arcjet configuration options to apply to all requests.
  */
-export default function arcjet<const Rules extends (Primitive | Product)[]>(options: ArcjetOptions<Rules>): ArcjetNode<Simplify<ExtraProps<Rules>>>;
+export default function arcjet<const Rules extends (Primitive | Product)[], const Characteristics extends readonly string[]>(options: ArcjetOptions<Rules, Characteristics>): ArcjetNode<Simplify<ExtraProps<Rules> & CharacteristicProps<Characteristics>>>;

package/index.js CHANGED Viewed

@@ -1,22 +1,77 @@
-import { createConnectTransport } from '@connectrpc/connect-node';
-import core__default, { defaultBaseUrl, createRemoteClient, ArcjetHeaders } from 'arcjet';
+import core__default from 'arcjet';
 export * from 'arcjet';
-import findIP from '@arcjet/ip';
+import findIP, { parseProxy } from '@arcjet/ip';
+import ArcjetHeaders from '@arcjet/headers';
+import { logLevel, isDevelopment, baseUrl, platform } from '@arcjet/env';
+import { Logger } from '@arcjet/logger';
+import { createClient } from '@arcjet/protocol/client.js';
+import { createTransport } from '@arcjet/transport';
+import { readBody } from '@arcjet/body';
-function createNodeRemoteClient(options) {
+// An object with getters that access the `process.env.SOMEVAR` values directly.
+// This allows bundlers to replace the dot-notation access with string literals
+// while still allowing dynamic access in runtime environments.
+const env = {
+    get FLY_APP_NAME() {
+        return process.env.FLY_APP_NAME;
+    },
+    get VERCEL() {
+        return process.env.VERCEL;
+    },
+    get RENDER() {
+        return process.env.RENDER;
+    },
+    get MODE() {
+        return process.env.MODE;
+    },
+    get NODE_ENV() {
+        return process.env.NODE_ENV;
+    },
+    get ARCJET_KEY() {
+        return process.env.ARCJET_KEY;
+    },
+    get ARCJET_ENV() {
+        return process.env.ARCJET_ENV;
+    },
+    get ARCJET_LOG_LEVEL() {
+        return process.env.ARCJET_LOG_LEVEL;
+    },
+    get ARCJET_BASE_URL() {
+        return process.env.ARCJET_BASE_URL;
+    },
+};
+// TODO: Deduplicate with other packages
+function errorMessage(err) {
+    if (err) {
+        if (typeof err === "string") {
+            return err;
+        }
+        if (typeof err === "object" &&
+            "message" in err &&
+            typeof err.message === "string") {
+            return err.message;
+        }
+    }
+    return "Unknown problem";
+}
+function createRemoteClient(options) {
     // The base URL for the Arcjet API. Will default to the standard production
     // API unless environment variable `ARCJET_BASE_URL` is set.
-    const baseUrl = options?.baseUrl ?? defaultBaseUrl();
+    const url = options?.baseUrl ?? baseUrl(env);
+    // The timeout for the Arcjet API in milliseconds. This is set to a low value
+    // in production so calls fail open.
+    const timeout = options?.timeout ?? (isDevelopment(env) ? 1000 : 500);
     // Transport is the HTTP client that the client uses to make requests.
-    const transport = options?.transport ??
-        createConnectTransport({
-            baseUrl,
-            httpVersion: "2",
-        });
-    // TODO(#223): Do we want to allow overrides to either of these? If not, we should probably define a separate type for `options`
+    const transport = createTransport(url);
     const sdkStack = "NODEJS";
-    const sdkVersion = "1.0.0-alpha.9";
-    return createRemoteClient({ ...options, transport, sdkStack, sdkVersion });
+    const sdkVersion = "1.0.0-beta.10";
+    return createClient({
+        transport,
+        baseUrl: url,
+        timeout,
+        sdkStack,
+        sdkVersion,
+    });
 }
 function cookiesToString(cookies) {
     if (typeof cookies === "undefined") {
@@ -28,70 +83,6 @@ function cookiesToString(cookies) {
     }
     return cookies;
 }
-function toArcjetRequest(request, props) {
-    // We construct an ArcjetHeaders to normalize over Headers
-    const headers = new ArcjetHeaders(request.headers);
-    const ip = findIP(request, headers);
-    const method = request.method ?? "";
-    const host = headers.get("host") ?? "";
-    let path = "";
-    let query = "";
-    let protocol = "";
-    if (typeof request.socket?.encrypted !== "undefined") {
-        protocol = request.socket.encrypted ? "https:" : "http:";
-    }
-    else {
-        protocol = "http:";
-    }
-    // Do some very simple validation, but also try/catch around URL parsing
-    if (typeof request.url !== "undefined" && request.url !== "" && host !== "") {
-        try {
-            const url = new URL(request.url, `${protocol}//${host}`);
-            path = url.pathname;
-            query = url.search;
-            protocol = url.protocol;
-        }
-        catch {
-            // If the parsing above fails, just set the path as whatever url we
-            // received.
