@nuxt/scripts 0.13.2 → 1.0.0-beta.2

package/dist/runtime/server/x-embed.d.ts

@@ -0,0 +1,49 @@
+interface TweetData {
+    id_str: string;
+    text: string;
+    created_at: string;
+    favorite_count: number;
+    conversation_count: number;
+    user: {
+        name: string;
+        screen_name: string;
+        profile_image_url_https: string;
+        verified?: boolean;
+        is_blue_verified?: boolean;
+    };
+    entities?: {
+        media?: Array<{
+            media_url_https: string;
+            type: string;
+            sizes: Record<string, {
+                w: number;
+                h: number;
+            }>;
+        }>;
+        urls?: Array<{
+            url: string;
+            expanded_url: string;
+            display_url: string;
+        }>;
+    };
+    photos?: Array<{
+        url: string;
+        width: number;
+        height: number;
+    }>;
+    video?: {
+        poster: string;
+        variants: Array<{
+            type: string;
+            src: string;
+        }>;
+    };
+    quoted_tweet?: TweetData;
+    parent?: {
+        user: {
+            screen_name: string;
+        };
+    };
+}
+declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<TweetData>>;
+export default _default;

package/dist/runtime/server/x-embed.js

@@ -0,0 +1,31 @@
+import { createError, defineEventHandler, getQuery, setHeader } from "h3";
+import { $fetch } from "ofetch";
+export default defineEventHandler(async (event) => {
+  const query = getQuery(event);
+  const tweetId = query.id;
+  if (!tweetId || !/^\d+$/.test(tweetId)) {
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Valid Tweet ID is required"
+    });
+  }
+  const randomToken = [...Array(11)].map(() => (Math.random() * 36).toString(36)[2]).join("");
+  const params = new URLSearchParams({ id: tweetId, token: randomToken });
+  const tweetData = await $fetch(
+    `https://cdn.syndication.twimg.com/tweet-result?${params.toString()}`,
+    {
+      headers: {
+        "Accept": "application/json",
+        "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
+      }
+    }
+  ).catch((error) => {
+    throw createError({
+      statusCode: error.statusCode || 500,
+      statusMessage: error.statusMessage || "Failed to fetch tweet"
+    });
+  });
+  setHeader(event, "Content-Type", "application/json");
+  setHeader(event, "Cache-Control", "public, max-age=600, s-maxage=600");
+  return tweetData;
+});

package/dist/runtime/sw/proxy-sw.template.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/runtime/sw/proxy-sw.template.js

@@ -0,0 +1,54 @@
+/**
+ * Nuxt Scripts Service Worker - intercepts analytics requests
+ *
+ * Injected at runtime:
+ * - INTERCEPT_RULES: Array<{ pattern: string, pathPrefix: string, target: string }>
+ */
+
+/* global INTERCEPT_RULES */
+
+self.addEventListener('install', () => {
+  // console.log('[nuxt-scripts-sw] Installing...');
+  self.skipWaiting()
+})
+
+self.addEventListener('activate', (event) => {
+  // console.log('[nuxt-scripts-sw] Activating...');
+  event.waitUntil(self.clients.claim())
+})
+
+self.addEventListener('fetch', (event) => {
+  const url = new URL(event.request.url)
+
+  // Only intercept cross-origin requests
+  if (url.origin === self.location.origin) return
+
+  for (const rule of INTERCEPT_RULES) {
+    const hostMatches = url.host === rule.pattern || url.host.endsWith('.' + rule.pattern)
+    // Check if path prefix matches (if one is required)
+    const pathMatches = !rule.pathPrefix || url.pathname.startsWith(rule.pathPrefix)
+
+    if (hostMatches && pathMatches) {
+      // Strip path prefix from the original URL path before building proxy URL
+      const strippedPath = rule.pathPrefix
+        ? url.pathname.slice(rule.pathPrefix.length) || '/'
+        : url.pathname
+
+      // console.log('[nuxt-scripts-sw] Intercepting:', url.href, '->', rule.target + strippedPath);
+
+      const separator = strippedPath.startsWith('/') ? '' : '/'
+      const proxyUrl = new URL(rule.target + separator + strippedPath + url.search, self.location.origin)
+      const clonedRequest = event.request.clone()
+      event.respondWith(
+        fetch(proxyUrl.href, {
+          method: clonedRequest.method,
+          headers: clonedRequest.headers,
+          body: clonedRequest.method !== 'GET' && clonedRequest.method !== 'HEAD' ? clonedRequest.body : undefined,
+          credentials: 'same-origin',
+          redirect: 'follow',
+        }),
+      )
+      return
+    }
+  }
+})

