serverless-offline 9.1.0 → 9.1.3

package/README.md

@@ -7,8 +7,8 @@
   <a href="https://www.npmjs.com/package/serverless-offline">
     <img src="https://img.shields.io/npm/v/serverless-offline.svg?style=flat-square">
   </a>
-  <a href="https://github.com/dherault/serverless-offline/actions?query=workflow%3ACI">
-    <img src="https://img.shields.io/github/workflow/status/dherault/serverless-offline/CI?style=flat-square">
+  <a href="https://github.com/dherault/serverless-offline/actions/workflows/integrate.yml">
+    <img src="https://img.shields.io/github/workflow/status/dherault/serverless-offline/Integrate">
   </a>
   <img src="https://img.shields.io/node/v/serverless-offline.svg?style=flat-square">
   <a href="https://github.com/serverless/serverless">
@@ -29,9 +29,9 @@
 This [Serverless](https://github.com/serverless/serverless) plugin emulates [AWS λ](https://aws.amazon.com/lambda) and [API Gateway](https://aws.amazon.com/api-gateway) on your local machine to speed up your development cycles.
 To do so, it starts an HTTP server that handles the request's lifecycle like APIG does and invokes your handlers.
 
-**Features:**
+**Features**
 
-- [Node.js](https://nodejs.org), [Python](https://www.python.org), [Ruby](https://www.ruby-lang.org) and [Go](https://golang.org) λ runtimes.
+- [Node.js](https://nodejs.org), [Python](https://www.python.org), [Ruby](https://www.ruby-lang.org), [Go](https://golang.org), [Java](https://www.java.com) (incl. [Kotlin](https://kotlinlang.org), [Groovy](https://groovy-lang.org), [Scala](https://www.scala-lang.org)) λ runtimes.
 - Velocity templates support.
 - Lazy loading of your handler files.
 - And more: integrations, authorizers, proxies, timeouts, responseParameters, HTTPS, CORS, etc...
@@ -42,6 +42,7 @@ This plugin is updated by its users, I just do maintenance and ensure that PRs a
 
 - [Installation](#installation)
 - [Usage and command line options](#usage-and-command-line-options)
+- [Run modes](#run-modes)
 - [Usage with `invoke`](#usage-with-invoke)
 - [The `process.env.IS_OFFLINE` variable](#the-processenvis_offline-variable)
 - [Docker and Layers](#docker-and-layers)
@@ -84,7 +85,7 @@ Then inside your project's `serverless.yml` file add following entry to the plug
 
 It should look something like this:
 
-```YAML
+```yml
 plugins:
   - serverless-offline
 ```
@@ -146,13 +147,12 @@ All CLI options are optional:
 
 Any of the CLI options can be added to your `serverless.yml`. For example:
 
-```
+```yml
 custom:
   serverless-offline:
-    httpsProtocol: "dev-certs"
+    httpsProtocol: 'dev-certs'
     httpPort: 4000
-    stageVariables:
-      foo: "bar"
+      foo: 'bar'
 ```
 
 Options passed on the command line override YAML options.
@@ -164,18 +164,64 @@ By default you can send your requests to `http://localhost:3000/`. Please note t
   But if you send an `application/x-www-form-urlencoded` or a `multipart/form-data` body with an `application/json` (or no) Content-Type, API Gateway won't parse your data (you'll get the ugly raw as input), whereas the plugin will answer 400 (malformed JSON).
   Please consider explicitly setting your requests' Content-Type and using separate templates.
 
+## Run modes
+
+### node.js
+
+Lambda handlers for the `node.js` runtime can run in different execution modes with `serverless-offline` and they have subtle differences with a variety of pros and cons. they are mutually exclusive and it is planned to combine the flags into one single flag in the future.
+
+#### worker-threads (default)
+
+- handlers run in their own context
+- memory is not being shared between handlers, memory consumption is therefore higher
+- memory is being released when handlers reload or after usage
+- environment (process.env) is not being shared across handlers
+- global state is not being shared across handlers
+- easy debugging
+
+#### in-process
+
+- handlers run in the same context (instance) as `serverless` and `serverless-offline`
+- memory is being shared across lambda handlers as well as with `serverless` and `serverless-offline`
+- no reloading capabilities as it is [currently] not possible to implement for commonjs handlers (without memory leaks) and for esm handlers
+- environment (process.env) is being shared across handlers as well as with `serverless` and `serverless-offline`
+- global state is being shared across lambda handlers as well as with `serverless` and `serverless-offline`
+- easy debugging
+
+#### child-processes
+
+- handlers run in a separate node.js instance
+- memory is not being shared between handlers, memory consumption is therefore higher
+- memory is being released when handlers reload or after usage
+- environment (process.env) is not being shared across handlers
+- global state is not being shared across handlers
+- debugging more complicated
+
+#### docker
+
+- handlers run in a docker container
+- memory is not being shared between handlers, memory consumption is therefore higher
+- memory is being released when handlers reload or after usage
+- environment (process.env) is not being shared across handlers
+- global state is not being shared across handlers
+- debugging more complicated
+
+### Python, Ruby, Go, Java (incl. Kotlin, Groovy, Scala)
+
+the Lambda handler process is running in a child process.
+
 ## Usage with `invoke`
 
