vinext 0.1.1 → 0.1.2

package/dist/server/app-route-handler-runtime.js

@@ -1,3 +1,4 @@
+import { addBasePathToPathname } from "../utils/base-path.js";
 import { buildRequestHeadersFromMiddlewareResponse } from "./middleware-request-headers.js";
 import { NextRequest, RequestCookies, sealRequestCookies, sealRequestHeaders } from "../shims/server.js";
 //#region src/server/app-route-handler-runtime.ts
@@ -156,7 +157,17 @@ function createTrackedAppRouteRequest(request, options = {}) {
 			}
 		} });
 	};
-	const wrapRequest = (input) => {
+	const wrapRequest = (rawInput) => {
+		let input = rawInput;
+		if (options.basePath) {
+			const inputUrl = new URL(rawInput.url);
+			const prefixedPathname = addBasePathToPathname(inputUrl.pathname, options.basePath);
+			if (prefixedPathname !== inputUrl.pathname) {
+				inputUrl.pathname = prefixedPathname;
+				const bodySource = rawInput.body && !rawInput.bodyUsed ? rawInput.clone() : rawInput;
+				input = new Request(inputUrl, bodySource);
+			}
+		}
 		const requestHeaders = options.middlewareHeaders ? buildRequestHeadersFromMiddlewareResponse(input.headers, options.middlewareHeaders) : null;
 		const requestWithOverrides = requestHeaders ? rebuildRequestWithHeaders(input, requestHeaders) : input;
 		const nextRequest = requestWithOverrides instanceof NextRequest ? requestWithOverrides : new NextRequest(requestWithOverrides, { nextConfig: nextConfig ?? void 0 });

package/dist/server/app-rsc-handler.js

@@ -14,10 +14,10 @@ import { isImageOptimizationPath } from "./image-optimization.js";
 import { mergeMiddlewareResponseHeaders } from "./middleware-response-headers.js";
 import "./app-page-response.js";
 import { prerenderRouteParamsPayloadMatchesRoute, readTrustedPrerenderRouteParams, serializePrerenderRouteParamsHeader } from "./prerender-route-params.js";
-import { pickRootParams, setRootParams } from "../shims/root-params.js";
 import { applyAppMiddleware } from "./app-middleware.js";
 import { buildPageCacheTags } from "./implicit-tags.js";
 import { buildPostMwRequestContext } from "./app-post-middleware-context.js";
+import { pickRootParams, setRootParams } from "../shims/root-params.js";
 import { handleAppPrerenderEndpoint } from "./app-prerender-endpoints.js";
 import { flattenErrorCauses } from "../utils/error-cause.js";
 import { finalizeAppRscResponse } from "./app-rsc-response-finalizer.js";

package/dist/server/app-rsc-response-finalizer.js

@@ -3,9 +3,9 @@ import { hasBasePath, stripBasePath } from "../utils/base-path.js";
 import "./headers.js";
 import { normalizePath } from "./normalize-path.js";
 import { applyConfigHeadersToResponse } from "./request-pipeline.js";
+import { applyCdnResponseHeaders } from "./cache-control.js";
 import { VINEXT_RSC_VARY_HEADER } from "./app-rsc-cache-busting.js";
 import { normalizeDefaultLocalePathname } from "./pages-i18n.js";
-import { applyCdnResponseHeaders } from "./cache-control.js";
 import { mergeVaryHeader } from "./middleware-response-headers.js";
 //#region src/server/app-rsc-response-finalizer.ts
 /**

package/dist/server/app-server-action-execution.d.ts

@@ -31,6 +31,17 @@ type AppServerActionRoute = {
   pattern: string;
   routeHandler?: unknown;
   routeSegments?: readonly string[];
+  params?: readonly string[] | null;
+  slots?: Readonly<Record<string, {
+    default?: {
+      default?: unknown;
+    } | null;
+    page?: {
+      default?: unknown;
+    } | null;
+    slotPatternParts?: readonly string[] | null;
+    slotParamNames?: readonly string[] | null;
+  }>> | null;
 };
 /**
  * Side-effect headers captured during a progressive (no-JS) server action's

package/dist/server/app-server-action-execution.js

@@ -15,6 +15,7 @@ import { applyEdgeRuntimeHeader } from "./app-page-response.js";
 import { getNextErrorDigest, parseNextHttpErrorDigest, parseNextRedirectDigest } from "./next-error-digest.js";
 import { createServerActionNotFoundResponse, getServerActionNotFoundMessage, isServerActionNotFoundError } from "./server-action-not-found.js";
 import { deferUntilStreamConsumed } from "./app-page-stream.js";
+import { resolveAppPageNavigationParams } from "./app-page-element-builder.js";
 import { resolveAppPageActionRerenderTarget } from "./app-page-request.js";
 import { buildPageCacheTags } from "./implicit-tags.js";
 import { getSetCookieName } from "./cookie-utils.js";
@@ -591,10 +592,11 @@ async function handleServerActionRscRequest(options) {
 				url: redirectTarget
 			});
 			setHeadersContext(headersContextFromRequest(redirectRenderRequest));
+			const redirectNavigationParams = resolveAppPageNavigationParams(targetMatch.route, targetMatch.params, targetPathname, null);
 			options.setNavigationContext({
 				pathname: targetPathname,
 				searchParams: redirectTarget.searchParams,
-				params: targetMatch.params
+				params: redirectNavigationParams
 			});
 			setCurrentFetchCacheMode(options.resolveRouteFetchCacheMode?.(targetMatch.route) ?? null);
 			setCurrentFetchSoftTags(buildServerActionPageTags(targetMatch.route, targetPathname));
@@ -667,10 +669,11 @@ async function handleServerActionRscRequest(options) {
 				isRscRequest: options.isRscRequest,
 				toInterceptOpts: options.toInterceptOpts
 			});
+			const resolvedActionNavigationParams = resolveAppPageNavigationParams(actionRerenderTarget.route, actionRerenderTarget.navigationParams, options.cleanPathname, actionRerenderTarget.interceptOpts);
 			options.setNavigationContext({
 				pathname: options.cleanPathname,
 				searchParams: options.searchParams,
-				params: actionRerenderTarget.navigationParams
+				params: resolvedActionNavigationParams
 			});
 			await options.ensureRouteLoaded?.(actionRerenderTarget.route);
 			setCurrentFetchCacheMode(options.resolveRouteFetchCacheMode?.(actionRerenderTarget.route) ?? null);

