Updating dependencies and MAX_REQUEST_SIZE in node-service

Author: FalkWolsky

server/node-service/package.json

@@ -38,7 +38,7 @@
     "@aws-sdk/client-s3": "^3.332.0",
     "@aws-sdk/s3-request-presigner": "^3.332.0",
     "@duckdb/node-api": "^1.3.0-alpha.21",
-    "@google-cloud/bigquery": "^6.1.0",
+    "@google-cloud/bigquery": "^8.1.1",
     "@google-cloud/storage": "^6.10.1",
     "@supabase/supabase-js": "^2.26.0",
     "@types/cors": "^2.8.17",
@@ -48,15 +48,15 @@
     "@types/morgan": "^1.9.3",
     "@types/node": "^22.10.5",
     "@types/node-fetch": "^2.6.2",
-    "ali-oss": "^6.20.0",
+    "ali-oss": "^6.23.0",
     "axios": "^1.7.9",
     "base64-arraybuffer": "^1.0.2",
     "bluebird": "^3.7.2",
     "cors": "^2.8.5",
     "dynamodb-data-types": "^4.0.1",
-    "express": "^4.21.0",
+    "express": "^4.21.1",
     "express-async-errors": "^3.1.1",
-    "firebase-admin": "^12.6.0",
+    "firebase-admin": "^13.6.0",
     "formdata-node": "4",
     "graphql": "^16.9.0",
     "graphql-request": "^6.1.0",
@@ -71,9 +71,9 @@
     "openapi-types": "^12.1.3",
     "pino": "^9.5.0",
     "prom-client": "^14.2.0",
-    "proxy-agent": "^5.0.0",
+    "proxy-agent": "^6.5.0",
     "stylis": "^4.3.0",
-    "swagger-client": "^3.32.2",
+    "swagger-client": "^3.36.0",
     "typescript": "^4.9.3",
     "yaml": "^2.6.0"
   },

server/node-service/src/common/fetch.ts

@@ -1,6 +1,11 @@
-import nodeFetch, { RequestInit, RequestInfo } from "node-fetch";
-import proxyAgent from "proxy-agent";
+import { ProxyAgent } from "proxy-agent";
+import nodeFetch, { RequestInit } from "node-fetch";
 
-export function fetch(url: RequestInfo, init?: RequestInit) {
-  return nodeFetch(url, { agent: proxyAgent(), ...init });
+const proxyAgent = new ProxyAgent();
+
+export function fetch(url: string, init: RequestInit = {}) {
+  return nodeFetch(url, {
+    ...init,
+    agent: proxyAgent,
+  });
 }

server/node-service/src/server.ts

@@ -30,22 +30,25 @@ router.use(prefix, express.static(path.join(__dirname, "static")));
 /** Logging */
 router.use(morgan("dev"));
 
-const MAX_REQUEST_SIZE = process.env.LOWCODER_MAX_REQUEST_SIZE || "50mb";
+const MAX_REQUEST_SIZE_BYTES = parseRequestLimitNoLib(
+  process.env.LOWCODER_MAX_REQUEST_SIZE,
+  "50mb"
+);
 
 /** Parse the request */
-router.use(express.urlencoded({ extended: false, limit: MAX_REQUEST_SIZE }));
+router.use(express.urlencoded({ extended: false, limit: MAX_REQUEST_SIZE_BYTES }));
 
 /** Custom middleware: use raw body for encrypted requests */
 router.use((req, res, next) => {
   if (req.headers["x-encrypted"]) {
-    bodyParser.text({ type: "*/*", limit: MAX_REQUEST_SIZE })(req, res, next);
+    bodyParser.text({ type: "*/*", limit: MAX_REQUEST_SIZE_BYTES })(req, res, next);
   } else {
-    bodyParser.json({ limit: MAX_REQUEST_SIZE })(req, res, next);
+    bodyParser.json({ limit: MAX_REQUEST_SIZE_BYTES })(req, res, next);
   }
 });
 
 /** Takes care of JSON data */
-router.use(express.json({ limit: MAX_REQUEST_SIZE }));
+router.use(express.json({ limit: MAX_REQUEST_SIZE_BYTES }));
 