package/dist/runtime/types.d.ts

@@ -29,8 +29,17 @@ import type { UmamiAnalyticsInput } from './registry/umami-analytics.js';
 import type { RybbitAnalyticsInput } from './registry/rybbit-analytics.js';
 import type { RedditPixelInput } from './registry/reddit-pixel.js';
 import type { PayPalInput } from './registry/paypal.js';
+import type { PostHogInput } from './registry/posthog.js';
+import type { GoogleRecaptchaInput } from './registry/google-recaptcha.js';
+import type { TikTokPixelInput } from './registry/tiktok-pixel.js';
 export type WarmupStrategy = false | 'preload' | 'preconnect' | 'dns-prefetch';
-export type UseScriptContext<T extends Record<symbol | string, any>> = VueScriptInstance<T>;
+export type UseScriptContext<T extends Record<symbol | string, any>> = VueScriptInstance<T> & {
+    /**
+     * Remove and reload the script. Useful for scripts that need to re-execute
+     * after SPA navigation (e.g., DOM-scanning scripts like iubenda).
+     */
+    reload: () => Promise<T>;
+};
 export type NuxtUseScriptOptions<T extends Record<symbol | string, any> = {}> = Omit<UseScriptOptions<T>, 'trigger'> & {
     /**
      * The trigger to load the script:
@@ -48,8 +57,24 @@ export type NuxtUseScriptOptions<T extends Record<symbol | string, any> = {}> =
      * - `false` - Do not bundle the script. (default)
      *
      * Note: Using 'force' may significantly increase build time as scripts will be re-downloaded on every build.
+     *
+     * @deprecated Use `scripts.firstParty: true` in nuxt.config instead for bundling and routing scripts through your domain.
      */
     bundle?: boolean | 'force';
+    /**
+     * Opt-out of first-party routing for this specific script when global `scripts.firstParty` is enabled.
+     * Set to `false` to load this script directly from its original source instead of through your domain.
+     *
+     * Note: This option only works as an opt-out. To enable first-party routing, use the global `scripts.firstParty` option in nuxt.config.
+     */
+    firstParty?: false;
+    /**
+     * Load the script in a web worker using Partytown.
+     * When enabled, adds `type="text/partytown"` to the script tag.
+     * Requires @nuxtjs/partytown to be installed and configured separately.
+     * @see https://partytown.qwik.dev/
+     */
+    partytown?: boolean;
     /**
      * Skip any schema validation for the script input. This is useful for loading the script stubs for development without
      * loading the actual script and not getting warnings.
@@ -90,6 +115,8 @@ export type NuxtUseScriptOptionsSerializable = Omit<NuxtUseScriptOptions, 'use'
         idleTimeout: number;
     } | {
         interaction: string[];
+    } | {
+        serviceWorker: true;
     };
 };
 export type NuxtUseScriptInput = UseScriptInput;
@@ -135,16 +162,19 @@ export interface ScriptRegistry {
     googleAdsense?: GoogleAdsenseInput;
     googleAnalytics?: GoogleAnalyticsInput;
     googleMaps?: GoogleMapsInput;
+    googleRecaptcha?: GoogleRecaptchaInput;
     lemonSqueezy?: LemonSqueezyInput;
     googleTagManager?: GoogleTagManagerInput;
     hotjar?: HotjarInput;
     intercom?: IntercomInput;
     paypal?: PayPalInput;
+    posthog?: PostHogInput;
     matomoAnalytics?: MatomoAnalyticsInput;
     rybbitAnalytics?: RybbitAnalyticsInput;
     redditPixel?: RedditPixelInput;
     segment?: SegmentInput;
     stripe?: StripeInput;
+    tiktokPixel?: TikTokPixelInput;
     xPixel?: XPixelInput;
     snapchatPixel?: SnapTrPixelInput;
     youtubePlayer?: YouTubePlayerInput;
@@ -181,6 +211,17 @@ export type RegistryScriptInput<T = EmptyOptionsSchema, Bundelable extends boole
 export interface RegistryScript {
     import?: Import;
     scriptBundling?: false | ((options?: any) => string | false);
+    /**
+     * First-party routing configuration for this script.
+     * - `string` - The proxy config key to use (e.g., 'googleAnalytics', 'metaPixel')
+     * - `false` - Explicitly disable first-party routing for this script
+     * - `undefined` - Use the default key derived from the function name
+     *
+     * When set to a string, the script's URLs will be rewritten and collection
+     * endpoints will be routed through your server when `scripts.firstParty` is enabled.
+     * @internal
+     */
+    proxy?: string | false;
     label?: string;
     src?: string | false;
     category?: string;