package/dist/server/app-ssr-entry.js

@@ -12,12 +12,12 @@ import { getClientTraceMetadataHTML } from "./client-trace-metadata.js";
 import { BfcacheStateKeyMapContext, ElementsContext, Slot } from "../shims/slot.js";
 import { createSsrErrorMetaRenderer } from "./app-ssr-error-meta.js";
 import { createNavigationRuntimeRscMetadataScript, createRscEmbedTransform, createTickBufferedTransform } from "./app-ssr-stream.js";
-import { BeforeInteractiveContext } from "../shims/before-interactive-context.js";
-import { runWithRootParamsScope } from "../shims/root-params.js";
 import { createBfcacheSegmentStateKeyMap, createInitialBfcacheIdMap } from "./app-browser-state.js";
 import { RSC_FORM_STATE_GLOBAL } from "./app-browser-hydration.js";
 import { createClientReferencePreloader } from "./app-client-reference-preloader.js";
 import { deferUntilStreamConsumed } from "./app-page-stream.js";
+import { runWithRootParamsScope } from "../shims/root-params.js";
+import { BeforeInteractiveContext } from "../shims/before-interactive-context.js";
 import { createInitialDevServerErrorScript } from "./dev-initial-server-error.js";
 import { Fragment, createElement, use } from "react";
 import { renderToReadableStream, renderToStaticMarkup } from "react-dom/server.edge";

package/dist/server/app-ssr-stream.js

@@ -89,6 +89,12 @@ function fixPreloadAs(html) {
 const LINK_TAG_RE = /<link\b[^>]*>/gi;
 const HTML_REWRITE_EXCLUDED_REGION_RE = /<!--[\s\S]*?-->|<(script|style|textarea|title)\b[^>]*>[\s\S]*?<\/\1\s*>/gi;
 const HTML_REWRITE_EXCLUDED_REGION_START_RE = /<!--|<(script|style|textarea|title)\b[^>]*>/gi;
+const CLOSE_TAG_RES = {
+	script: /<\/script\s*>/i,
+	style: /<\/style\s*>/i,
+	textarea: /<\/textarea\s*>/i,
+	title: /<\/title\s*>/i
+};
 function getHtmlAttribute(tag, name) {
 	const attrRe = /\s([^\s"'=<>`]+)(?:\s*=\s*(?:"([^"]*)"|'([^']*)'|([^\s"'=<>`]+)))?/g;
 	let match;
@@ -141,7 +147,9 @@ function findTrailingOpenHtmlRewriteExcludedRegionStart(html) {
 		}
 		const tagName = match[1]?.toLowerCase();
 		if (!tagName) continue;
-		const close = new RegExp(`</${tagName}\\s*>`, "i").exec(html.slice(HTML_REWRITE_EXCLUDED_REGION_START_RE.lastIndex));
+		const closeTagRe = CLOSE_TAG_RES[tagName];
+		if (!closeTagRe) continue;
+		const close = closeTagRe.exec(html.slice(HTML_REWRITE_EXCLUDED_REGION_START_RE.lastIndex));
 		if (!close) return start;
 		HTML_REWRITE_EXCLUDED_REGION_START_RE.lastIndex += close.index + close[0].length;
 	}

package/dist/server/dev-lockfile.js

@@ -1,3 +1,4 @@
+import { normalizePathSeparators } from "../utils/path.js";
 import fs from "node:fs";
 import path from "node:path";
 //#region src/server/dev-lockfile.ts
@@ -98,7 +99,7 @@ function formatAlreadyRunningError(opts) {
 	if (!existing) return [
 		"Another vinext dev server appears to be running in this directory.",
 		"",
-		`Stale lock file: ${path.relative(cwd, lockfilePath)}`,
+		`Stale lock file: ${normalizePathSeparators(path.relative(cwd, lockfilePath))}`,
 		"Remove it manually if no server is running, then re-run `vinext dev`."
 	].join("\n");
 	const killCommand = process.platform === "win32" ? `taskkill /PID ${existing.pid} /F` : `kill ${existing.pid}`;

