{"id":10667,"library":"contentstack","title":"Contentstack JavaScript Delivery SDK","description":"The Contentstack JavaScript SDK provides a robust interface for interacting with the Contentstack headless CMS, enabling developers to build various applications, including Node.js, React Native, and browser-based frontends. Currently stable at version 3.27.0, the SDK undergoes active development with frequent patch and minor releases addressing bug fixes, security updates, and feature enhancements. Its API-first design allows for seamless content delivery across platforms, differentiating it by focusing on developer experience and multi-platform support. Users should note the requirement for Node.js version 10.14.2 or higher for server-side implementations, though the TypeScript Delivery SDK documentation suggests Node.js 22 or later is preferred for the TypeScript variant. The SDK is read-only, focusing on content delivery and leveraging Fastly CDN for optimal performance.","status":"active","version":"3.27.0","language":"javascript","source_language":"en","source_url":"https://github.com/contentstack/contentstack-javascript","tags":["javascript","typescript"],"install":[{"cmd":"npm install contentstack","lang":"bash","label":"npm"},{"cmd":"yarn add contentstack","lang":"bash","label":"yarn"},{"cmd":"pnpm add contentstack","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"Vulnerable versions (CVE-2025-15284) were previously used; updated in v3.26.4.","package":"qs","optional":false}],"imports":[{"note":"This is the primary default export for the SDK. For CommonJS, `const Contentstack = require('contentstack');` is typically used and correctly returns the default export.","wrong":"import { Contentstack } from 'contentstack';","symbol":"Contentstack","correct":"import Contentstack from 'contentstack';"},{"note":"The `Stack` initialization method is accessed as a property of the default `Contentstack` export, not a named export itself.","wrong":"import { Stack } from 'contentstack';","symbol":"Stack","correct":"import Contentstack from 'contentstack'; const Stack = Contentstack.Stack({ ... });"},{"note":"Region enum values (e.g., EU, AU, AZURE_NA, GCP_EU) are properties of the default `Contentstack` export, used for configuring the delivery region during SDK initialization.","wrong":"import { Region } from 'contentstack';","symbol":"Region (Enum)","correct":"import Contentstack from 'contentstack'; Contentstack.Region.EU;"}],"quickstart":{"code":"import Contentstack from 'contentstack';\n\nconst API_KEY = process.env.CONTENTSTACK_API_KEY ?? '';\nconst DELIVERY_TOKEN = process.env.CONTENTSTACK_DELIVERY_TOKEN ?? '';\nconst ENVIRONMENT = process.env.CONTENTSTACK_ENVIRONMENT ?? '';\nconst CONTENT_TYPE_UID = 'blog'; // Replace with your content type UID\nconst ENTRY_UID = 'your_entry_uid'; // Replace with a specific entry UID\n\nif (!API_KEY || !DELIVERY_TOKEN || !ENVIRONMENT) {\n console.error('Missing Contentstack credentials. Please set CONTENTSTACK_API_KEY, CONTENTSTACK_DELIVERY_TOKEN, and CONTENTSTACK_ENVIRONMENT environment variables.');\n process.exit(1);\n}\n\nconst Stack = Contentstack.Stack({\n api_key: API_KEY,\n delivery_token: DELIVERY_TOKEN,\n environment: ENVIRONMENT,\n // Optional: Set a specific region, e.g., for Europe\n // region: Contentstack.Region.EU \n});\n\nasync function fetchEntry() {\n try {\n const query = Stack.ContentType(CONTENT_TYPE_UID).Entry(ENTRY_UID);\n const entry = await query.toJSON().fetch();\n console.log('Fetched Entry Title:', entry.get('title'));\n console.log('Entry content:', entry.toJSON());\n } catch (error) {\n console.error('Error fetching entry:', error);\n }\n}\n\nfetchEntry();","lang":"typescript","description":"This quickstart demonstrates how to initialize the Contentstack SDK and fetch a single entry by its content type UID and entry UID. It includes essential error handling for missing credentials and showcases region configuration."},"warnings":[{"fix":"Upgrade to `contentstack@3.26.4` or higher to mitigate the 'qs' dependency vulnerability.","message":"A security vulnerability (CVE-2025-15284) related to the 'qs' dependency was fixed in `v3.26.4`. Prior versions are affected.","severity":"breaking","affected_versions":"<3.26.4"},{"fix":"Upgrade to `contentstack@3.27.0` or higher to ensure robust handling of connection drops and prevent process termination.","message":"Applications using `contentstack` versions prior to `3.27.0` may experience process crashes due to unhandled socket errors (`UND_ERR_SOCKET`) during network connection drops.","severity":"gotcha","affected_versions":"<3.27.0"},{"fix":"Ensure your Node.js environment meets the minimum requirement of 10.14.2, and ideally use 22 or later for TypeScript projects.","message":"The SDK requires Node.js version 10.14.2 or higher. Running on older Node.js environments may lead to unexpected errors, initialization failures, or runtime crashes. The TypeScript Delivery SDK specifically recommends Node.js 22 or later.","severity":"gotcha","affected_versions":"=3.0.0"},{"fix":"For new Contentstack stacks (created after Dec 16, 2020), always use Delivery Tokens instead of Access Tokens. Update your SDK initialization to use `delivery_token`.","message":"The underlying Contentstack platform has deprecated Access Tokens for stacks created after December 16, 2020. While older stacks still support them, new stacks require Delivery Tokens for content fetching via the Delivery API.","severity":"breaking","affected_versions":">=3.0.0 (for new stacks)"}],"env_vars":null,"last_verified":"2026-04-19T00:00:00.000Z","next_check":"2026-07-18T00:00:00.000Z","problems":[{"fix":"Use the correct default import: `import Contentstack from 'contentstack';` and then initialize with `Contentstack.Stack({...});`.","cause":"Attempting to import `Contentstack` as a named export (`import { Contentstack } from 'contentstack';`) when it's a default export, or trying to directly call `Contentstack()` as a constructor when `Contentstack.Stack()` is the correct method for initialization.","error":"TypeError: Contentstack is not a function"},{"fix":"Ensure all three required parameters (`api_key`, `delivery_token`, and `environment`) are provided in the object passed to `Contentstack.Stack()`.","cause":"The SDK initialization object is missing one or more of the required `api_key`, `delivery_token`, or `environment` parameters.","error":"Contentstack: api_key, delivery_token or environment is missing"},{"fix":"For browsers, ensure `` is loaded before usage. For Node.js/ESM, ensure `import Contentstack from 'contentstack';` is at the top of your file.","cause":"In a browser environment, the Contentstack SDK script tag was not loaded, or the variable is being accessed before the script has executed and defined it globally. In Node.js, the import statement might be missing or incorrect.","error":"ReferenceError: Contentstack is not defined"},{"fix":"Verify that your `api_key`, `delivery_token`, and `environment` are correct and have the necessary permissions in your Contentstack account. Ensure you are using a Delivery Token for content fetching.","cause":"The provided `api_key` or `delivery_token` is incorrect, expired, or does not have permissions to access the specified environment or content.","error":"Error: Request failed with status code 401 (Unauthorized)"},{"fix":"Upgrade the `contentstack` SDK to version `3.27.0` or higher to benefit from the fix for connection drop handling.","cause":"Unhandled socket errors occurring during network connection drops, leading to process termination in older SDK versions.","error":"UND_ERR_SOCKET"}],"ecosystem":"npm"}