 /** RULES OF OUR API */
 
@@ -62,7 +65,7 @@ const corsOptions: CorsOptions = {
     'Accept',
     'Content-Type'
   ],
-  methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH']
+  methods: ['GET', 'POST', 'PUT', 'DELETE', 'PATCH', 'OPTIONS']
 };
 
 router.use(cors(corsOptions));
@@ -97,3 +100,106 @@ router.use((req, res, next) => {
 const httpServer = http.createServer(router);
 const PORT = process.env.NODE_SERVICE_PORT ?? 6060;
 httpServer.listen(PORT, () => logger.info(`The server is running on port: ${PORT}`));
+
+/**
+ * Parses request size strings into bytes.
+ *
+ * Accepts:
+ *  - "52428800"                 => bytes
+ *  - "50mb", "128kb", "1gb"     => bytes (binary base 1024)
+ *  - "50m", "128k", "1g"        => Spring short units (treated as mb/kb/gb)
+ *  - "1.5m", "0.25gb"           => decimals supported
+ *  - "50 m"                     => whitespace tolerated
+ *
+ * Units are binary (KiB/MiB/GiB) using 1024 multipliers, which matches Node conventions well.
+ * (If you want decimal SI units (1000), adjust multipliers accordingly.)
+ */
+function parseRequestLimitNoLib(input: unknown, fallback: string = "50mb"): number {
+  const raw = input ?? fallback;
+
+  // Direct number => bytes
+  if (typeof raw === "number") {
+    if (!Number.isFinite(raw) || raw <= 0) throw new Error(`Invalid request size number: ${raw}`);
+    return Math.floor(raw);
+  }
+
+  const s0 = String(raw).trim();
+  if (!s0) return parseRequestLimitNoLib(fallback);
+
+  // Remove whitespace and lowercase
+  const s = s0.replace(/\s+/g, "").toLowerCase();
+
+  // Pure integer bytes
+  if (/^\d+$/u.test(s)) {
+    const n = Number(s);
+    if (!Number.isFinite(n) || n <= 0) throw new Error(`Invalid request size: ${s0}`);
+    return n;
+  }
+
+  // Match: number + unit (unit may be k|kb|m|mb|g|gb|t|tb|p|pb|b)
+  const m = s.match(/^(\d+(?:\.\d+)?)(b|kb|k|mb|m|gb|g|tb|t|pb|p)$/u);
+  if (!m) {
+    throw new Error(
+      `Invalid LOWCODER_MAX_REQUEST_SIZE: "${s0}". ` +
+      `Use bytes ("52428800"), long units ("50mb"), or Spring units ("50m").`
+    );
+  }
+
+  const value = Number(m[1]);
+  const unit = m[2];
+
+  if (!Number.isFinite(value) || value <= 0) {
+    throw new Error(`Invalid LOWCODER_MAX_REQUEST_SIZE numeric value: "${m[1]}"`);
+  }
+
+  // Binary multipliers (base 1024)
+  const KB = 1024;
+  const MB = 1024 * KB;
+  const GB = 1024 * MB;
+  const TB = 1024 * GB;
+  const PB = 1024 * TB;
+
+  let bytes: number;
+
+  switch (unit) {
+    case "b":
+      bytes = value;
+      break;
+
+    case "k":
+    case "kb":
+      bytes = value * KB;
+      break;
+
+    case "m":
+    case "mb":
+      bytes = value * MB;
+      break;
+
+    case "g":
+    case "gb":
+      bytes = value * GB;
+      break;
+
+    case "t":
+    case "tb":
+      bytes = value * TB;
+      break;
+
+    case "p":
+    case "pb":
+      bytes = value * PB;
+      break;
+
+    default:
+      // Should be unreachable because of regex, but keep safe:
+      throw new Error(`Unsupported unit: "${unit}"`);
+  }
+
+  // Guard: must fit into a safe integer
+  if (!Number.isFinite(bytes) || bytes <= 0 || !Number.isSafeInteger(Math.floor(bytes))) {
+    throw new Error(`LOWCODER_MAX_REQUEST_SIZE too large or invalid: "${s0}"`);
+  }
+
+  return Math.floor(bytes);
+}