package/dist/server/dev-server.js

@@ -2,10 +2,13 @@ import { createRequestContext, runWithRequestContext } from "../shims/unified-re
 import { createValidFileMatcher, findFileWithExtensions } from "../routing/file-matcher.js";
 import { patternToNextFormat } from "../routing/route-validation.js";
 import { matchRoute } from "../routing/pages-router.js";
+import { NEXTJS_DEPLOYMENT_ID_HEADER } from "./headers.js";
 import { normalizeStaticPathname } from "../routing/route-pattern.js";
 import { importModule, reportRequestError } from "./instrumentation.js";
 import { buildCacheStateHeaders } from "./cache-headers.js";
 import { _runWithCacheState } from "../shims/cache.js";
+import { NEVER_CACHE_CONTROL, NO_STORE_CACHE_CONTROL } from "./cache-control.js";
+import { buildMissIsrCacheControl, decideIsr } from "./isr-decision.js";
 import { PRERENDER_REVALIDATE_HEADER, buildPagesCacheValue, getRevalidateDuration, isOnDemandRevalidateRequest, isrCacheKey, isrGet, isrSet, setRevalidateDuration, triggerBackgroundRegeneration } from "./isr-cache.js";
 import { ensureFetchPatch, runWithFetchCache } from "../shims/fetch-cache.js";
 import { runWithPrivateCache } from "../shims/cache-runtime.js";
@@ -62,7 +65,10 @@ function writeGsspRedirect(res, redirect, isDataReq) {
 	let dest = redirect.destination;
 	if (!dest.startsWith("http://") && !dest.startsWith("https://")) dest = dest.replace(/^[\\/]+/, "/");
 	if (isDataReq) {
-		res.writeHead(200, { "Content-Type": "application/json" });
+		const deploymentId = process.env.__VINEXT_DEPLOYMENT_ID || process.env.NEXT_DEPLOYMENT_ID;
+		const dataHeaders = { "Content-Type": "application/json" };
+		if (deploymentId) dataHeaders[NEXTJS_DEPLOYMENT_ID_HEADER] = deploymentId;
+		res.writeHead(200, dataHeaders);
 		res.end(JSON.stringify({ pageProps: {
 			__N_REDIRECT: dest,
 			__N_REDIRECT_STATUS: status
@@ -228,7 +234,10 @@ function createSSRHandler(server, runner, routes, pagesDir, i18nConfig, fileMatc
 		const match = matchRoute(localeStrippedUrl, routes);
 		if (!match) {
 			if (isDataReq) {
-				res.writeHead(404, { "Content-Type": "application/json" });
+				const deploymentId = process.env.__VINEXT_DEPLOYMENT_ID || process.env.NEXT_DEPLOYMENT_ID;
+				const notFoundHeaders = { "Content-Type": "application/json" };
+				if (deploymentId) notFoundHeaders[NEXTJS_DEPLOYMENT_ID_HEADER] = deploymentId;
+				res.writeHead(404, notFoundHeaders);
 				res.end("{}");
 				return;
 			}
@@ -325,7 +334,10 @@ function createSSRHandler(server, runner, routes, pagesDir, i18nConfig, fileMatc
 					});
 					if (fallback === false && !isValidPath) {
 						if (isDataReq) {
-							res.writeHead(404, { "Content-Type": "application/json" });
+							const deploymentId = process.env.__VINEXT_DEPLOYMENT_ID || process.env.NEXT_DEPLOYMENT_ID;
+							const notFoundHeaders = { "Content-Type": "application/json" };
+							if (deploymentId) notFoundHeaders[NEXTJS_DEPLOYMENT_ID_HEADER] = deploymentId;
+							res.writeHead(404, notFoundHeaders);
 							res.end("{}");
 							return;
 						}
@@ -369,7 +381,10 @@ function createSSRHandler(server, runner, routes, pagesDir, i18nConfig, fileMatc
 					}
 					if (result && "notFound" in result && result.notFound) {
 						if (isDataReq) {
-							res.writeHead(404, { "Content-Type": "application/json" });
+							const deploymentId = process.env.__VINEXT_DEPLOYMENT_ID || process.env.NEXT_DEPLOYMENT_ID;
+							const notFoundHeaders = { "Content-Type": "application/json" };
+							if (deploymentId) notFoundHeaders[NEXTJS_DEPLOYMENT_ID_HEADER] = deploymentId;
+							res.writeHead(404, notFoundHeaders);
 							res.end("{}");
 							return;
 						}
@@ -385,7 +400,7 @@ function createSSRHandler(server, runner, routes, pagesDir, i18nConfig, fileMatc
 						if (Array.isArray(val)) gsspExtraHeaders[key] = val.map(String);
 						else gsspExtraHeaders[key] = String(val);
 					}
-					if (!Object.keys(gsspExtraHeaders).some((k) => k.toLowerCase() === "cache-control")) gsspExtraHeaders["Cache-Control"] = "private, no-cache, no-store, max-age=0, must-revalidate";
+					if (!Object.keys(gsspExtraHeaders).some((k) => k.toLowerCase() === "cache-control")) gsspExtraHeaders["Cache-Control"] = NEVER_CACHE_CONTROL;
 				}
 				const responseHeaders = typeof res.getHeaders === "function" ? res.getHeaders() : void 0;
 				const scriptNonce = getScriptNonceFromNodeHeaderSources(req.headers, responseHeaders);
@@ -405,11 +420,15 @@ function createSSRHandler(server, runner, routes, pagesDir, i18nConfig, fileMatc
 					if (!isOnDemandRevalidate && cached && !cached.isStale && cached.value.value?.kind === "PAGES" && !scriptNonce && !isDataReq) {
 						const cachedHtml = cached.value.value.html;
 						const transformedHtml = await server.transformIndexHtml(url, cachedHtml);
-						const revalidateSecs = getRevalidateDuration(cacheKey) ?? 60;
+						const { cacheControl: hitCacheControl } = decideIsr({
+							cacheState: "HIT",
+							kind: "dev",
+							revalidateSeconds: getRevalidateDuration(cacheKey) ?? 60
+						});
 						const hitHeaders = {
 							"Content-Type": "text/html",
 							...buildCacheStateHeaders("HIT"),
-							"Cache-Control": `s-maxage=${revalidateSecs}, stale-while-revalidate`
+							"Cache-Control": hitCacheControl
 						};
 						if (earlyFontLinkHeader) hitHeaders["Link"] = earlyFontLinkHeader;
 						res.writeHead(200, hitHeaders);
@@ -498,11 +517,15 @@ function createSSRHandler(server, runner, routes, pagesDir, i18nConfig, fileMatc
 							routePath: route.pattern,
 							routeType: "render"
 						});
-						const revalidateSecs = getRevalidateDuration(cacheKey) ?? 60;
+						const { cacheControl: staleCacheControl } = decideIsr({
+							cacheState: "STALE",
+							kind: "dev",
+							revalidateSeconds: getRevalidateDuration(cacheKey) ?? 60
+						});
 						const staleHeaders = {
 							"Content-Type": "text/html",
 							...buildCacheStateHeaders("STALE"),
-							"Cache-Control": `s-maxage=${revalidateSecs}, stale-while-revalidate`
+							"Cache-Control": staleCacheControl
 						};
 						if (earlyFontLinkHeader) staleHeaders["Link"] = earlyFontLinkHeader;
 						res.writeHead(200, staleHeaders);
@@ -524,7 +547,10 @@ function createSSRHandler(server, runner, routes, pagesDir, i18nConfig, fileMatc
 					}
 					if (result && "notFound" in result && result.notFound) {
 						if (isDataReq) {
-							res.writeHead(404, { "Content-Type": "application/json" });
+							const deploymentId = process.env.__VINEXT_DEPLOYMENT_ID || process.env.NEXT_DEPLOYMENT_ID;
+							const notFoundHeaders = { "Content-Type": "application/json" };
+							if (deploymentId) notFoundHeaders[NEXTJS_DEPLOYMENT_ID_HEADER] = deploymentId;
+							res.writeHead(404, notFoundHeaders);
 							res.end("{}");
 							return;
 						}
@@ -554,6 +580,11 @@ function createSSRHandler(server, runner, routes, pagesDir, i18nConfig, fileMatc
 				if (isDataReq) {
 					const dataHeaders = { "Content-Type": "application/json" };
 					if (gsspExtraHeaders) for (const [k, v] of Object.entries(gsspExtraHeaders)) dataHeaders[k] = v;
+					const dataRoutePattern = patternToNextFormat(route.pattern);
+					if (dataRoutePattern !== "/_error" && dataRoutePattern !== "/500") {
+						const deploymentId = process.env.__VINEXT_DEPLOYMENT_ID || process.env.NEXT_DEPLOYMENT_ID;
+						if (deploymentId) dataHeaders[NEXTJS_DEPLOYMENT_ID_HEADER] = deploymentId;
+					}
 					res.writeHead(statusCode ?? 200, dataHeaders);
 					res.end(JSON.stringify({ pageProps }));
 					_renderEnd = now();
@@ -677,9 +708,9 @@ hydrate();
 				} catch {}
 				const allScripts = `${nextDataScript}\n  ${createInlineScriptTag(`window.__VINEXT_PAGE_PATTERNS__=${safeJsonStringify(pagePatterns)}`, scriptNonce)}\n  ${hydrationScript}`;
 				const extraHeaders = { ...gsspExtraHeaders };
-				if (isrRevalidateSeconds) if (scriptNonce) extraHeaders["Cache-Control"] = "no-store, must-revalidate";
+				if (isrRevalidateSeconds) if (scriptNonce) extraHeaders["Cache-Control"] = NO_STORE_CACHE_CONTROL;
 				else {
-					extraHeaders["Cache-Control"] = `s-maxage=${isrRevalidateSeconds}, stale-while-revalidate`;
+					extraHeaders["Cache-Control"] = buildMissIsrCacheControl(isrRevalidateSeconds);
 					Object.assign(extraHeaders, buildCacheStateHeaders("MISS"));
 				}
 				if (allFontPreloads.length > 0) extraHeaders["Link"] = allFontPreloads.map((p) => `<${p.href}>; rel=preload; as=font; type=${p.type}; crossorigin`).join(", ");