package/dist/runtime/utils/pure.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Proxy configuration for third-party scripts.
+ */
+export interface ProxyRewrite {
+    /** Domain and path to match (e.g., 'www.google-analytics.com/g/collect') */
+    from: string;
+    /** Local path to rewrite to (e.g., '/_scripts/c/ga/g/collect') */
+    to: string;
+}
+/**
+ * Rewrite URLs in script content based on proxy config.
+ */
+export declare function rewriteScriptUrls(content: string, rewrites: ProxyRewrite[]): string;

package/dist/runtime/utils/pure.js

@@ -0,0 +1,67 @@
+import { parseURL, joinURL } from "ufo";
+export function rewriteScriptUrls(content, rewrites) {
+  let result = content;
+  const literalRegex = /(['"`])(.*?)\1/g;
+  for (const { from, to } of rewrites) {
+    const isSuffixMatch = from.startsWith(".");
+    const fromSlashIdx = from.indexOf("/");
+    const fromHost = fromSlashIdx > 0 ? from.slice(0, fromSlashIdx) : from;
+    const fromPath = fromSlashIdx > 0 ? from.slice(fromSlashIdx) : "";
+    result = result.replace(literalRegex, (match, quote, inner) => {
+      if (!inner.includes(fromHost)) return match;
+      const url = parseURL(inner);
+      let shouldRewrite = false;
+      let rewriteSuffix = "";
+      if (url.host) {
+        const hostMatches = isSuffixMatch ? url.host.endsWith(fromHost) : url.host === fromHost;
+        if (hostMatches) {
+          const fullPath = url.pathname + (url.search || "") + (url.hash || "");
+          if (fromPath && fullPath.startsWith(fromPath)) {
+            shouldRewrite = true;
+            rewriteSuffix = fullPath.slice(fromPath.length);
+          } else if (!fromPath) {
+            shouldRewrite = true;
+            rewriteSuffix = fullPath;
+          }
+        }
+      } else if (inner.startsWith("//")) {
+        const hostPart = inner.slice(2).split("/")[0];
+        const hostMatches = isSuffixMatch ? hostPart?.endsWith(fromHost) ?? false : hostPart === fromHost;
+        if (hostMatches) {
+          const remainder = inner.slice(2 + (hostPart?.length ?? 0));
+          if (fromPath && remainder.startsWith(fromPath)) {
+            shouldRewrite = true;
+            rewriteSuffix = remainder.slice(fromPath.length);
+          } else if (!fromPath) {
+            shouldRewrite = true;
+            rewriteSuffix = remainder;
+          }
+        }
+      } else if (fromPath && inner.startsWith(from) || isSuffixMatch && inner.includes(from)) {
+        const domainEnd = inner.indexOf(from) + from.length;
+        const nextChar = inner[domainEnd];
+        if (!nextChar || nextChar === "/" || nextChar === "?" || nextChar === "#") {
+          shouldRewrite = true;
+          rewriteSuffix = inner.slice(domainEnd);
+        }
+      }
+      if (shouldRewrite) {
+        const rewritten = rewriteSuffix === "/" || rewriteSuffix.startsWith("?") || rewriteSuffix.startsWith("#") ? to + rewriteSuffix : joinURL(to, rewriteSuffix);
+        return quote + rewritten + quote;
+      }
+      return match;
+    });
+  }
+  const gaRewrite = rewrites.find((r) => r.from.includes("google-analytics.com/g/collect"));
+  if (gaRewrite) {
+    result = result.replace(
+      /"https:\/\/"\+\(.*?\)\+"\.google-analytics\.com\/g\/collect"/g,
+      `"${gaRewrite.to}"`
+    );
+    result = result.replace(
+      /"https:\/\/"\+\(.*?\)\+"\.analytics\.google\.com\/g\/collect"/g,
+      `"${gaRewrite.to}"`
+    );
+  }
+  return result;
+}