-To use `Lambda.invoke` you need to set the lambda endpoint to the serverless-offline endpoint:
+To use `Lambda.invoke` you need to set the lambda endpoint to the `serverless-offline` endpoint:
 
 ```js
+const { env } = require('node:process')
 const { Lambda } = require('aws-sdk')
 
 const lambda = new Lambda({
   apiVersion: '2015-03-31',
-  // endpoint needs to be set only if it deviates from the default, e.g. in a dev environment
-  // process.env.SOME_VARIABLE could be set in e.g. serverless.yml for provider.environment or function.environment
-  endpoint: process.env.SOME_VARIABLE
+  // endpoint needs to be set only if it deviates from the default
+  endpoint: env.IS_OFFLINE
     ? 'http://localhost:3002'
     : 'https://lambda.us-east-1.amazonaws.com',
 })
@@ -184,15 +230,33 @@ const lambda = new Lambda({
 All your lambdas can then be invoked in a handler using
 
 ```js
+const { Buffer } = require('node:buffer')
+const { Lambda } = require('aws-sdk')
+
+const { stringify } = JSON
+
+const lambda = new Lambda({
+  apiVersion: '2015-03-31',
+  endpoint: 'http://localhost:3002',
+})
+
 exports.handler = async function () {
+  const clientContextData = stringify({ foo: 'foo' })
+
   const params = {
+    ClientContext: Buffer.from(clientContextData).toString('base64'),
     // FunctionName is composed of: service name - stage - function name, e.g.
     FunctionName: 'myServiceName-dev-invokedHandler',
     InvocationType: 'RequestResponse',
-    Payload: JSON.stringify({ data: 'foo' }),
+    Payload: stringify({ data: 'foo' }),
   }
 
   const response = await lambda.invoke(params).promise()
+
+  return {
+    body: stringify(response),
+    statusCode: 200,
+  }
 }
 ```
 
@@ -244,7 +308,7 @@ to calling it via `aws-sdk`.
 
 ## The `process.env.IS_OFFLINE` variable
 
-Will be `"true"` in your handlers and throughout the plugin.
+Will be `"true"` in your handlers when using `serverless-offline`.
 
 ## Docker and Layers
 
@@ -326,11 +390,11 @@ Only [custom authorizers](https://aws.amazon.com/blogs/compute/introducing-custo
 
 The Custom authorizer is passed an `event` object as below:
 
-```javascript
+```js
 {
-  "type": "TOKEN",
   "authorizationToken": "<Incoming bearer token>",
-  "methodArn": "arn:aws:execute-api:<Region id>:<Account id>:<API id>/<Stage>/<Method>/<Resource path>"
+  "methodArn": "arn:aws:execute-api:<Region id>:<Account id>:<API id>/<Stage>/<Method>/<Resource path>",
+  "type": "TOKEN"
 }
 ```
 
@@ -338,11 +402,11 @@ The `methodArn` does not include the Account id or API id.
 
 The plugin only supports retrieving Tokens from headers. You can configure the header as below:
 
-```javascript
+```js
 "authorizer": {
-  "type": "TOKEN",
+  "authorizerResultTtlInSeconds": "0",
   "identitySource": "method.request.header.Authorization", // or method.request.header.SomeOtherHeader
-  "authorizerResultTtlInSeconds": "0"
+  "type": "TOKEN"
 }
 ```
 
@@ -370,14 +434,14 @@ If your authentication needs are custom and not satisfied by the existing capabi
 ```js
 module.exports = function (endpoint, functionKey, method, path) {
   return {
-    name: 'your strategy name',
-    scheme: 'your scheme name',
-
     getAuthenticateFunction: () => ({
       async authenticate(request, h) {
         // your implementation
       },
     }),
+
+    name: 'your strategy name',
+    scheme: 'your scheme name',
   }
 }
 ```
@@ -441,7 +505,7 @@ Now let's make a request with this body: `{ "id": 1 }`
 
 AWS parses the event as such:
 
-```javascript
+```js
 {
   "payload": {
     "id": 1
@@ -453,7 +517,7 @@ AWS parses the event as such:
 
 Whereas Offline parses:
 
-```javascript
+```js
 {
   "payload": {
     "id": 1
@@ -505,7 +569,7 @@ Works out of the box. See examples in the manual_test directory.
 
 Example of enabling proxy:
 
-```
+```yml
 custom:
   serverless-offline:
     resourceRoutes: true
@@ -513,18 +577,18 @@ custom:
 
 or
 
-```
+```yml
     YourCloudFormationMethodId:
-      Type: AWS::ApiGateway::Method
       Properties:
         ......
         Integration:
           Type: HTTP_PROXY
           Uri: 'https://s3-${self:custom.region}.amazonaws.com/${self:custom.yourBucketName}/{proxy}'
           ......
+      Type: AWS::ApiGateway::Method
 ```
 
-```
+```yml
 custom:
   serverless-offline:
     resourceRoutes:
@@ -542,7 +606,7 @@ May not work properly. Please PR. (Difficulty: hard?)
 