package/dist/server/headers.d.ts

@@ -60,6 +60,13 @@ declare const RSC_ACTION_HEADER = "x-rsc-action";
 declare const NEXT_ACTION_HEADER = "next-action";
 /** Next.js action-not-found indicator (value "1"). */
 declare const NEXTJS_ACTION_NOT_FOUND_HEADER = "x-nextjs-action-not-found";
+/**
+ * Deployment ID header used by the Pages Router for deployment-skew
+ * protection. Set on every `/_next/data/` response so the client can detect
+ * when a new deployment has been rolled out and trigger a hard navigation.
+ * Mirrors `NEXT_NAV_DEPLOYMENT_ID_HEADER` from Next.js `lib/constants.ts`.
+ */
+declare const NEXTJS_DEPLOYMENT_ID_HEADER = "x-nextjs-deployment-id";
 /** Forwarded action marker — set when a request has already been forwarded between workers. */
 declare const ACTION_FORWARDED_HEADER = "x-action-forwarded";
 /** Indicates revalidation occurred — value is JSON kind (1 = path/tag, 2 = dynamic-only). */
@@ -100,4 +107,4 @@ declare const INTERNAL_HEADERS: string[];
 /** Vinext-only internal headers stripped alongside Next.js protocol internals. */
 declare const VINEXT_INTERNAL_HEADERS: string[];
 //#endregion
-export { ACTION_FORWARDED_HEADER, ACTION_REDIRECT_HEADER, ACTION_REDIRECT_STATUS_HEADER, ACTION_REDIRECT_TYPE_HEADER, ACTION_REVALIDATED_HEADER, FLIGHT_HEADERS, INTERNAL_HEADERS, MIDDLEWARE_HEADER_PREFIX, MIDDLEWARE_NEXT_HEADER, MIDDLEWARE_OVERRIDE_HEADERS, MIDDLEWARE_REQUEST_HEADER_PREFIX, MIDDLEWARE_REWRITE_HEADER, MIDDLEWARE_SET_COOKIE_HEADER, NEXTJS_ACTION_NOT_FOUND_HEADER, NEXTJS_CACHE_HEADER, NEXT_ACTION_HEADER, NEXT_ROUTER_PREFETCH_HEADER, NEXT_ROUTER_SEGMENT_PREFETCH_HEADER, NEXT_ROUTER_STATE_TREE_HEADER, NEXT_URL_HEADER, RSC_ACTION_HEADER, RSC_HEADER, VINEXT_CACHE_HEADER, VINEXT_CLIENT_REUSE_MANIFEST_HEADER, VINEXT_DYNAMIC_STALE_TIME_HEADER, VINEXT_INTERCEPTION_CONTEXT_HEADER, VINEXT_INTERNAL_HEADERS, VINEXT_MOUNTED_SLOTS_HEADER, VINEXT_MW_CTX_HEADER, VINEXT_PARAMS_HEADER, VINEXT_PRERENDER_ROUTE_PARAMS_HEADER, VINEXT_PRERENDER_SECRET_HEADER, VINEXT_REVALIDATE_HEADER, VINEXT_RSC_MARKER_HEADER, VINEXT_RSC_REDIRECT_HEADER, VINEXT_RSC_RENDER_MODE_HEADER, VINEXT_STATIC_FILE_HEADER, VINEXT_TIMING_HEADER };
+export { ACTION_FORWARDED_HEADER, ACTION_REDIRECT_HEADER, ACTION_REDIRECT_STATUS_HEADER, ACTION_REDIRECT_TYPE_HEADER, ACTION_REVALIDATED_HEADER, FLIGHT_HEADERS, INTERNAL_HEADERS, MIDDLEWARE_HEADER_PREFIX, MIDDLEWARE_NEXT_HEADER, MIDDLEWARE_OVERRIDE_HEADERS, MIDDLEWARE_REQUEST_HEADER_PREFIX, MIDDLEWARE_REWRITE_HEADER, MIDDLEWARE_SET_COOKIE_HEADER, NEXTJS_ACTION_NOT_FOUND_HEADER, NEXTJS_CACHE_HEADER, NEXTJS_DEPLOYMENT_ID_HEADER, NEXT_ACTION_HEADER, NEXT_ROUTER_PREFETCH_HEADER, NEXT_ROUTER_SEGMENT_PREFETCH_HEADER, NEXT_ROUTER_STATE_TREE_HEADER, NEXT_URL_HEADER, RSC_ACTION_HEADER, RSC_HEADER, VINEXT_CACHE_HEADER, VINEXT_CLIENT_REUSE_MANIFEST_HEADER, VINEXT_DYNAMIC_STALE_TIME_HEADER, VINEXT_INTERCEPTION_CONTEXT_HEADER, VINEXT_INTERNAL_HEADERS, VINEXT_MOUNTED_SLOTS_HEADER, VINEXT_MW_CTX_HEADER, VINEXT_PARAMS_HEADER, VINEXT_PRERENDER_ROUTE_PARAMS_HEADER, VINEXT_PRERENDER_SECRET_HEADER, VINEXT_REVALIDATE_HEADER, VINEXT_RSC_MARKER_HEADER, VINEXT_RSC_REDIRECT_HEADER, VINEXT_RSC_RENDER_MODE_HEADER, VINEXT_STATIC_FILE_HEADER, VINEXT_TIMING_HEADER };

