Industry News

The Vercel Web Application Firewall (WAF) inspects billions of requests every day to block application-layer threats, such as cross-site scripting, traversal, and application DDoS attacks. While we already inspect and block malicious bot traffic, we wanted to provide better, more precise controls to fine tune your application security. Today, we're launching the Bot Filter managed ruleset, free for all users on all plans. With a single click, you can protect your application from bot attacks. Read more Continue reading...

Vercel Functions using Node.js can now detect when a request is cancelled and stop execution before completion. This includes actions like navigating away, closing a tab, or hitting stop on an AI chat to terminate compute processing early. This reduces unnecessary compute, token generation, and sending data the user never see. You can listen for cancellation using Request.signal.aborted or the abort event: If you're using the AI SDK, forward the abortSignal to your stream: Learn more about cancelling Function requests. Read more Continue reading...

Vercel Web Application Firewall now includes a new Bot Filter managed ruleset, available in public beta for all users. Bot Filter helps reduce automated traffic from non-browser sources and allows you to respond based on two action choices: Log Only Action: Logs identified bot traffic in the Firewall tab without blocking requests Challenge Action: Serves a browser challenge to traffic from non-browser sources. Verified bots are automatically excluded To avoid disrupting legitimate automated traffic that's not already covered by Verified Bots, you can configure custom WAF rules using the bypass action for specific requests. To enable the ruleset: In your project dashboard, navigate to the Firewall tab and select Configure...

Prisma is now available as a storage provider on the Vercel Marketplace, offering Prisma Postgres, a serverless database optimized for fullstack and edge applications. With automated account creation, integrated billing through Vercel, and a generous free tier, developers can now get started with Prisma Postgres in just a few clicks, no separate signup required. With the Prisma native integration, Vercel users get: A high-performance Postgres database with zero cold starts Automatic scaling with built-in global caching and connection pooling Visual data management and AI-powered performance suggestions Get started with Prisma on the Vercel Marketplace. Available to customers on all plans. Read more Continue reading...

New Vercel projects now run on Fluid compute by default. This update follows Fluid’s general availability, its adoption across large-scale production apps, and all v0.dev deployments shipping with Fluid enabled by default. Fluid compute reuses existing instances before spawning new ones, cutting costs by up to 85% for high-concurrency workloads. It combines the efficiency of servers with the flexibility of serverless: Concurrent requests per function Scale from zero to infinity Minimal cold starts Usage-based, pay as you go Full Node.js and Python support No infrastructure to manage Background tasks with waitUntil Enable Fluid for your existing projects, and learn more in our blog and documentation. Read more...

In today's rapidly evolving tech landscape, AI has moved from research labs to everyday tools with stunning speed. I wanted to share my perspective, not only as a CTO at Vercel, but as an engineer who's seen a few revolutions over the past 30 years. Read more Continue reading...

Security researchers reviewing the Remix web framework have recently discovered a high-severity vulnerability in React Router that allows URL manipulation through the Host/ X-Forwarded-Host header. Our investigation determined that Vercel and our customers are unaffected: We use query parameters as part of the cache key, which protects against cache poisoning driven by the _data query praram. The @vercel/remix adapter uses X-Forwarded-Host similarly to the Express adapter, but it is not possible for an end user to send X-Forwarded-Host to a Function hosted on Vercel. A patch has been issued and released in Remix 2.16.3 / React Router 7.4.1. We recommend customers update to the latest version. Read more about CVE-2025-31137...

Today we are lowering the price of Fast Data Transfer (FDT) for Vercel regions in Asia Pacific, Latin America, and Africa by up to 50%. The new FDT regional pricing is rolling out for all Pro and Enterprise plans: All new Pro and Enterprise users will be charged the new price moving forward. For existing Pro users, the new pricing applies starting today. For existing Enterprise users, it will apply at the start of the next billing cycle (typically monthly). Vercel Region Old price per GB New price per GB Cape Town, South Africa (cpt1) $0.39 $0.28 Hong Kong (hkg1) $0.30 $0.16 Mumbai, India (bom1) $0.33 $0.20 Osaka, Japan (kix1) $0.31 $0.16 Sao Paulo, Brazil (gru1) $0.44 $0.22...

Enhanced Builds now offer double the compute capacity, further improving performance for large codebases and CPU-intensive builds. Available to Enterprise customers, Enhanced Builds are designed for teams working with monorepos or frameworks that run tasks in parallel—like dependency resolution, transpilation, or static generation. Customers already using Enhanced Builds are seeing, with no action required, up to 25% reductions in build times. Learn more in our documentation or speak to your Vercel account team to enable Enhanced Builds. Read more Continue reading...

A Spanish court has granted LALIGA the power to block IP addresses associated with unauthorized football streaming—without distinguishing between infringing and non-infringing services. As a result, legitimate, unrelated websites that people depend on are now inaccessible in Spain. Read more Continue reading...