-            // TODO(#216): Add logging to arcjet-node
-            path = request.url ?? "";
-        }
-    }
-    else {
-        path = request.url ?? "";
-    }
-    const cookies = cookiesToString(request.headers?.cookie);
-    return {
-        ...props,
-        ip,
-        method,
-        protocol,
-        host,
-        path,
-        headers,
-        cookies,
-        query,
-    };
-}
-function withClient(aj) {
-    return Object.freeze({
-        get runtime() {
-            return aj.runtime;
-        },
-        withRule(rule) {
-            const client = aj.withRule(rule);
-            return withClient(client);
-        },
-        async protect(request, ...[props]) {
-            // TODO(#220): The generic manipulations get really mad here, so we cast
-            // Further investigation makes it seem like it has something to do with
-            // the definition of `props` in the signature but it's hard to track down
-            const req = toArcjetRequest(request, props ?? {});
-            return aj.protect(req);
-        },
-    });
-}
 /**
  * Create a new {@link ArcjetNode} client. Always build your initial client
  * outside of a request handler so it persists across requests. If you need to
@@ -101,9 +92,140 @@ function withClient(aj) {
  * @param options - Arcjet configuration options to apply to all requests.
  */
 function arcjet(options) {
-    const client = options.client ?? createNodeRemoteClient();
-    const aj = core__default({ ...options, client });
+    const client = options.client ?? createRemoteClient();
+    const log = options.log
+        ? options.log
+        : new Logger({
+            level: logLevel(env),
+        });
+    const proxies = Array.isArray(options.proxies)
+        ? options.proxies.map(parseProxy)
+        : undefined;
+    if (isDevelopment(env)) {
+        log.warn("Arcjet will use 127.0.0.1 when missing public IP address in development mode");
+    }
+    function toArcjetRequest(request, props) {
+        // We pull the cookies from the request before wrapping them in ArcjetHeaders
+        const cookies = cookiesToString(request.headers?.cookie);
+        // We construct an ArcjetHeaders to normalize over Headers
+        const headers = new ArcjetHeaders(request.headers);
+        let ip = findIP({
+            socket: request.socket,
+            headers,
+        }, { platform: platform(env), proxies });
+        if (ip === "") {
+            // If the `ip` is empty but we're in development mode, we default the IP
+            // so the request doesn't fail.
+            if (isDevelopment(env)) {
+                ip = "127.0.0.1";
+            }
+            else {
+                log.warn(`Client IP address is missing. If this is a dev environment set the ARCJET_ENV env var to "development"`);
+            }
+        }
+        const method = request.method ?? "";
+        const host = headers.get("host") ?? "";
+        let path = "";
+        let query = "";
+        let protocol = "";
+        if (typeof request.socket?.encrypted !== "undefined") {
+            protocol = request.socket.encrypted ? "https:" : "http:";
+        }
+        else {
+            protocol = "http:";
+        }
+        // Do some very simple validation, but also try/catch around URL parsing
+        if (typeof request.url !== "undefined" &&
+            request.url !== "" &&
+            host !== "") {
+            try {
+                const url = new URL(request.url, `${protocol}//${host}`);
+                path = url.pathname;
+                query = url.search;
+                protocol = url.protocol;
+            }
+            catch {
+                // If the parsing above fails, just set the path as whatever url we
+                // received.