package/dist/server/headers.js

@@ -60,6 +60,13 @@ const RSC_ACTION_HEADER = "x-rsc-action";
 const NEXT_ACTION_HEADER = "next-action";
 /** Next.js action-not-found indicator (value "1"). */
 const NEXTJS_ACTION_NOT_FOUND_HEADER = "x-nextjs-action-not-found";
+/**
+* Deployment ID header used by the Pages Router for deployment-skew
+* protection. Set on every `/_next/data/` response so the client can detect
+* when a new deployment has been rolled out and trigger a hard navigation.
+* Mirrors `NEXT_NAV_DEPLOYMENT_ID_HEADER` from Next.js `lib/constants.ts`.
+*/
+const NEXTJS_DEPLOYMENT_ID_HEADER = "x-nextjs-deployment-id";
 /** Forwarded action marker — set when a request has already been forwarded between workers. */
 const ACTION_FORWARDED_HEADER = "x-action-forwarded";
 /** Indicates revalidation occurred — value is JSON kind (1 = path/tag, 2 = dynamic-only). */
@@ -122,4 +129,4 @@ const INTERNAL_HEADERS = [
 /** Vinext-only internal headers stripped alongside Next.js protocol internals. */
 const VINEXT_INTERNAL_HEADERS = [VINEXT_PRERENDER_ROUTE_PARAMS_HEADER];
 //#endregion
-export { ACTION_FORWARDED_HEADER, ACTION_REDIRECT_HEADER, ACTION_REDIRECT_STATUS_HEADER, ACTION_REDIRECT_TYPE_HEADER, ACTION_REVALIDATED_HEADER, FLIGHT_HEADERS, INTERNAL_HEADERS, MIDDLEWARE_HEADER_PREFIX, MIDDLEWARE_NEXT_HEADER, MIDDLEWARE_OVERRIDE_HEADERS, MIDDLEWARE_REQUEST_HEADER_PREFIX, MIDDLEWARE_REWRITE_HEADER, MIDDLEWARE_SET_COOKIE_HEADER, NEXTJS_ACTION_NOT_FOUND_HEADER, NEXTJS_CACHE_HEADER, NEXT_ACTION_HEADER, NEXT_ROUTER_PREFETCH_HEADER, NEXT_ROUTER_SEGMENT_PREFETCH_HEADER, NEXT_ROUTER_STATE_TREE_HEADER, NEXT_URL_HEADER, RSC_ACTION_HEADER, RSC_HEADER, VINEXT_CACHE_HEADER, VINEXT_CLIENT_REUSE_MANIFEST_HEADER, VINEXT_DYNAMIC_STALE_TIME_HEADER, VINEXT_INTERCEPTION_CONTEXT_HEADER, VINEXT_INTERNAL_HEADERS, VINEXT_MOUNTED_SLOTS_HEADER, VINEXT_MW_CTX_HEADER, VINEXT_PARAMS_HEADER, VINEXT_PRERENDER_ROUTE_PARAMS_HEADER, VINEXT_PRERENDER_SECRET_HEADER, VINEXT_REVALIDATE_HEADER, VINEXT_RSC_MARKER_HEADER, VINEXT_RSC_REDIRECT_HEADER, VINEXT_RSC_RENDER_MODE_HEADER, VINEXT_STATIC_FILE_HEADER, VINEXT_TIMING_HEADER };
+export { ACTION_FORWARDED_HEADER, ACTION_REDIRECT_HEADER, ACTION_REDIRECT_STATUS_HEADER, ACTION_REDIRECT_TYPE_HEADER, ACTION_REVALIDATED_HEADER, FLIGHT_HEADERS, INTERNAL_HEADERS, MIDDLEWARE_HEADER_PREFIX, MIDDLEWARE_NEXT_HEADER, MIDDLEWARE_OVERRIDE_HEADERS, MIDDLEWARE_REQUEST_HEADER_PREFIX, MIDDLEWARE_REWRITE_HEADER, MIDDLEWARE_SET_COOKIE_HEADER, NEXTJS_ACTION_NOT_FOUND_HEADER, NEXTJS_CACHE_HEADER, NEXTJS_DEPLOYMENT_ID_HEADER, NEXT_ACTION_HEADER, NEXT_ROUTER_PREFETCH_HEADER, NEXT_ROUTER_SEGMENT_PREFETCH_HEADER, NEXT_ROUTER_STATE_TREE_HEADER, NEXT_URL_HEADER, RSC_ACTION_HEADER, RSC_HEADER, VINEXT_CACHE_HEADER, VINEXT_CLIENT_REUSE_MANIFEST_HEADER, VINEXT_DYNAMIC_STALE_TIME_HEADER, VINEXT_INTERCEPTION_CONTEXT_HEADER, VINEXT_INTERNAL_HEADERS, VINEXT_MOUNTED_SLOTS_HEADER, VINEXT_MW_CTX_HEADER, VINEXT_PARAMS_HEADER, VINEXT_PRERENDER_ROUTE_PARAMS_HEADER, VINEXT_PRERENDER_SECRET_HEADER, VINEXT_REVALIDATE_HEADER, VINEXT_RSC_MARKER_HEADER, VINEXT_RSC_REDIRECT_HEADER, VINEXT_RSC_RENDER_MODE_HEADER, VINEXT_STATIC_FILE_HEADER, VINEXT_TIMING_HEADER };