package/dist/runtime/utils.d.ts

@@ -10,8 +10,9 @@ type OptionsFn<O> = (options: InferIfSchema<O>, ctx: {
     scriptInput?: UseScriptInput;
     scriptOptions?: NuxtUseScriptOptions;
     schema?: O extends ObjectSchema<any, any> ? O : undefined;
-    clientInit?: () => void;
+    clientInit?: () => void | Promise<any>;
+    scriptMode?: 'external' | 'npm';
 });
 export declare function scriptRuntimeConfig<T extends keyof ScriptRegistry>(key: T): ScriptRegistry[T];
 export declare function useRegistryScript<T extends Record<string | symbol, any>, O = EmptyOptionsSchema>(registryKey: keyof ScriptRegistry | string, optionsFn: OptionsFn<O>, _userOptions?: RegistryScriptInput<O>): UseScriptContext<UseFunctionType<NuxtUseScriptOptions<T>, T>>;
-export {};
+export * from './utils/pure.js';

package/dist/runtime/utils.js

@@ -1,8 +1,9 @@
 import { defu } from "defu";
 import { useRuntimeConfig } from "nuxt/app";
+import { parseURL, withQuery, parseQuery } from "ufo";
 import { useScript } from "./composables/useScript.js";
+import { createNpmScriptStub } from "./npm-script-stub.js";
 import { parse } from "#nuxt-scripts-validator";
-import { parseURL, withQuery, parseQuery } from "ufo";
 function validateScriptInputSchema(key, schema, options) {
   if (import.meta.dev) {
     try {
@@ -20,6 +21,14 @@ export function useRegistryScript(registryKey, optionsFn, _userOptions) {
   const scriptConfig = scriptRuntimeConfig(registryKey);
   const userOptions = Object.assign(_userOptions || {}, typeof scriptConfig === "object" ? scriptConfig : {});
   const options = optionsFn(userOptions, { scriptInput: userOptions.scriptInput });
+  if (options.scriptMode === "npm") {
+    return createNpmScriptStub({
+      key: String(registryKey),
+      use: options.scriptOptions?.use,
+      clientInit: options.clientInit,
+      trigger: userOptions.scriptOptions?.trigger
+    });
+  }
   let finalScriptInput = options.scriptInput;
   const userSrc = userOptions.scriptInput?.src;
   const optionsSrc = options.scriptInput?.src;
@@ -86,3 +95,4 @@ export function useRegistryScript(registryKey, optionsFn, _userOptions) {
   };
   return useScript(scriptInput, scriptOptions);
 }
+export * from "./utils/pure.js";

package/dist/types.d.mts

@@ -6,4 +6,4 @@ declare module '@nuxt/schema' {
 
 export { default } from './module.mjs'
 
-export { type ModuleHooks, type ModuleOptions } from './module.mjs'
+export { type FirstPartyOptions, type FirstPartyPrivacy, type ModuleHooks, type ModuleOptions } from './module.mjs'