 Example response velocity template:
 
-```javascript
+```js
 "responseParameters": {
   "method.response.header.X-Powered-By": "Serverless", // a string
   "method.response.header.Warning": "integration.response.body", // the whole response
@@ -559,7 +623,9 @@ Usage in order to send messages back to clients:
 Or,
 
 ```js
-const apiGatewayManagementApi = new AWS.ApiGatewayManagementApi({
+const { ApiGatewayManagementApi } = require('aws-sdk')
+
+const apiGatewayManagementApi = new ApiGatewayManagementApi({
   apiVersion: '2018-11-29',
   endpoint: 'http://localhost:3001',
 });
@@ -648,7 +714,7 @@ You can change this profile directly in the code or by setting proper environmen
 ## Simulation quality
 
 This plugin simulates API Gateway for many practical purposes, good enough for development - but is not a perfect simulator.
-Specifically, Lambda currently runs on Node.js v10.x, v12.x and v14.x ([AWS Docs](https://docs.aws.amazon.com/lambda/latest/dg/current-supported-versions.html)), whereas _Offline_ runs on your own runtime where no memory limits are enforced.
+Specifically, Lambda currently runs on Node.js v12.x, v14.x and v16.x ([AWS Docs](https://docs.aws.amazon.com/lambda/latest/dg/current-supported-versions.html)), whereas _Offline_ runs on your own runtime where no memory limits are enforced.
 
 ## Usage with other plugins
 
@@ -661,7 +727,7 @@ Plugins are executed in order, so plugins that process your code or add resource
 
 For example:
 
-```yaml
+```yml
 plugins:
   - serverless-middleware # modifies some of your handler based on configuration
   - serverless-webpack # package your javascript handlers using webpack

package/package.json

@@ -1,7 +1,7 @@
 {
   "dedicatedTo": "Blue, a great migrating bird.",
   "name": "serverless-offline",
-  "version": "9.1.0",
+  "version": "9.1.3",
   "description": "Emulate AWS λ and API Gateway locally when developing your Serverless project",
   "license": "MIT",
   "main": "./src/index.js",
@@ -194,7 +194,7 @@
     "@hapi/boom": "^10.0.0",
     "@hapi/h2o2": "^9.1.0",
     "@hapi/hapi": "^20.2.2",
-    "aws-sdk": "^2.1181.0",
+    "aws-sdk": "^2.1186.0",
     "boxen": "^7.0.0",
     "chalk": "^5.0.1",
     "execa": "^6.1.0",
@@ -206,7 +206,7 @@
     "jsonwebtoken": "^8.5.1",
     "jszip": "^3.10.0",
     "luxon": "^3.0.1",
-    "node-fetch": "^3.2.9",
+    "node-fetch": "^3.2.10",
     "node-schedule": "^2.1.0",
     "object.hasown": "^1.1.1",
     "p-memoize": "^7.1.0",
@@ -216,7 +216,7 @@
   },
   "devDependencies": {
     "archiver": "^5.3.1",
-    "eslint": "^8.20.0",
+    "eslint": "^8.21.0",
     "eslint-config-airbnb-base": "^15.0.0",
     "eslint-config-prettier": "^8.5.0",
     "eslint-plugin-import": "^2.25.4",

package/src/ServerlessOffline.js

@@ -168,7 +168,7 @@ export default class ServerlessOffline {
 
     this.#http = new Http(this.#serverless, this.#options, this.#lambda)
 
-    await this.#http.registerPlugins()
+    await this.#http.createServer()
 
     this.#http.create(events)
 
@@ -236,12 +236,8 @@ export default class ServerlessOffline {
       .replace(/\s/g, '')
       .split(',')
 
-    if (this.#options.corsDisallowCredentials) {
-      this.#options.corsAllowCredentials = false
-    }
-
     this.#options.corsConfig = {
-      credentials: this.#options.corsAllowCredentials,
+      credentials: !this.#options.corsDisallowCredentials,
       exposedHeaders: this.#options.corsExposedHeaders,
       headers: this.#options.corsAllowHeaders,
       origin: this.#options.corsAllowOrigin,

package/src/config/constants.js

@@ -9,7 +9,7 @@ export const DEFAULT_LAMBDA_RUNTIME = 'nodejs14.x'
 // https://docs.aws.amazon.com/lambda/latest/dg/limits.html
 export const DEFAULT_LAMBDA_MEMORY_SIZE = 1024
 // default function timeout in seconds
-export const DEFAULT_LAMBDA_TIMEOUT = 900 // 15 min
+export const DEFAULT_LAMBDA_TIMEOUT = 6 // 6 seconds
 
 // timeout for all connections to be closed
 export const SERVER_SHUTDOWN_TIMEOUT = 5000

package/src/config/defaultOptions.js

@@ -2,9 +2,9 @@ import { createApiKey } from '../utils/index.js'
 
 export default {
   apiKey: createApiKey(),
-  corsAllowCredentials: true, // TODO no CLI option
   corsAllowHeaders: 'accept,content-type,x-api-key,authorization',
   corsAllowOrigin: '*',
+  corsDisallowCredentials: true,
   corsExposedHeaders: 'WWW-Authenticate,Server-Authorization',
   disableCookieValidation: false,
   disableScheduledEvents: false,

package/src/events/http/Http.js

@@ -17,6 +17,10 @@ export default class Http {
     return this.#httpServer.stop(timeout)
   }
 
+  async createServer() {
+    await this.#httpServer.createServer()
+  }
+
   #createEvent(functionKey, rawHttpEventDefinition, handler) {
     const httpEvent = new HttpEventDefinition(rawHttpEventDefinition)
 
@@ -39,10 +43,6 @@ export default class Http {
     this.#httpServer.create404Route()
   }
 
-  registerPlugins() {
-    return this.#httpServer.registerPlugins()
-  }
-
   // TEMP FIXME quick fix to expose gateway server for testing, look for better solution
   getServer() {
     return this.#httpServer.getServer()

