From 98001867a332c3f8fe00a238451d9a1be9c59815 Mon Sep 17 00:00:00 2001 From: Blaine Bublitz Date: Tue, 21 May 2024 08:14:44 -0400 Subject: [PATCH 1/3] docs: Change defend to defense --- README.md | 2 +- analyze/README.md | 2 +- arcjet-next/README.md | 2 +- arcjet-node/README.md | 2 +- arcjet/README.md | 2 +- examples/nextjs-example/README.md | 4 ++-- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index f97389dbf..d749e747a 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@

[Arcjet][arcjet] helps developers protect their apps in just a few lines of -code. Implement rate limiting, bot protection, email verification & defend +code. Implement rate limiting, bot protection, email verification & defense against common attacks. This is the monorepo containing various [Arcjet][arcjet] open source packages diff --git a/analyze/README.md b/analyze/README.md index 834f4b900..a3d9f8604 100644 --- a/analyze/README.md +++ b/analyze/README.md @@ -17,7 +17,7 @@

[Arcjet][arcjet] helps developers protect their apps in just a few lines of -code. Implement rate limiting, bot protection, email verification & defend +code. Implement rate limiting, bot protection, email verification & defense against common attacks. This is the [Arcjet][arcjet] local analysis engine. diff --git a/arcjet-next/README.md b/arcjet-next/README.md index ed93a7e6f..07f785bb7 100644 --- a/arcjet-next/README.md +++ b/arcjet-next/README.md @@ -17,7 +17,7 @@

[Arcjet][arcjet] helps developers protect their apps in just a few lines of -code. Implement rate limiting, bot protection, email verification & defend +code. Implement rate limiting, bot protection, email verification & defense against common attacks. This is the [Arcjet][arcjet] SDK for the [Next.js][next-js] framework. diff --git a/arcjet-node/README.md b/arcjet-node/README.md index 3f7d0d113..f6a92f5d2 100644 --- a/arcjet-node/README.md +++ b/arcjet-node/README.md @@ -17,7 +17,7 @@

[Arcjet][arcjet] helps developers protect their apps in just a few lines of -code. Implement rate limiting, bot protection, email verification & defend +code. Implement rate limiting, bot protection, email verification & defense against common attacks. This is the [Arcjet][arcjet] SDK for [Node.js][node-js]. diff --git a/arcjet/README.md b/arcjet/README.md index cc7fb60fe..1b25ef2a8 100644 --- a/arcjet/README.md +++ b/arcjet/README.md @@ -17,7 +17,7 @@