package/dist/server/instrumentation-runtime.d.ts

@@ -34,6 +34,12 @@
  * Ensure the instrumentation module's `register()` and `onRequestError`
  * hooks have been applied exactly once.
  *
+ * After `register()` runs, we extend the OTel tracer provider so that spans
+ * created inside Cache Component renders (warmup / fallback-resume phases) use
+ * a fresh OTel context rather than inheriting the prerender work unit store.
+ * This mirrors Next.js's `afterRegistration()` call in
+ * `instrumentation-node-extensions.ts`.
+ *
  * @param instrumentationModule - The imported `instrumentation.ts` module.
  *   Passed as an argument so the generated entry can import it normally
  *   without this helper needing to know the module path.

package/dist/server/instrumentation-runtime.js

@@ -1,3 +1,4 @@
+import { extendTracerProviderForCacheComponents } from "./otel-tracer-extension.js";
 //#region src/server/instrumentation-runtime.ts
 let initialized = false;
 let initPromise = null;
@@ -8,6 +9,12 @@ function isOnRequestErrorHandler(value) {
 * Ensure the instrumentation module's `register()` and `onRequestError`
 * hooks have been applied exactly once.
 *
+* After `register()` runs, we extend the OTel tracer provider so that spans
+* created inside Cache Component renders (warmup / fallback-resume phases) use
+* a fresh OTel context rather than inheriting the prerender work unit store.
+* This mirrors Next.js's `afterRegistration()` call in
+* `instrumentation-node-extensions.ts`.
+*
 * @param instrumentationModule - The imported `instrumentation.ts` module.
 *   Passed as an argument so the generated entry can import it normally
 *   without this helper needing to know the module path.
@@ -18,6 +25,7 @@ async function ensureInstrumentationRegistered(instrumentationModule) {
 	if (initPromise) return initPromise;
 	initPromise = (async () => {
 		if (typeof instrumentationModule.register === "function") await instrumentationModule.register();
+		extendTracerProviderForCacheComponents();
 		if (isOnRequestErrorHandler(instrumentationModule.onRequestError)) globalThis.__VINEXT_onRequestErrorHandler__ = instrumentationModule.onRequestError;
 		initialized = true;
 	})();

package/dist/server/isr-decision.d.ts

@@ -0,0 +1,79 @@
+import { CacheControlMetadata } from "../shims/cache.js";
+import { NEVER_CACHE_CONTROL, NO_STORE_CACHE_CONTROL } from "./cache-control.js";
+
+//#region src/server/isr-decision.d.ts
+type IsrDisposition = "HIT" | "STALE" | "MISS";
+type IsrDecision = {
+  disposition: IsrDisposition; /** True when the caller must schedule a background regeneration. */
+  scheduleRegeneration: boolean; /** The `Cache-Control` string to stamp on the response. */
+  cacheControl: string;
+};
+/**
+ * Per-router special-case policies for `Cache-Control`.
+ *
+ * - `"app-page"` / `"pages"`: `buildCachedRevalidateCacheControl` for HIT/STALE.
+ * - `"app-route"`: same, but `revalidateSeconds=0` forces `NEVER_CACHE_CONTROL`
+ *   and `revalidateSeconds=Infinity` forces `STATIC_CACHE_CONTROL`.
+ * - `"dev"`: like `"pages"`, but `revalidate=0`/`Infinity` guards are absent
+ *   (dev never caches when revalidate=0 and never has Infinity entries in practice).
+ */
+type IsrPolicyKind = "app-page" | "app-route" | "pages" | "dev";
+type DecideIsrOptions = {
+  /**
+   * The cache state. Content guards (kind-mismatch, empty body,
+   * query-variant-unproven) must have already passed before passing
+   * `"HIT"` or `"STALE"` here.
+   */
+  cacheState: "HIT" | "STALE" | "MISS"; /** Which router is making the decision. */
+  kind: IsrPolicyKind;
+  /**
+   * The route's configured revalidate window in seconds. Used as the fallback
+   * when `cacheControlMeta` is absent.
+   *
+   * For `"dev"` call sites this is the only source of the revalidate value —
+   * dev never has metadata attached to a cache entry.
+   */
+  revalidateSeconds: number;
+  /**
+   * The expire ceiling (seconds from epoch) read from the route config.
+   * Absent when the route pre-dates expire metadata support.
+   */
+  expireSeconds?: number;
+  /**
+   * Optional per-entry metadata written alongside the cache value.
+   * When present its `revalidate`/`expire` fields override the route defaults,
+   * exactly as the call sites do today with `cacheControl?.revalidate ?? revalidateSeconds`.
+   */
+  cacheControlMeta?: CacheControlMetadata;
+};
+/**
+ * Derive the `Cache-Control` string for an ISR response.
+ *
+ * Content guards (kind mismatch, query-variant-unproven, empty body) are the
+ * caller's responsibility and must happen *before* this call. `cacheState`
+ * must only be `"HIT"` or `"STALE"` when those guards have already passed.
+ */
+declare function decideIsr(options: DecideIsrOptions): IsrDecision;
+/**
+ * Build the `Cache-Control` string for a fresh MISS response whose ISR policy
+ * is known (i.e. revalidate is set and > 0). Uses the unbounded SWR form when
+ * no expire ceiling is available, exactly as `buildRevalidateCacheControl` does.
+ *
+ * Separate from `decideIsr` because a MISS doesn't read a cache entry and
+ * therefore never has `cacheControlMeta`. `expireSeconds` here is the route
+ * config ceiling passed directly from the caller (not a per-entry fallback).
+ */
+declare function buildMissIsrCacheControl(revalidateSeconds: number, expireSeconds?: number): string;
+/**
+ * Build the `Cache-Control` string for a fresh (MISS) app-route response.
+ *
+ * Applies the same `revalidateSeconds=0`→NEVER and `Infinity`→STATIC gates
+ * that `decideIsr` uses for app-route cached responses. `expireSeconds` is
+ * the route config ceiling passed directly (not per-entry metadata fallback).
+ *
+ * Used by `applyRouteHandlerRevalidateHeader` which operates on a fresh
+ * response that has no per-entry cache metadata.
+ */
+declare function buildAppRouteMissIsrCacheControl(revalidateSeconds: number, expireSeconds?: number): string;
+//#endregion
+export { NEVER_CACHE_CONTROL as ISR_NEVER_CACHE_CONTROL, NO_STORE_CACHE_CONTROL as ISR_NO_STORE_CACHE_CONTROL, buildAppRouteMissIsrCacheControl, buildMissIsrCacheControl, decideIsr };