package/src/events/http/HttpServer.js

@@ -1,5 +1,5 @@
 import { Buffer } from 'node:buffer'
-import { readFileSync } from 'node:fs'
+import { readFile } from 'node:fs/promises'
 import { createRequire } from 'node:module'
 import { join, resolve } from 'node:path'
 import { exit } from 'node:process'
@@ -47,7 +47,9 @@ export default class HttpServer {
     this.#lambda = lambda
     this.#options = options
     this.#serverless = serverless
+  }
 
+  async createServer() {
     const {
       enforceSecureCookies,
       host,
@@ -80,14 +82,20 @@ export default class HttpServer {
     // HTTPS support
     if (typeof httpsProtocol === 'string' && httpsProtocol.length > 0) {
       serverOptions.tls = {
-        cert: readFileSync(resolve(httpsProtocol, 'cert.pem'), 'ascii'),
-        key: readFileSync(resolve(httpsProtocol, 'key.pem'), 'ascii'),
+        cert: readFile(resolve(httpsProtocol, 'cert.pem'), 'ascii'),
+        key: readFile(resolve(httpsProtocol, 'key.pem'), 'ascii'),
       }
     }
 
     // Hapijs server creation
     this.#server = new Server(serverOptions)
 
+    try {
+      await this.#server.register([h2o2])
+    } catch (err) {
+      log.error(err)
+    }
+
     // Enable CORS preflight response
     this.#server.ext('onPreResponse', (request, h) => {
       if (request.headers.origin) {
@@ -205,14 +213,6 @@ export default class HttpServer {
     })
   }
 
-  async registerPlugins() {
-    try {
-      await this.#server.register([h2o2])
-    } catch (err) {
-      log.error(err)
-    }
-  }
-
   #logPluginIssue() {
     log.notice(
       'If you think this is an issue with the plugin please submit it, thanks!\nhttps://github.com/dherault/serverless-offline/issues',
@@ -260,7 +260,7 @@ export default class HttpServer {
     log.debug(`Creating Authorization scheme for ${authKey}`)
 
     // Create the Auth Scheme for the endpoint
-    const scheme = createJWTAuthScheme(jwtSettings, this)
+    const scheme = createJWTAuthScheme(jwtSettings)
 
     // Set the auth scheme and strategy on the server
     this.#server.auth.scheme(authSchemeName, scheme)
@@ -338,6 +338,7 @@ export default class HttpServer {
      *    /tests/integration/custom-authentication
      */
     const customizations = this.#serverless.service.custom
+
     if (
       customizations &&
       customizations.offline?.customAuthenticationProvider
@@ -350,11 +351,13 @@ export default class HttpServer {
       )
 
       const strategy = provider(endpoint, functionKey, method, path)
+
       this.#server.auth.scheme(
         strategy.scheme,
         strategy.getAuthenticateFunction,
       )
       this.#server.auth.strategy(strategy.name, strategy.scheme)
+
       return strategy.name
     }
 
@@ -363,164 +366,44 @@ export default class HttpServer {
       ? null
       : this.#configureJWTAuthorization(endpoint, functionKey, method, path) ||
         this.#configureAuthorization(endpoint, functionKey, method, path)
+
     return authStrategyName
   }
 
-  createRoutes(functionKey, httpEvent, handler) {
-    const [handlerPath] = splitHandlerPathAndName(handler)
-
-    let method
-    let path
-    let hapiPath
-
-    if (httpEvent.isHttpApi) {
-      if (httpEvent.routeKey === '$default') {
-        method = 'ANY'
-        path = httpEvent.routeKey
-        hapiPath = '/{default*}'
-      } else {
-        ;[method, path] = httpEvent.routeKey.split(' ')
-        hapiPath = generateHapiPath(
-          path,
-          {
-            ...this.#options,
-            noPrependStageInUrl: true, // Serverless always uses the $default stage
-          },
-          this.#serverless,
-        )
-      }
-    } else {
-      method = httpEvent.method.toUpperCase()
-      ;({ path } = httpEvent)
-      hapiPath = generateHapiPath(path, this.#options, this.#serverless)
-    }
-
-    const endpoint = new Endpoint(
-      join(this.#serverless.config.servicePath, handlerPath),
-      httpEvent,
-    ).generate()
-
-    const stage = endpoint.isHttpApi
-      ? '$default'
-      : this.#options.stage || this.#serverless.service.provider.stage
-    const protectedRoutes = []
-
-    if (httpEvent.private) {
-      protectedRoutes.push(`${method}#${hapiPath}`)
-    }
-
-    const { host, httpPort, httpsProtocol } = this.#options
-    const server = `${httpsProtocol ? 'https' : 'http'}://${host}:${httpPort}`
-
-    this.#terminalInfo.push({
-      invokePath: `/2015-03-31/functions/${functionKey}/invocations`,
-      method,
-      path: hapiPath,
-      server,
-      stage:
-        endpoint.isHttpApi || this.#options.noPrependStageInUrl ? null : stage,
-    })
-
-    const authStrategyName = this.#setAuthorizationStrategy(
+  #createHapiHandler(params) {
+    const {
+      additionalRequestContext,
       endpoint,
       functionKey,
+      hapiMethod,
+      hapiPath,
       method,
-      path,
-    )
-
-    let cors = null
-    if (endpoint.cors) {
-      cors = {
-        credentials:
-          endpoint.cors.credentials || this.#options.corsConfig.credentials,
-        exposedHeaders: this.#options.corsConfig.exposedHeaders,