+                path = request.url ?? "";
+                log.warn('Unable to parse URL. Using "%s" as `path`.', path);
+            }
+        }
+        else {
+            path = request.url ?? "";
+        }
+        return {
+            ...props,
+            ip,
+            method,
+            protocol,
+            host,
+            path,
+            headers,
+            cookies,
+            query,
+        };
+    }
+    function withClient(aj) {
+        return Object.freeze({
+            withRule(rule) {
+                const client = aj.withRule(rule);
+                return withClient(client);
+            },
+            async protect(request, ...[props]) {
+                // TODO(#220): The generic manipulations get really mad here, so we cast
+                // Further investigation makes it seem like it has something to do with
+                // the definition of `props` in the signature but it's hard to track down
+                const req = toArcjetRequest(request, props ?? {});
+                const getBody = async () => {
+                    try {
+                        // If request.body is present then the body was likely read by a package like express' `body-parser`.
+                        // If it's not present then we attempt to read the bytes from the IncomingMessage ourselves.
+                        if (typeof request.body === "string") {
+                            return request.body;
+                        }
+                        else if (typeof request.body !== "undefined" &&
+                            // BigInt cannot be serialized with JSON.stringify
+                            typeof request.body !== "bigint") {
+                            return JSON.stringify(request.body);
+                        }
+                        if (typeof request.on === "function" &&
+                            typeof request.removeListener === "function") {
+                            let expectedLength;
+                            // TODO: This shouldn't need to build headers again but the type
+                            // for `req` above is overly relaxed
+                            const headers = new ArcjetHeaders(request.headers);
+                            const expectedLengthStr = headers.get("content-length");
+                            if (typeof expectedLengthStr === "string") {
+                                try {
+                                    expectedLength = parseInt(expectedLengthStr, 10);
+                                }
+                                catch {
+                                    // If the expected length couldn't be parsed we'll just not set one.
+                                }
+                            }
+                            // Awaited to throw if it rejects and we'll just return undefined
+                            const body = await readBody(request, {
+                                // We will process 1mb bodies
+                                limit: 1048576,
+                                expectedLength,
+                            });
+                            return body;
+                        }
+                        log.warn("no body available");
+                        return;
+                    }
+                    catch (e) {
+                        log.error("failed to get request body: %s", errorMessage(e));
+                        return;
+                    }
+                };
+                return aj.protect({ getBody }, req);
+            },
+        });
+    }
+    const aj = core__default({ ...options, client, log });
     return withClient(aj);
 }
-export { createNodeRemoteClient, arcjet as default };
+export { createRemoteClient, arcjet as default };

package/package.json CHANGED Viewed

@@ -1,7 +1,19 @@
 {
   "name": "@arcjet/node",
-  "version": "1.0.0-alpha.9",
+  "version": "1.0.0-beta.10",
   "description": "Arcjet SDK for Node.js",
+  "keywords": [
+    "analyze",
+    "arcjet",
+    "attack",
+    "limit",
+    "nodejs",
+    "node",
+    "protect",
+    "secure",
+    "security",
+    "verify"
+  ],
   "license": "Apache-2.0",
   "homepage": "https://arcjet.com",
   "repository": {
@@ -25,34 +37,33 @@
   "main": "./index.js",
   "types": "./index.d.ts",
   "files": [
-    "LICENSE",
-    "README.md",
-    "*.js",
-    "*.d.ts",
-    "*.ts",
-    "!*.config.js"
+    "index.d.ts",
+    "index.js"
   ],
   "scripts": {
-    "prepublishOnly": "npm run build",
     "build": "rollup --config rollup.config.js",