[Arcjet][arcjet] helps developers protect their apps in just a few lines of -code. Implement rate limiting, bot protection, email verification & defend +code. Implement rate limiting, bot protection, email verification & defense against common attacks. This is the [Arcjet][arcjet] TypeScript and JavaScript SDK core. diff --git a/examples/nextjs-example/README.md b/examples/nextjs-example/README.md index ac4f82589..de2870e11 100644 --- a/examples/nextjs-example/README.md +++ b/examples/nextjs-example/README.md @@ -7,8 +7,8 @@ This example uses the [Arcjet](https://arcjet.com/) SDK to implement a token bucket rate limit for API routes. It does not require any additional infrastructure e.g. Redis. -The Arcjet SDK allows you to Implement rate limiting, bot protection, email -verification & defend against common attacks. See [the +The Arcjet SDK allows you to implement rate limiting, bot protection, email +verification & defense against common attacks. See [the docs](https://docs.arcjet.com/) for details. ## Deploy your own From d7ea5bd1241fe7dad8d9ec83743c6d8ce141e2c0 Mon Sep 17 00:00:00 2001 From: Blaine Bublitz Date: Tue, 21 May 2024 08:17:47 -0400 Subject: [PATCH 2/3] docs: Remove wording that implies is Shield is added by default --- arcjet-bun/README.md | 4 ++-- arcjet-next/README.md | 21 +++++++++++---------- arcjet-node/README.md | 17 +++++++++-------- arcjet-sveltekit/README.md | 4 ++-- examples/sveltekit/README.md | 2 +- 5 files changed, 25 insertions(+), 23 deletions(-) diff --git a/arcjet-bun/README.md b/arcjet-bun/README.md index 96da0e086..f609c5a39 100644 --- a/arcjet-bun/README.md +++ b/arcjet-bun/README.md @@ -75,8 +75,8 @@ export default { ## Shield example [Arcjet Shield][shield-concepts-docs] protects your application against common -attacks, including the OWASP Top 10. It’s enabled by default and runs on every -request with negligible performance impact. +attacks, including the OWASP Top 10. You can run Shield on every request with +negligible performance impact. ```ts import arcjet, { shield } from "@arcjet/bun"; diff --git a/arcjet-next/README.md b/arcjet-next/README.md index 07f785bb7..935b2af61 100644 --- a/arcjet-next/README.md +++ b/arcjet-next/README.md @@ -86,22 +86,23 @@ export async function GET(req: Request) { ## Shield example [Arcjet Shield](https://docs.arcjet.com/shield/concepts) protects your -application against common attacks, including the OWASP Top 10. It’s enabled by -default and runs on every request with negligible performance impact. +application against common attacks, including the OWASP Top 10. You can run +Shield on every request with negligible performance impact. See the [Arcjet Shield documentation](https://docs.arcjet.com/shield/quick-start/nextjs) for details. ```ts -import arcjet from "@arcjet/next"; +import arcjet, { shield } from "@arcjet/next"; import { NextResponse } from "next/server"; const aj = arcjet({ - // Get your site key from https://app.arcjet.com - // and set it as an environment variable rather than hard coding. - // See: https://nextjs.org/docs/app/building-your-application/configuring/environment-variables - key: process.env.ARCJET_KEY, - rules: [], // Shield requires no rule configuration + key: process.env.ARCJET_KEY, // Get your site key from https://app.arcjet.com + rules: [ + shield({ + mode: "LIVE", // will block requests. Use "DRY_RUN" to log only + }), + ], }); export async function GET(req: Request) { @@ -109,8 +110,8 @@ export async function GET(req: Request) { if (decision.isDenied()) { return NextResponse.json( - { error: "Too Many Requests", reason: decision.reason }, - { status: 429 }, + { error: "Forbidden", reason: decision.reason }, + { status: 403 }, ); } diff --git a/arcjet-node/README.md b/arcjet-node/README.md index f6a92f5d2..280754e3f 100644 --- a/arcjet-node/README.md +++ b/arcjet-node/README.md @@ -82,19 +82,20 @@ server.listen(8000); ## Shield example [Arcjet Shield][shield-concepts-docs] protects your application against common -attacks, including the OWASP Top 10. It’s enabled by default and runs on every -request with negligible performance impact. +attacks, including the OWASP Top 10. You can run Shield on every request with +negligible performance impact. ```ts -import arcjet from "@arcjet/node"; +import arcjet, { shield } from "@arcjet/node"; import http from "node:http"; const aj = arcjet({ - // Get your site key from https://app.arcjet.com - // and set it as an environment variable rather than hard coding. - // See: https://nextjs.org/docs/app/building-your-application/configuring/environment-variables - key: process.env.ARCJET_KEY, - rules: [], // Shield requires no rule configuration + key: process.env.ARCJET_KEY!, // Get your site key from https://app.arcjet.com + rules: [ + shield({ + mode: "LIVE", // will block requests. Use "DRY_RUN" to log only + }), + ], }); const server = http.createServer(async function ( diff --git a/arcjet-sveltekit/README.md b/arcjet-sveltekit/README.md index d7c6c2be8..9600f8e2c 100644 --- a/arcjet-sveltekit/README.md +++ b/arcjet-sveltekit/README.md @@ -72,8 +72,8 @@ export async function load(event: RequestEvent) { ## Shield example [Arcjet Shield][shield-concepts-docs] protects your application against common -attacks, including the OWASP Top 10. It’s enabled by default and runs on every -request with negligible performance impact. +attacks, including the OWASP Top 10. You can run Shield on every request with +negligible performance impact. ```ts // In your `hooks.server.ts` file diff --git a/examples/sveltekit/README.md b/examples/sveltekit/README.md index c5a0d9eab..8b95d79e4 100644 --- a/examples/sveltekit/README.md +++ b/examples/sveltekit/README.md @@ -42,7 +42,7 @@ This example shows how to use Arcjet to protect [SvelteKit](https://kit.svelte.d ## How it works -The `arcjet` instance is created in the server-only module `/src/lib/server/arcjet.ts` and is configured to enable [Shield](https://docs.arcjet.com/shield) by default. +The `arcjet` instance is created in the server-only module `/src/lib/server/arcjet.ts` and is configured to enable [Shield](https://docs.arcjet.com/shield). `/src/hooks.server.ts` imports the `arcjet` instance and runs the `protect()` method on all requests. The only exception is any requests who's pathanme is listed in `filteredRoutes`, in which case protection is left to that route's server code. From fce14ac7f4ed091bcf542522807eb39d8840213c Mon Sep 17 00:00:00 2001 From: David Mytton Date: Tue, 21 May 2024 13:49:00 +0100 Subject: [PATCH 3/3] Also add Bun & SvelteKit SDKs --- README.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index d749e747a..cef8f4d83 100644 --- a/README.md +++ b/README.md @@ -23,12 +23,17 @@ for JS. ## Quick start +- **Bun?** Use the [`@arcjet/bun`](https://www.npmjs.com/package/@arcjet/bun) + package. - **Next.js?** Use the [`@arcjet/next`](https://www.npmjs.com/package/@arcjet/next) package with our [Next.js quick start guide](https://docs.arcjet.com/get-started/nextjs). - **Node.js?** Use the [`@arcjet/node`](https://www.npmjs.com/package/@arcjet/node) package with our [Node.js quick start guide](https://docs.arcjet.com/get-started/nodejs). +- **SvelteKit?** Use the + [`@arcjet/sveltekit`](https://www.npmjs.com/package/@arcjet/sveltekit) + package. ## Get help @@ -145,9 +150,10 @@ find a specific one through the categories and descriptions below. ### SDKs +- [`@arcjet/bun`](./arcjet-bun/README.md): SDK for Bun.sh. - [`@arcjet/next`](./arcjet-next/README.md): SDK for the Next.js framework. - [`@arcjet/node`](./arcjet-node/README.md): SDK for Node.js. -- [`@arcjet/bun`](./arcjet-bun/README.md): SDK for Bun.sh. +- [`@arcjet/sveltekit`](./arcjet-sveltekit/README.md): SDK for SvelteKit. ### Analysis