-        headers: endpoint.cors.headers || this.#options.corsConfig.headers,
-        origin: endpoint.cors.origins || this.#options.corsConfig.origin,
-      }
-    } else if (
-      this.#serverless.service.provider.httpApi &&
-      this.#serverless.service.provider.httpApi.cors
-    ) {
-      const httpApiCors = getHttpApiCorsConfig(
-        this.#serverless.service.provider.httpApi.cors,
-        this,
-      )
-      cors = {
-        credentials: httpApiCors.allowCredentials,
-        exposedHeaders: httpApiCors.exposedResponseHeaders || [],
-        headers: httpApiCors.allowedHeaders || [],
-        maxAge: httpApiCors.maxAge,
-        origin: httpApiCors.allowedOrigins || [],
-      }
-    }
-
-    const hapiMethod = method === 'ANY' ? '*' : method
-
-    const state = this.#options.disableCookieValidation
-      ? {
-          failAction: 'ignore',
-          parse: false,
-        }
-      : {
-          failAction: 'error',
-          parse: true,
-        }
-
-    const hapiOptions = {
-      auth: authStrategyName,
-      cors,
-      state,
-      timeout: { socket: false },
-    }
+      protectedRoute,
+      stage,
+    } = params
 
-    // skip HEAD routes as hapi will fail with 'Method name not allowed: HEAD ...'
-    // for more details, check https://github.com/dherault/serverless-offline/issues/204
-    if (hapiMethod === 'HEAD') {
-      log.notice(
-        'HEAD method event detected. Skipping HAPI server route mapping',
-      )
-
-      return
-    }
-
-    if (hapiMethod !== 'HEAD' && hapiMethod !== 'GET') {
-      // maxBytes: Increase request size from 1MB default limit to 10MB.
-      // Cf AWS API GW payload limits.
-      hapiOptions.payload = {
-        maxBytes: 1024 * 1024 * 10,
-        parse: false,
-      }
-    }
-
-    const additionalRequestContext = {}
-    if (httpEvent.operationId) {
-      additionalRequestContext.operationName = httpEvent.operationId
-    }
-
-    hapiOptions.tags = ['api']
-
-    const hapiHandler = async (request, h) => {
+    return async (request, h) => {
       const requestPath =
         endpoint.isHttpApi || this.#options.noPrependStageInUrl
           ? request.path
           : request.path.substr(`/${stage}`.length)
 
-      // Payload processing
+      // payload processing
       const encoding = detectEncoding(request)
 
       request.payload = request.payload && request.payload.toString(encoding)
       request.rawPayload = request.payload
 
-      // Incomming request message
+      // incomming request message
       log.notice()
 
       log.notice()
       log.notice(`${method} ${request.path} (λ: ${functionKey})`)
 
-      // Check for APIKey
+      // check for APIKey
       if (
-        (protectedRoutes.includes(`${hapiMethod}#${hapiPath}`) ||
-          protectedRoutes.includes(`ANY#${hapiPath}`)) &&
+        (protectedRoute === `${hapiMethod}#${hapiPath}` ||
+          protectedRoute === `ANY#${hapiPath}`) &&
         !this.#options.noAuth
       ) {
         const errorResponse = () =>
@@ -641,24 +524,18 @@ export default class HttpServer {
           event = request.payload || {}
         }
       } else if (integration === 'AWS_PROXY') {
-        const stageVariables = this.#serverless.service.custom
-          ? this.#serverless.service.custom.stageVariables
-          : null
-
         const lambdaProxyIntegrationEvent =
           endpoint.isHttpApi && endpoint.payload === '2.0'
             ? new LambdaProxyIntegrationEventV2(
                 request,
                 stage,
                 endpoint.routeKey,
-                stageVariables,
                 additionalRequestContext,
               )
             : new LambdaProxyIntegrationEvent(
                 request,
                 stage,
                 requestPath,
-                stageVariables,
                 endpoint.isHttpApi ? endpoint.routeKey : null,
                 additionalRequestContext,
               )
@@ -710,8 +587,7 @@ export default class HttpServer {
 
         const errorMessage = (err.message || err).toString()
 
-        const re = /\[(\d{3})]/
-        const found = errorMessage.match(re)
+        const found = errorMessage.match(/\[(\d{3})]/)
 
         if (found && found.length > 1) {
           ;[, errorStatusCode] = found
@@ -862,7 +738,9 @@ export default class HttpServer {
                 ).getContext()
 
                 result = renderVelocityTemplateObject(
-                  { root: responseTemplate },
+                  {
+                    root: responseTemplate,
+                  },
                   reponseContext,
                 ).root
               } catch (error) {
@@ -971,7 +849,9 @@ export default class HttpServer {
             headerValue.forEach((value) => {
               // it looks like Hapi doesn't support multiple headers with the same name,
               // appending values is the closest we can come to the AWS behavior.
-              response.header(headerKey, value, { append: true })
+              response.header(headerKey, value, {
+                append: true,
+              })
             })
           }