package/package.json

@@ -1,12 +1,12 @@
 {
   "name": "@nuxt/scripts",
   "type": "module",
-  "version": "0.13.2",
+  "version": "1.0.0-beta.2",
   "description": "Load third-party scripts with better performance, privacy and DX in Nuxt Apps.",
   "author": {
     "website": "https://harlanzw.com",
     "name": "Harlan Wilton",
-    "url": "harlan@harlanzw.com"
+    "email": "harlan@harlanzw.com"
   },
   "license": "MIT",
   "repository": {
@@ -43,14 +43,14 @@
       "@unhead/vue",
       "@unhead/schema",
       "knitwork",
-      "estree-walker",
       "#build/modules/nuxt-scripts-gtm",
       "#build/modules/nuxt-scripts-ga",
       "@vimeo/player",
       "esbuild",
       "unimport",
       "#nuxt-scripts/types",
-      "#nuxt-scripts-validator"
+      "#nuxt-scripts-validator",
+      "posthog-js"
     ]
   },
   "peerDependencies": {
@@ -60,7 +60,8 @@
     "@types/google.maps": "^3.58.1",
     "@types/vimeo__player": "^2.18.3",
     "@types/youtube": "^0.1.0",
-    "@unhead/vue": "^2.0.3"
+    "@unhead/vue": "^2.0.3",
+    "posthog-js": "^1.0.0"
   },
   "peerDependenciesMeta": {
     "@googlemaps/markerclusterer": {
@@ -80,52 +81,58 @@
     },
     "@types/youtube": {
       "optional": true
+    },
+    "posthog-js": {
+      "optional": true
     }
   },
   "dependencies": {
-    "@nuxt/kit": "^4.2.2",
-    "@vueuse/core": "^14.1.0",
+    "@nuxt/devtools-kit": "^3.2.1",
+    "@nuxt/kit": "^4.3.1",
+    "@vueuse/core": "^14.2.1",
     "consola": "^3.4.2",
     "defu": "^6.1.4",
-    "h3": "^1.15.4",
+    "h3": "^1.15.5",
     "magic-string": "^0.30.21",
     "ofetch": "^1.5.1",
     "ohash": "^2.0.11",
+    "oxc-parser": "^0.115.0",
+    "oxc-walker": "^0.7.0",
     "pathe": "^2.0.3",
     "pkg-types": "^2.3.0",
     "sirv": "^3.0.2",
     "std-env": "^3.10.0",
-    "ufo": "^1.6.1",
-    "unplugin": "^2.3.11",
-    "unstorage": "^1.17.3",
+    "ufo": "^1.6.3",
+    "unplugin": "^3.0.0",
+    "unstorage": "^1.17.4",
     "valibot": "^1.2.0"
   },
   "devDependencies": {
-    "@nuxt/devtools-kit": "^3.1.1",
-    "@nuxt/devtools-ui-kit": "^3.1.1",
-    "@nuxt/eslint-config": "^1.12.1",
+    "@nuxt/devtools-ui-kit": "^3.2.1",
+    "@nuxt/eslint-config": "^1.15.2",
     "@nuxt/module-builder": "^1.0.2",
-    "@nuxt/test-utils": "3.19.2",
-    "@paypal/paypal-js": "^9.1.0",
+    "@nuxt/test-utils": "^4.0.0",
+    "@nuxtjs/partytown": "^2.0.0",
+    "@paypal/paypal-js": "^9.3.0",
     "@types/semver": "^7.7.1",
-    "@typescript-eslint/typescript-estree": "^8.50.0",
+    "@typescript-eslint/typescript-estree": "^8.56.1",
     "@vue/test-utils": "^2.4.6",
-    "acorn-loose": "^8.5.2",
-    "bumpp": "^10.3.2",
+    "bumpp": "^10.4.1",
     "changelogen": "^0.6.2",
-    "eslint": "^9.39.2",
-    "eslint-plugin-n": "^17.23.1",
-    "happy-dom": "^20.0.11",
+    "eslint": "^10.0.2",
+    "eslint-plugin-n": "^17.24.0",
+    "happy-dom": "^20.7.0",
     "knitwork": "^1.3.0",
-    "nuxt": "^4.2.2",
-    "playwright-core": "^1.57.0",
-    "shiki": "^3.20.0",
+    "nuxt": "^4.3.1",
+    "playwright-core": "^1.58.2",
+    "posthog-js": "^1.353.0",
+    "shiki": "^3.22.0",
     "typescript": "5.9.3",
-    "vitest": "^4.0.16",
-    "vue": "^3.5.26",
-    "vue-router": "^4.6.4",
-    "vue-tsc": "^3.1.8",
-    "@nuxt/scripts": "0.13.2"
+    "vitest": "^4.0.18",
+    "vue": "^3.5.29",
+    "vue-router": "^5.0.3",
+    "vue-tsc": "^3.2.5",
+    "@nuxt/scripts": "1.0.0-beta.2"
   },
   "resolutions": {
     "@nuxt/scripts": "workspace:*"
@@ -136,7 +143,7 @@
     "client:dev": "nuxi dev client --port 3300",
     "dev": "nuxi dev playground",
     "dev:ssl": "nuxi dev playground --https",
-    "prepare:fixtures": "nuxi prepare test/fixtures/basic && nuxi prepare test/fixtures/cdn && nuxi prepare test/fixtures/extend-registry",
+    "prepare:fixtures": "nuxi prepare test/fixtures/basic && nuxi prepare test/fixtures/cdn && nuxi prepare test/fixtures/extend-registry && nuxi prepare test/fixtures/partytown && nuxi prepare test/fixtures/first-party",
     "dev:prepare": "nuxt-module-build build --stub && nuxt-module-build prepare && nuxi prepare playground && pnpm run prepare:fixtures",
     "typecheck": "vue-tsc --noEmit",
     "bump": "bumpp package.json --commit --push --tag",
@@ -144,6 +151,6 @@
     "lint": "eslint .",
     "lint:fix": "eslint . --fix",
     "test": "pnpm dev:prepare && vitest --run",
-    "test:types": "echo 'broken due to type regeneration, use pnpm typecheck' && npx nuxi typecheck"
+    "test:types": "vitest run --project typecheck"
   }
 }