package/dist/server/isr-decision.js

@@ -0,0 +1,70 @@
+import { NEVER_CACHE_CONTROL, NO_STORE_CACHE_CONTROL, STATIC_CACHE_CONTROL, buildCachedRevalidateCacheControl, buildRevalidateCacheControl } from "./cache-control.js";
+//#region src/server/isr-decision.ts
+/** Resolve effective revalidate/expire, preferring per-entry metadata. */
+function resolveRevalidate(options) {
+	return {
+		effectiveRevalidate: options.cacheControlMeta?.revalidate ?? options.revalidateSeconds,
+		effectiveExpire: options.cacheControlMeta === void 0 ? void 0 : options.cacheControlMeta.expire ?? options.expireSeconds
+	};
+}
+function buildCacheControl(disposition, kind, revalidate, expire) {
+	if (kind === "app-route") {
+		if (revalidate === 0) return NEVER_CACHE_CONTROL;
+		if (revalidate === Infinity) return STATIC_CACHE_CONTROL;
+	}
+	return buildCachedRevalidateCacheControl(disposition, revalidate, expire);
+}
+/**
+* Derive the `Cache-Control` string for an ISR response.
+*
+* Content guards (kind mismatch, query-variant-unproven, empty body) are the
+* caller's responsibility and must happen *before* this call. `cacheState`
+* must only be `"HIT"` or `"STALE"` when those guards have already passed.
+*/
+function decideIsr(options) {
+	if (options.cacheState === "MISS") return {
+		disposition: "MISS",
+		scheduleRegeneration: false,
+		cacheControl: ""
+	};
+	const { effectiveRevalidate, effectiveExpire } = resolveRevalidate(options);
+	if (options.cacheState === "HIT") return {
+		disposition: "HIT",
+		scheduleRegeneration: false,
+		cacheControl: buildCacheControl("HIT", options.kind, effectiveRevalidate, effectiveExpire)
+	};
+	return {
+		disposition: "STALE",
+		scheduleRegeneration: true,
+		cacheControl: buildCacheControl("STALE", options.kind, effectiveRevalidate, effectiveExpire)
+	};
+}
+/**
+* Build the `Cache-Control` string for a fresh MISS response whose ISR policy
+* is known (i.e. revalidate is set and > 0). Uses the unbounded SWR form when
+* no expire ceiling is available, exactly as `buildRevalidateCacheControl` does.
+*
+* Separate from `decideIsr` because a MISS doesn't read a cache entry and
+* therefore never has `cacheControlMeta`. `expireSeconds` here is the route
+* config ceiling passed directly from the caller (not a per-entry fallback).
+*/
+function buildMissIsrCacheControl(revalidateSeconds, expireSeconds) {
+	return buildRevalidateCacheControl(revalidateSeconds, expireSeconds);
+}
+/**
+* Build the `Cache-Control` string for a fresh (MISS) app-route response.
+*
+* Applies the same `revalidateSeconds=0`→NEVER and `Infinity`→STATIC gates
+* that `decideIsr` uses for app-route cached responses. `expireSeconds` is
+* the route config ceiling passed directly (not per-entry metadata fallback).
+*
+* Used by `applyRouteHandlerRevalidateHeader` which operates on a fresh
+* response that has no per-entry cache metadata.
+*/
+function buildAppRouteMissIsrCacheControl(revalidateSeconds, expireSeconds) {
+	if (revalidateSeconds === 0) return NEVER_CACHE_CONTROL;
+	if (revalidateSeconds === Infinity) return STATIC_CACHE_CONTROL;
+	return buildRevalidateCacheControl(revalidateSeconds, expireSeconds);
+}
+//#endregion
+export { NEVER_CACHE_CONTROL as ISR_NEVER_CACHE_CONTROL, NO_STORE_CACHE_CONTROL as ISR_NO_STORE_CACHE_CONTROL, buildAppRouteMissIsrCacheControl, buildMissIsrCacheControl, decideIsr };