     "lint": "eslint .",
-    "pretest": "npm run build",
-    "test": "NODE_OPTIONS=--experimental-vm-modules jest --passWithNoTests"
+    "prepublishOnly": "npm run build",
+    "test": "npm run build && npm run lint"
   },
   "dependencies": {
-    "@arcjet/ip": "1.0.0-alpha.9",
-    "@connectrpc/connect-node": "1.4.0",
-    "arcjet": "1.0.0-alpha.9"
+    "@arcjet/env": "1.0.0-beta.10",
+    "@arcjet/headers": "1.0.0-beta.10",
+    "@arcjet/ip": "1.0.0-beta.10",
+    "@arcjet/logger": "1.0.0-beta.10",
+    "@arcjet/protocol": "1.0.0-beta.10",
+    "@arcjet/transport": "1.0.0-beta.10",
+    "@arcjet/body": "1.0.0-beta.10",
+    "arcjet": "1.0.0-beta.10"
   },
   "devDependencies": {
-    "@arcjet/eslint-config": "1.0.0-alpha.9",
-    "@arcjet/rollup-config": "1.0.0-alpha.9",
-    "@arcjet/tsconfig": "1.0.0-alpha.9",
-    "@jest/globals": "29.7.0",
+    "@arcjet/eslint-config": "1.0.0-beta.10",
+    "@arcjet/rollup-config": "1.0.0-beta.10",
+    "@arcjet/tsconfig": "1.0.0-beta.10",
     "@types/node": "18.18.0",
-    "@rollup/wasm-node": "4.12.0",
-    "jest": "29.7.0",
-    "typescript": "5.3.3"
+    "@rollup/wasm-node": "4.46.2",
+    "eslint": "9.32.0",
+    "typescript": "5.9.2"
   },
   "publishConfig": {
     "access": "public",

package/index.ts DELETED Viewed

@@ -1,235 +0,0 @@
-import { createConnectTransport } from "@connectrpc/connect-node";
-import core, {
-  ArcjetDecision,
-  ArcjetOptions,
-  Primitive,
-  Product,
-  ArcjetHeaders,
-  Runtime,
-  ArcjetRequest,
-  ExtraProps,
-  RemoteClient,
-  RemoteClientOptions,
-  defaultBaseUrl,
-  createRemoteClient,
-  Arcjet,
-} from "arcjet";
-import findIP from "@arcjet/ip";
-// Re-export all named exports from the generic SDK
-export * from "arcjet";
-// Type helpers from https://github.com/sindresorhus/type-fest but adjusted for
-// our use.
-//
-// Simplify:
-// https://github.com/sindresorhus/type-fest/blob/964466c9d59c711da57a5297ad954c13132a0001/source/simplify.d.ts
-// EmptyObject:
-// https://github.com/sindresorhus/type-fest/blob/b9723d4785f01f8d2487c09ee5871a1f615781aa/source/empty-object.d.ts
-//
-// Licensed: MIT License Copyright (c) Sindre Sorhus <sindresorhus@gmail.com>
-// (https://sindresorhus.com)
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy
-// of this software and associated documentation files (the "Software"), to deal
-// in the Software without restriction, including without limitation the rights
-// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-// copies of the Software, and to permit persons to whom the Software is
-// furnished to do so, subject to the following conditions: The above copyright
-// notice and this permission notice shall be included in all copies or
-// substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-// SOFTWARE.
-type Simplify<T> = { [KeyType in keyof T]: T[KeyType] } & {};
-declare const emptyObjectSymbol: unique symbol;
-type WithoutCustomProps = {
-  [emptyObjectSymbol]?: never;
-};
-type PlainObject = {
-  [key: string]: unknown;
-};
-export function createNodeRemoteClient(
-  options?: RemoteClientOptions,
-): RemoteClient {
-  // The base URL for the Arcjet API. Will default to the standard production
-  // API unless environment variable `ARCJET_BASE_URL` is set.
-  const baseUrl = options?.baseUrl ?? defaultBaseUrl();
-  // Transport is the HTTP client that the client uses to make requests.
-  const transport =
-    options?.transport ??
-    createConnectTransport({
-      baseUrl,
-      httpVersion: "2",
-    });
-  // TODO(#223): Do we want to allow overrides to either of these? If not, we should probably define a separate type for `options`
-  const sdkStack = "NODEJS";
-  const sdkVersion = "__ARCJET_SDK_VERSION__";
-  return createRemoteClient({ ...options, transport, sdkStack, sdkVersion });
-}
-// Interface of fields that the Arcjet Node.js SDK expects on `IncomingMessage`
-// objects.
-export interface ArcjetNodeRequest {
-  headers?: Record<string, string | string[] | undefined>;
-  socket?: Partial<{ remoteAddress: string; encrypted: boolean }>;
-  method?: string;
-  httpVersion?: string;
-  url?: string;
-}
-function cookiesToString(cookies: string | string[] | undefined): string {
-  if (typeof cookies === "undefined") {
-    return "";
-  }
-  // This should never be the case with a Node.js cookie header, but we are safe
-  if (Array.isArray(cookies)) {
-    return cookies.join("; ");
-  }
-  return cookies;
-}
-/**
- * The ArcjetNode client provides a public `protect()` method to
- * make a decision about how a Node.js request should be handled.