         })
@@ -1009,7 +889,6 @@ export default class HttpServer {
         }
       }
 
-      // Log response
       let whatToLog = result
 
       try {
@@ -1024,9 +903,152 @@ export default class HttpServer {
         }
       }
 
-      // Bon voyage!
       return response
     }
+  }
+
+  createRoutes(functionKey, httpEvent, handler) {
+    const [handlerPath] = splitHandlerPathAndName(handler)
+
+    let method
+    let path
+    let hapiPath
+
+    if (httpEvent.isHttpApi) {
+      if (httpEvent.routeKey === '$default') {
+        method = 'ANY'
+        path = httpEvent.routeKey
+        hapiPath = '/{default*}'
+      } else {
+        ;[method, path] = httpEvent.routeKey.split(' ')
+        hapiPath = generateHapiPath(
+          path,
+          {
+            ...this.#options,
+            noPrependStageInUrl: true, // Serverless always uses the $default stage
+          },
+          this.#serverless,
+        )
+      }
+    } else {
+      method = httpEvent.method.toUpperCase()
+      ;({ path } = httpEvent)
+      hapiPath = generateHapiPath(path, this.#options, this.#serverless)
+    }
+
+    const endpoint = new Endpoint(
+      join(this.#serverless.config.servicePath, handlerPath),
+      httpEvent,
+    ).generate()
+
+    const stage = endpoint.isHttpApi
+      ? '$default'
+      : this.#options.stage || this.#serverless.service.provider.stage
+
+    const protectedRoute = httpEvent.private
+      ? `${method}#${hapiPath}`
+      : undefined
+
+    const { host, httpPort, httpsProtocol } = this.#options
+    const server = `${httpsProtocol ? 'https' : 'http'}://${host}:${httpPort}`
+
+    this.#terminalInfo.push({
+      invokePath: `/2015-03-31/functions/${functionKey}/invocations`,
+      method,
+      path: hapiPath,
+      server,
+      stage:
+        endpoint.isHttpApi || this.#options.noPrependStageInUrl ? null : stage,
+    })
+
+    const authStrategyName = this.#setAuthorizationStrategy(
+      endpoint,
+      functionKey,
+      method,
+      path,
+    )
+
+    let cors = null
+    if (endpoint.cors) {
+      cors = {
+        credentials:
+          endpoint.cors.credentials || this.#options.corsConfig.credentials,
+        exposedHeaders: this.#options.corsConfig.exposedHeaders,
+        headers: endpoint.cors.headers || this.#options.corsConfig.headers,
+        origin: endpoint.cors.origins || this.#options.corsConfig.origin,
+      }
+    } else if (
+      this.#serverless.service.provider.httpApi &&
+      this.#serverless.service.provider.httpApi.cors
+    ) {
+      const httpApiCors = getHttpApiCorsConfig(
+        this.#serverless.service.provider.httpApi.cors,
+        this,
+      )
+      cors = {
+        credentials: httpApiCors.allowCredentials,
+        exposedHeaders: httpApiCors.exposedResponseHeaders || [],
+        headers: httpApiCors.allowedHeaders || [],
+        maxAge: httpApiCors.maxAge,
+        origin: httpApiCors.allowedOrigins || [],
+      }
+    }
+
+    const hapiMethod = method === 'ANY' ? '*' : method
+
+    const state = this.#options.disableCookieValidation
+      ? {
+          failAction: 'ignore',
+          parse: false,
+        }
+      : {
+          failAction: 'error',
+          parse: true,
+        }
+
+    const hapiOptions = {
+      auth: authStrategyName,
+      cors,
+      state,
+      timeout: { socket: false },
+    }
+
+    // skip HEAD routes as hapi will fail with 'Method name not allowed: HEAD ...'
+    // for more details, check https://github.com/dherault/serverless-offline/issues/204
+    if (hapiMethod === 'HEAD') {
+      log.notice(
+        'HEAD method event detected. Skipping HAPI server route mapping',
+      )
+
+      return
+    }
+
+    if (hapiMethod !== 'HEAD' && hapiMethod !== 'GET') {
+      // maxBytes: Increase request size from 1MB default limit to 10MB.
+      // Cf AWS API GW payload limits.
+      hapiOptions.payload = {
+        maxBytes: 1024 * 1024 * 10,
+        parse: false,
+      }
+    }
+
+    const additionalRequestContext = {}
+    if (httpEvent.operationId) {
+      additionalRequestContext.operationName = httpEvent.operationId
+    }
+
+    hapiOptions.tags = ['api']
+
+    const hapiHandler = this.#createHapiHandler({
+      additionalRequestContext,
+      endpoint,
+      functionKey,
+      hapiMethod,
+      hapiPath,
+      method,
+      protectedRoute,
+      stage,
+    })
 
     this.#server.route({
       handler: hapiHandler,

package/src/events/http/lambda-events/LambdaProxyIntegrationEvent.js

@@ -30,22 +30,12 @@ export default class LambdaProxyIntegrationEvent {
 
   #stage = null
 
-  #stageVariables = null
-
-  constructor(
-    request,
-    stage,
-    path,
-    stageVariables,
-    routeKey,
-    additionalRequestContext,
-  ) {
+  constructor(request, stage, path, routeKey, additionalRequestContext) {
     this.#additionalRequestContext = additionalRequestContext || {}
     this.#path = path
     this.#routeKey = routeKey
     this.#request = request
     this.#stage = stage
-    this.#stageVariables = stageVariables
   }
 
   create() {