Routing is a fundamental part of delivering applications, but it’s often treated as an afterthought—tacked onto the caching layer and configured through complex YAML or manual click-ops. This can introduce friction for teams, increase the risk of misconfigurations, and slow down deployments, especially as applications grow in complexity. Vercel takes a different approach: routing is built into the platform as an application-aware gateway that understands your codebase. This unlocks a range of capabilities that simplify development by reducing configuration overhead, minimizing latency, and enabling more advanced architectures. The gateway has full context of your deployments, domains, and logic. It supports standard routing and custom...

Grep is extremely fast code search. You can search over a million repositories for specific code snippets, files, or paths. Search results need to appear instantly without loading spinners. Originally built with Create React App (CRA) as a fully client-rendered Single-Page App (SPA), Grep was fast—but with CRA now deprecated, we wanted to update the codebase to make it even faster and easier to maintain going forward. Here's how we migrated Grep to Next.js—keeping the interactivity of a SPA, but with the performance improvements from React Server Components. Read more Continue reading...

SvelteKit routes with dynamic segments—like /blog/[slug]—are now individually recognized and surfaced by Vercel Observability. This replaces the previous behavior where all dynamic routes appeared under a single /fn entry. This is available with version 5.7.0 of @sveltejs/adapter-vercel. Upgrade to unlock improved observability for your SvelteKit projects. Learn more about Vercel Observability. Read more Continue reading...

Node.js 18 (LTS support ends April 30, 2025) and the Vercel legacy build image will be deprecated on August 1, 2025. If you are still using the legacy build image on this date, new builds will display an error. How do I know if I am still using the legacy build image? Projects using Node.js 18.x in Build and Deployment Settings use the legacy build image Projects using overrides in package.json use the legacy build image What changes between the legacy build image and latest build image? The minimum version of Node.js is now 20.x The Python toolchain version is now 3.12 The Ruby toolchain version is now 3.3.x Will my existing deployments be affected? Existing deployments will not be affected. However, the Node.js...

The AI SDK powers incredible applications across the web, and today we're announcing the Chat SDK—a best-in-class, production-ready template for building conversational AI applications like ChatGPT or Claude artifacts. Read more Continue reading...

xAI's latest and most powerful Grok 3 models are now available through the Vercel Marketplace, bringing state-of-the-art AI capabilities to your Vercel projects. To get started, you can use the AI SDK xAI provider in your project: Then, install the xAI Marketplace Integration with Vercel CLI (or from the dashboard): Once you've accepted the terms, you'll be able to use Grok models from within your project, with no additional steps necessary. To help you get started, we've also made a ']ready-to-deploy Next.js xAI starter template. To learn more about xAI on Vercel, read our announcement and the documentation. Read more Continue reading...

The Vercel Marketplace adds new integrations from Sentry, Checkly, and Dash0. You can now use the tools you already trust to monitor, measure, and debug your apps. No custom setup. No change to how you build or deploy. These tools connect directly through the Vercel Marketplace with integrated billing, single sign-on, and access to provider dashboards, giving you deep visibility without the setup overhead. Read more Continue reading...

Google and Bing web crawlers occasionally crawl a document, but render it up to several weeks later using a headless browser. This delay between document crawl and assets download (which happens during render) can cause indexing failures if the website has been re-deployed since the crawl. Vercel now automatically protects against such indexing failures for projects that have Skew Protection enabled. This was achieved by extending the maximum age for Skew Protection to 60 days for requests coming from major search engine bots, such as Googlebot and Bingbot. This means that assets deployed up to 60 days ago will still be accessible to search engines when they render your document. Regardless of the maximum age configured in the...

New native integrations from Sentry, Checkly, and Dash0 are now available on the Vercel Marketplace, helping make it easier to monitor, debug, and optimize your applications—all in one place. Sentry: Real-time error tracking and performance monitoring for faster issue resolution Checkly: End-to-end monitoring and synthetic checks for your frontend and APIs Dash0: Log management and structured observability, built with a developer-first experience. Dash0 also supports Native Log Drains, allowing you to stream logs from your Vercel projects to external logging systems for deeper insights and centralized monitoring This launch introduces Log Drain support for native integrations—a capability that was previously only available...

Securing web applications is core to the Vercel platform. It’s built into every request, every deployment, every layer of our infrastructure. Our always-on Denial-of-Service (DoS) mitigations have long run by default—silently blocking attacks before they ever reach your applications. Last year, we made those always-on mitigations visible with the release of the Vercel Firewall, which allows you to inspect traffic, apply custom rules, and understand how the platform defends your deployments. Now, we’re introducing Protectd, our next-generation real-time security engine. Running across all deployments, Protectd reduces mitigation times for novel DoS attacks by over tenfold, delivering faster, more adaptive protection against emerging...