Arcjet has announced the release of version 1 of its JavaScript SDK designed to enable security capabilities like bot detection, email validation, attack protection, and data redaction across JavaScript apps.
“Shipping v1.0 is a clear signal to developers that Arcjet’s API is stable and fully tested with real production workloads,” said David Mytton, CEO of Arcjet. “Security should not introduce more work. It should quietly remove an entire class of problems so teams can focus on building features instead of maintaining tooling.”
The Arcjet JavaScript SDK can be used to block bad bots, verify legitimate ones, and generally reduce unwanted automated requests to a developer’s JavaScript application. They can set rate limits to control how many requests a client can make, and set custom security and traffic rules to block unwanted traffic based on request fields, IP reputation, geography, VPN or proxy usage, and other signals.
Additionally, it offers capabilities for email validation, which verifies email addresses in an application to reduce spam and fraudulent signups, and signup form protection, which combines bot protection, email validation, and rate limiting to prevent spam.
The SDK also protects applications against common web attacks, such as those found in the OWASP Top 10, by analyzing traffic and blocking clients that are exhibiting suspicious behavior.
Finally, it can detect and block sensitive data in requests before it enters the application, allowing developers to avoid having to handle personally identifiable information (PII) if they do not wish to.
The SDK currently supports Astro, Bun, Deno, Fastify, NestJS, Next.js, Node.js, Nuxt, React Router, Remix, and SvelteKit. The company also offers integrations with Vercel, Netlify, Fly.io, Clerk, OpenAI, LangChain, and Auth.js.
Going forward, the company plans to release a new version of the Arcjet JavaScript SDK every month.
“That approach reduces noise and makes adoption easier for teams running real production workloads. Developers don’t want constant motion in their dependencies, they want steady progress without surprises,” the company wrote in a blog post.