@@ -227,7 +217,7 @@ export default class LambdaProxyIntegrationEvent {
         stage: this.#stage,
       },
       resource,
-      stageVariables: this.#stageVariables,
+      stageVariables: null,
     }
   }
 }

package/src/events/http/lambda-events/LambdaProxyIntegrationEventV2.js

@@ -24,20 +24,11 @@ export default class LambdaProxyIntegrationEventV2 {
 
   #stage = null
 
-  #stageVariables = null
-
-  constructor(
-    request,
-    stage,
-    routeKey,
-    stageVariables,
-    additionalRequestContext,
-  ) {
+  constructor(request, stage, routeKey, additionalRequestContext) {
     this.#additionalRequestContext = additionalRequestContext || {}
     this.#routeKey = routeKey
     this.#request = request
     this.#stage = stage
-    this.#stageVariables = stageVariables
   }
 
   create() {
@@ -183,7 +174,7 @@ export default class LambdaProxyIntegrationEventV2 {
         timeEpoch: requestTimeEpoch,
       },
       routeKey: this.#routeKey,
-      stageVariables: this.#stageVariables,
+      stageVariables: null,
       version: '2.0',
     }
   }

package/src/events/schedule/Schedule.js

@@ -39,9 +39,9 @@ export default class Schedule {
       const cron = this.#convertExpressionToCron(entry)
 
       log.notice(
-        `Scheduling [${functionKey}] cron: [${cron}] input: ${stringify(
-          input,
-        )}`,
+        `Scheduling [${functionKey}] cron: [${cron}]${
+          input ? ` input: ${stringify(input)}` : ''
+        }`,
       )
 
       nodeSchedule.scheduleJob(cron, async () => {

package/src/lambda/LambdaFunction.js

@@ -15,8 +15,8 @@ import {
 } from '../config/index.js'
 import { createUniqueId, splitHandlerPathAndName } from '../utils/index.js'
 
-const { entries, fromEntries } = Object
 const { ceil } = Math
+const { entries, fromEntries } = Object
 
 export default class LambdaFunction {
   #artifact = null

package/src/lambda/handler-runner/child-process-runner/ChildProcessRunner.js

@@ -41,14 +41,18 @@ export default class ChildProcessRunner {
       },
     )
 
-    const message = new Promise((res, rej) => {
-      childProcess.on('message', (data) => {
-        if (data.error) rej(data.error)
-        else res(data)
+    let message
+
+    try {
+      message = new Promise((res, rej) => {
+        childProcess.on('message', (data) => {
+          if (data.error) rej(data.error)
+          else res(data)
+        })
       })
-    }).finally(() => {
+    } finally {
       childProcess.kill()
-    })
+    }
 
     childProcess.send({
       context,

package/src/lambda/handler-runner/docker-runner/DockerContainer.js

@@ -12,6 +12,8 @@ import pRetry from 'p-retry'
 import DockerImage from './DockerImage.js'
 
 const { stringify } = JSON
+const { floor, log: mathLog } = Math
+const { parseFloat } = Number
 const { entries, hasOwn } = Object
 
 export default class DockerContainer {
@@ -402,7 +404,7 @@ export default class DockerContainer {
     const dm = decimals < 0 ? 0 : decimals
     const sizes = ['Bytes', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB']
 
-    const i = Math.floor(Math.log(bytes) / Math.log(k))
+    const i = floor(mathLog(bytes) / mathLog(k))
 
     return `${parseFloat((bytes / k ** i).toFixed(dm))} ${sizes[i]}`
   }

package/src/lambda/handler-runner/go-runner/GoRunner.js

@@ -1,15 +1,15 @@
 import { mkdir, readFile, rm, rmdir, writeFile } from 'node:fs/promises'
 import { EOL } from 'node:os'
-import { sep, resolve, parse as pathParse } from 'node:path'
 import process, { chdir, cwd } from 'node:process'
+import { parse as pathParse, resolve, sep } from 'node:path'
 import { log } from '@serverless/utils/log.js'
-import { execa, execaSync } from 'execa'
+import { execa } from 'execa'
 
 const { parse, stringify } = JSON
 
-const PAYLOAD_IDENTIFIER = 'offline_payload'
-
 export default class GoRunner {
+  static #payloadIdentifier = 'offline_payload'
+
   #codeDir = null
 
   #env = null
@@ -18,10 +18,10 @@ export default class GoRunner {
 
   #handlerPath = null
 
-  #tmpPath = null
-
   #tmpFile = null
 
+  #tmpPath = null
+
   constructor(funOptions, env) {
     const { handlerPath, codeDir } = funOptions
 
@@ -34,8 +34,10 @@ export default class GoRunner {
     try {
       // refresh go.mod
       await rm(this.#tmpFile)
-      execaSync('go', ['mod', 'tidy'])
-      await rmdir(this.#tmpPath, { recursive: true })
+      await execa('go', ['mod', 'tidy'])
+      await rmdir(this.#tmpPath, {
+        recursive: true,
+      })
     } catch {
       // @ignore
     }
@@ -49,12 +51,10 @@ export default class GoRunner {
     let payload
 
     for (const item of value.split(EOL)) {
-      if (item.indexOf(PAYLOAD_IDENTIFIER) === -1) {
-        logs.push(item)
-      } else if (item.indexOf(PAYLOAD_IDENTIFIER) !== -1) {
+      if (item.includes(GoRunner.#payloadIdentifier)) {
         try {
           const {
-            offline_payload: { success, error },
+            [GoRunner.#payloadIdentifier]: { error, success },
           } = parse(item)
 
           if (success) {
@@ -65,6 +65,8 @@ export default class GoRunner {
         } catch {
           // @ignore