- */
-export interface ArcjetNode<Props extends PlainObject> {
-  get runtime(): Runtime;
-  /**
-   * Runs a request through the configured protections. The request is
-   * analyzed and then a decision made on whether to allow, deny, or challenge
-   * the request.
-   *
-   * @param req - An `IncomingMessage` provided to the request handler.
-   * @param props - Additonal properties required for running rules against a request.
-   * @returns An {@link ArcjetDecision} indicating Arcjet's decision about the request.
-   */
-  protect(
-    request: ArcjetNodeRequest,
-    // We use this neat trick from https://stackoverflow.com/a/52318137 to make a single spread parameter
-    // that is required if the ExtraProps aren't strictly an empty object
-    ...props: Props extends WithoutCustomProps ? [] : [Props]
-  ): Promise<ArcjetDecision>;
-  /**
-   * Augments the client with another rule. Useful for varying rules based on
-   * criteria in your handler—e.g. different rate limit for logged in users.
-   *
-   * @param rule The rule to add to this execution.
-   * @returns An augmented {@link ArcjetNode} client.
-   */
-  withRule<Rule extends Primitive | Product>(
-    rule: Rule,
-  ): ArcjetNode<Simplify<Props & ExtraProps<Rule>>>;
-}
-function toArcjetRequest<Props extends PlainObject>(
-  request: ArcjetNodeRequest,
-  props: Props,
-): ArcjetRequest<Props> {
-  // We construct an ArcjetHeaders to normalize over Headers
-  const headers = new ArcjetHeaders(request.headers);
-  const ip = findIP(request, headers);
-  const method = request.method ?? "";
-  const host = headers.get("host") ?? "";
-  let path = "";
-  let query = "";
-  let protocol = "";
-  if (typeof request.socket?.encrypted !== "undefined") {
-    protocol = request.socket.encrypted ? "https:" : "http:";
-  } else {
-    protocol = "http:";
-  }
-  // Do some very simple validation, but also try/catch around URL parsing
-  if (typeof request.url !== "undefined" && request.url !== "" && host !== "") {
-    try {
-      const url = new URL(request.url, `${protocol}//${host}`);
-      path = url.pathname;
-      query = url.search;
-      protocol = url.protocol;
-    } catch {
-      // If the parsing above fails, just set the path as whatever url we
-      // received.
-      // TODO(#216): Add logging to arcjet-node
-      path = request.url ?? "";
-    }
-  } else {
-    path = request.url ?? "";
-  }
-  const cookies = cookiesToString(request.headers?.cookie);
-  return {
-    ...props,
-    ip,
-    method,
-    protocol,
-    host,
-    path,
-    headers,
-    cookies,
-    query,
-  };
-}
-function withClient<const Rules extends (Primitive | Product)[]>(
-  aj: Arcjet<ExtraProps<Rules>>,
-): ArcjetNode<ExtraProps<Rules>> {
-  return Object.freeze({
-    get runtime() {
-      return aj.runtime;
-    },
-    withRule(rule: Primitive | Product) {
-      const client = aj.withRule(rule);
-      return withClient(client);
-    },
-    async protect(
-      request: ArcjetNodeRequest,
-      ...[props]: ExtraProps<Rules> extends WithoutCustomProps
-        ? []
-        : [ExtraProps<Rules>]
-    ): Promise<ArcjetDecision> {
-      // TODO(#220): The generic manipulations get really mad here, so we cast
-      // Further investigation makes it seem like it has something to do with
-      // the definition of `props` in the signature but it's hard to track down
-      const req = toArcjetRequest(request, props ?? {}) as ArcjetRequest<
-        ExtraProps<Rules>
-      >;
-      return aj.protect(req);
-    },
-  });
-}
-/**
- * Create a new {@link ArcjetNode} client. Always build your initial client
- * outside of a request handler so it persists across requests. If you need to
- * augment a client inside a handler, call the `withRule()` function on the base
- * client.
- *
- * @param options - Arcjet configuration options to apply to all requests.
- */
-export default function arcjet<const Rules extends (Primitive | Product)[]>(
-  options: ArcjetOptions<Rules>,
-): ArcjetNode<Simplify<ExtraProps<Rules>>> {
-  const client = options.client ?? createNodeRemoteClient();
-  const aj = core({ ...options, client });
-  return withClient(aj);
-}