This expression is not callable.
csulit opened this issue · comments
src/main.ts:48:11 - error TS2349: This expression is not callable.
Type 'typeof import("C:/Users/ChristianAngeloSulit/Documents/GitHub/hris_system/hris-backend/node_modules/helmet/dist/index")' has no call signatures.
48 app.use(helmet());
Sorry about this!
Could you create a small sample app that demonstrates the problem? Also, what version of Helmet are you using?
Sorry about this!
Could you create a small sample app that demonstrates the problem? Also, what version of Helmet are you using?
v5.0.0
Could you create a small sample app that demonstrates the problem?: sure will upload it later.
import { ValidationPipe } from '@nestjs/common';
import { NestFactory } from '@nestjs/core';
import { NestExpressApplication } from '@nestjs/platform-express';
import * as compression from 'compression';
import * as cookieParser from 'cookie-parser';
import * as helmet from 'helmet';
import * as hpp from 'hpp';
import * as xss from 'xss-clean';
import { AppModule } from './app.module';
import TransformInterceptor from './common/interceptor/transform.interceptor';
import HttpExceptionFilter from './common/serializer/exception/http.exception';
import PrismaExceptionFilter from './common/serializer/exception/prisma.exception';
import { PrismaClientService } from './prisma-client/prisma-client.service';
async function bootstrap() {
const app = await NestFactory.create<NestExpressApplication>(AppModule);
app.useGlobalFilters(new HttpExceptionFilter());
app.useGlobalFilters(new PrismaExceptionFilter());
app.useGlobalInterceptors(new TransformInterceptor());
if (process.env.NODE_ENV === 'development') {
app.setGlobalPrefix('api');
}
app.useGlobalPipes(
new ValidationPipe({
whitelist: true,
transform: true,
forbidNonWhitelisted: true,
}),
);
app.enableCors({
origin: ['http://localhost:3000'],
methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS', 'HEAD'],
credentials: true,
});
app.use(
hpp({
whitelist: [],
}),
);
app.use(cookieParser());
app.use(helmet());
app.use(xss());
app.use(compression());
const prismaClientService: PrismaClientService = app.get(PrismaClientService);
prismaClientService.enableShutdownHooks(app);
await app.listen(process.env.PORT || 4001);
}
bootstrap();
@EvanHahn this solves the issue.
Same problem here, using typescript, following the quick start, https://helmetjs.github.io with app.use(helmet());
tl;dr: change your import.
-import * as helmet from 'helmet';
+import helmet from 'helmet';
// ...
app.use(helmet());
I believe this is working as expected. This kind of import should never work:
// This should not work:
import * as foo from 'my-example-import';
foo();
That's because import *
imports the whole package as a namespace. TypeScript sometimes lets you get away with this, but it's not technically valid JavaScript as far as I understand.
You can fix it in one of two ways:
-
Import Helmet's default export:
import helmet from 'helmet'; // ... app.use(helmet());
-
Import Helmet as a namespace, then use its subpackages. Be careful not to forget any! (This is the same as what @csulit suggested.)
import * as helmet from 'helmet'; // ... app.use(helmet.contentSecurityPolicy()); app.use(helmet.dnsPrefetchControl()); // ...
I'm going to close this issue because I think things are working as intended, but let me know if that's wrong and I can reopen.