         }
+      } else {
+        logs.push(item)
       }
     }
 
@@ -122,8 +124,11 @@ export default class GoRunner {
       chdir(cwdPath.substring(0, cwdPath.indexOf('main.go')))
 
       // Make sure we have the mock-lambda runner
-      execaSync('go', ['get', 'github.com/icarus-sullivan/mock-lambda@e065469'])
-      execaSync('go', ['build'])
+      await execa('go', [
+        'get',
+        'github.com/icarus-sullivan/mock-lambda@e065469',
+      ])
+      await execa('go', ['build'])
     } catch {
       // @ignore
     }

package/src/lambda/handler-runner/in-process-runner/InProcessRunner.js

@@ -3,6 +3,7 @@ import { performance } from 'node:perf_hooks'
 import process from 'node:process'
 import { log } from '@serverless/utils/log.js'
 
+const { floor } = Math
 const { assign } = Object
 
 const require = createRequire(import.meta.url)
@@ -49,7 +50,6 @@ export default class InProcessRunner {
     let handler
 
     try {
-      // const { [this.#handlerName]: handler } = await import(this.#handlerPath)
       // eslint-disable-next-line import/no-dynamic-require
       ;({ [this.#handlerName]: handler } = require(this.#handlerPath))
     } catch (err) {
@@ -86,15 +86,21 @@ export default class InProcessRunner {
     // create new immutable object
     const lambdaContext = {
       ...context,
-      done: (err, data) => callback(err, data),
-      fail: (err) => callback(err),
-      getRemainingTimeInMillis: () => {
+      done(err, data) {
+        callback(err, data)
+      },
+      fail(err) {
+        callback(err)
+      },
+      getRemainingTimeInMillis() {
         const timeLeft = executionTimeout - performance.now()
 
         // just return 0 for now if we are beyond alotted time (timeout)
-        return timeLeft > 0 ? timeLeft : 0
+        return timeLeft > 0 ? floor(timeLeft) : 0
+      },
+      succeed(res) {
+        callback(null, res)
       },
-      succeed: (res) => callback(null, res),
     }
 
     let result

package/src/lambda/handler-runner/java-runner/JavaRunner.js

@@ -4,9 +4,11 @@ import { log } from '@serverless/utils/log.js'
 import { invokeJavaLocal } from 'java-invoke-local'
 
 const { parse, stringify } = JSON
-const { has } = Reflect
+const { hasOwn } = Object
 
 export default class JavaRunner {
+  static #payloadIdentifier = '__offline_payload__'
+
   #deployPackage = null
 
   #env = null
@@ -45,9 +47,9 @@ export default class JavaRunner {
       if (
         json &&
         typeof json === 'object' &&
-        has(json, '__offline_payload__')
+        hasOwn(json, JavaRunner.#payloadIdentifier)
       ) {
-        return json.__offline_payload__
+        return json[JavaRunner.#payloadIdentifier]
       }
     }
 

package/src/lambda/handler-runner/python-runner/PythonRunner.js

@@ -7,12 +7,13 @@ import { fileURLToPath } from 'node:url'
 import { log } from '@serverless/utils/log.js'
 
 const { parse, stringify } = JSON
-const { assign } = Object
-const { has } = Reflect
+const { assign, hasOwn } = Object
 
 const __dirname = dirname(fileURLToPath(import.meta.url))
 
 export default class PythonRunner {
+  static #payloadIdentifier = '__offline_payload__'
+
   #env = null
 
   #handlerName = null
@@ -83,9 +84,9 @@ export default class PythonRunner {
       if (
         json &&
         typeof json === 'object' &&
-        has(json, '__offline_payload__')
+        hasOwn(json, PythonRunner.#payloadIdentifier)
       ) {
-        payload = json.__offline_payload__
+        payload = json[PythonRunner.#payloadIdentifier]
         // everything else is print(), logging, ...
       } else {
         log.notice(item)

package/src/lambda/handler-runner/ruby-runner/RubyRunner.js

@@ -6,11 +6,13 @@ import { log } from '@serverless/utils/log.js'
 import { execa } from 'execa'
 
 const { parse, stringify } = JSON
-const { has } = Reflect
+const { hasOwn } = Object
 
 const __dirname = dirname(fileURLToPath(import.meta.url))
 
 export default class RubyRunner {
+  static #payloadIdentifier = '__offline_payload__'
+
   #env = null
 
   #handlerName = null
@@ -47,9 +49,9 @@ export default class RubyRunner {
       if (
         json &&
         typeof json === 'object' &&
-        has(json, '__offline_payload__')
+        hasOwn(json, RubyRunner.#payloadIdentifier)
       ) {
-        payload = json.__offline_payload__
+        payload = json[RubyRunner.#payloadIdentifier]
       } else {
         log.notice(item)
       }

package/src/lambda/handler-runner/worker-thread-runner/workerThreadHelper.js

@@ -2,10 +2,10 @@ import { env } from 'node:process'
 import { parentPort, workerData } from 'node:worker_threads'
 import InProcessRunner from '../in-process-runner/index.js'
 
-const { functionKey, handlerName, handlerPath } = workerData
+const { functionKey, handlerName, handlerPath, timeout } = workerData
 
 parentPort.on('message', async (messageData) => {
-  const { context, event, port, timeout } = messageData
+  const { context, event, port } = messageData
 
   // TODO we could probably cache this in the module scope?
   const inProcessRunner = new InProcessRunner(