package/dist/server/metadata-route-response.js

@@ -53,9 +53,9 @@ function getMetadataRouteFunctions(route) {
 	routeFunctionCache.set(route, functions);
 	return functions;
 }
-function matchMetadataRoute(route, cleanPathname, functions) {
+function matchMetadataRoute(route, cleanPathname, functions, getUrlParts) {
 	if (route.patternParts) {
-		const urlParts = cleanPathname.split("/").filter(Boolean);
+		const urlParts = getUrlParts();
 		if (functions.hasGeneratedImageMetadata && urlParts.length > 0) {
 			const params = matchMetadataRoutePattern(urlParts.slice(0, -1), route.patternParts);
 			if (params) return {
@@ -184,6 +184,8 @@ function serveStaticMetadataRoute(route) {
 	}
 }
 async function handleMetadataRouteRequest(options) {
+	let urlParts;
+	const getUrlParts = () => urlParts ??= options.cleanPathname.split("/").filter(Boolean);
 	for (const route of options.metadataRoutes) {
 		const functions = getMetadataRouteFunctions(route);
 		if (route.type === "sitemap" && route.isDynamic) {
@@ -193,7 +195,7 @@ async function handleMetadataRouteRequest(options) {
 				continue;
 			}
 		}
-		const match = matchMetadataRoute(route, options.cleanPathname, functions);
+		const match = matchMetadataRoute(route, options.cleanPathname, functions, getUrlParts);
 		if (!match) continue;
 		return route.isDynamic ? callDynamicMetadataRoute(route, match, options.makeThenableParams, functions) : serveStaticMetadataRoute(route);
 	}

package/dist/server/middleware-runtime.d.ts

@@ -19,6 +19,19 @@ type MiddlewareHandler = (request: NextRequest, event: NextFetchEvent) => Respon
 type ExecuteMiddlewareOptions = {
   basePath?: string;
   filePath?: string;
+  /**
+   * Whether the incoming request was inside the configured basePath. Drives
+   * the `nextUrl.basePath` the middleware observes: in-basePath requests are
+   * re-prefixed so NextURL reports the configured basePath, while
+   * out-of-basePath ("absolute path") requests stay un-prefixed so middleware
+   * sees `nextUrl.basePath === ""` (Next.js `getNextPathnameInfo` semantics —
+   * see test/e2e/middleware-base-path "should execute from absolute paths").
+   * When omitted it is derived from the request URL, which is correct for the
+   * Pages prod/deploy adapters because they pass the original (un-stripped)
+   * URL. Callers that pass an already-stripped URL (dev server, App Router)
+   * must set this explicitly.
+   */
+  hadBasePath?: boolean;
   i18nConfig?: NextI18nConfig | null;
   includeErrorDetails?: boolean;
   /**

package/dist/server/middleware-runtime.js

@@ -1,4 +1,5 @@
 import { normalizePathnameForRouteMatchStrict } from "../routing/utils.js";
+import { addBasePathToPathname, hasBasePath, stripBasePath } from "../utils/base-path.js";
 import "./server-globals.js";
 import { getRequestExecutionContext, runWithExecutionContext } from "../shims/request-context.js";
 import { MIDDLEWARE_REWRITE_HEADER } from "./headers.js";
@@ -99,12 +100,13 @@ function resolveMiddlewarePathname(request) {
 		return badRequestResponse();
 	}
 }
-function createNextRequest(request, normalizedPathname, i18nConfig, basePath, trailingSlash) {
+function createNextRequest(request, normalizedPathname, i18nConfig, basePath, trailingSlash, hadBasePath) {
 	const url = new URL(request.url);
 	let mwRequest = request.body && !request.bodyUsed ? request.clone() : request;
-	if (normalizedPathname !== url.pathname) {
+	const mwPathname = basePath && hadBasePath ? addBasePathToPathname(normalizedPathname, basePath) : normalizedPathname;
+	if (mwPathname !== url.pathname) {
 		const mwUrl = new URL(url);
-		mwUrl.pathname = normalizedPathname;
+		mwUrl.pathname = mwPathname;
 		mwRequest = new Request(mwUrl, mwRequest);
 	}
 	const nextConfig = basePath || i18nConfig || trailingSlash ? {
@@ -124,9 +126,11 @@ async function executeMiddleware(options) {
 		continue: false,
 		response: normalizedPathname
 	};
-	if (!matchesMiddleware(normalizedPathname, middlewareMatcher(options.module), options.request, options.i18nConfig)) return { continue: true };
-	const nextRequest = createNextRequest(options.request, normalizedPathname, options.i18nConfig, options.basePath, options.trailingSlash);
-	const fetchEvent = new NextFetchEvent({ page: normalizedPathname });
+	const hadBasePath = options.hadBasePath ?? (!options.basePath || hasBasePath(new URL(options.request.url).pathname, options.basePath));
+	const matchPathname = options.basePath ? stripBasePath(normalizedPathname, options.basePath) : normalizedPathname;
+	if (!matchesMiddleware(matchPathname, middlewareMatcher(options.module), options.request, options.i18nConfig)) return { continue: true };
+	const nextRequest = createNextRequest(options.request, normalizedPathname, options.i18nConfig, options.basePath, options.trailingSlash, hadBasePath);
+	const fetchEvent = new NextFetchEvent({ page: matchPathname });
 	let response;
 	try {
 		response = await middlewareFn(nextRequest, fetchEvent);
@@ -195,7 +199,7 @@ async function executeMiddleware(options) {
 		try {
 			const rewriteParsed = new URL(rewriteUrl, options.request.url);
 			const requestOrigin = new URL(options.request.url).origin;
-			if (rewriteParsed.origin === requestOrigin) rewritePath = rewriteParsed.pathname + rewriteParsed.search;
+			if (rewriteParsed.origin === requestOrigin) rewritePath = (options.basePath ? stripBasePath(rewriteParsed.pathname, options.basePath) : rewriteParsed.pathname) + rewriteParsed.search;
 			else rewritePath = rewriteParsed.href;
 		} catch {
 			rewritePath = rewriteUrl;