diff --git a/app/test/shared/versions_test.dart b/app/test/shared/versions_test.dart
index 683d681a2f..339df83b3e 100644
--- a/app/test/shared/versions_test.dart
+++ b/app/test/shared/versions_test.dart
@@ -65,7 +65,7 @@ void main() {
     'accepted runtime versions should be lexicographically ordered',
     () {
       for (final version in acceptedRuntimeVersions) {
-        expect(runtimeVersionPattern.hasMatch(version), isTrue);
+        expect(version, matches(runtimeVersionPattern));
       }
       final sorted = [...acceptedRuntimeVersions]
         ..sort((a, b) => -a.compareTo(b));
@@ -77,23 +77,29 @@ void main() {
     expect(acceptedRuntimeVersions, hasLength(lessThan(6)));
   });
 
-  test('runtime sdk version should match CI and dockerfile', () async {
+  test('runtime sdk version should match CI and dockerfiles', () async {
     final String docker = await File('../Dockerfile.app').readAsString();
-    expect(docker.contains('\nFROM dart:$runtimeSdkVersion\n'), isTrue);
+    expect(docker, contains('\nFROM dart:$runtimeSdkVersion\n'));
     final ci = await File('../.github/workflows/all-test.yml').readAsString();
-    expect(ci.contains("DART_SDK_VERSION: '$runtimeSdkVersion'"), isTrue);
+    expect(ci, contains("DART_SDK_VERSION: '$runtimeSdkVersion'"));
+    final imageProxyDocker = await File(
+      '../pkg/image_proxy/Dockerfile',
+    ).readAsString();
+    expect(imageProxyDocker, contains('\nFROM dart:$runtimeSdkVersion '));
   });
 
   test('Dart SDK versions should match Dockerfile.worker', () async {
     final dockerfileContent = await File('../Dockerfile.worker').readAsString();
     expect(
-      dockerfileContent.contains(
-            'tool/setup-dart.sh /home/worker/dart/stable stable/raw/hash/',
-          ) ||
-          dockerfileContent.contains(
-            'tool/setup-dart.sh /home/worker/dart/stable $toolStableDartSdkVersion',
-          ),
-      isTrue,
+      dockerfileContent,
+      anyOf(
+        contains(
+          'tool/setup-dart.sh /home/worker/dart/stable stable/raw/hash/',
+        ),
+        contains(
+          'tool/setup-dart.sh /home/worker/dart/stable $toolStableDartSdkVersion',
+        ),
+      ),
     );
   });
 
@@ -166,7 +172,7 @@ and do not format to also bump the runtimeVersion.''',
     // roll traffic backwards.
     // Avoid this by temporarily hardcoding gcBeforeRuntimeVersion to not be
     // the last version of acceptedRuntimeVersions.
-    expect(gcBeforeRuntimeVersion != runtimeVersion, isTrue);
+    expect(gcBeforeRuntimeVersion, isNot(runtimeVersion));
   });
 
   scopedTest('GC is returning correct values for known versions', () {
diff --git a/pkg/image_proxy/Dockerfile b/pkg/image_proxy/Dockerfile
new file mode 100644
index 0000000000..cf0bc8e040
--- /dev/null
+++ b/pkg/image_proxy/Dockerfile
@@ -0,0 +1,21 @@
+# Use latest stable channel SDK.
+FROM dart:3.9.0 AS build
+
+ENV PUB_ENVIRONMENT="bot"
+ENV PUB_CACHE="/project/.pub-cache"
+
+# Resolve app dependencies.
+WORKDIR /app
+COPY . .
+RUN dart pub get --enforce-lockfile
+RUN dart compile exe pkg/image_proxy/bin/server.dart -o server
+
+# Build minimal serving image from AOT-compiled `/server`
+# and the pre-built AOT-runtime in the `/runtime/` directory of the base image.
+FROM scratch
+COPY --from=build /runtime/ /
+COPY --from=build /app/server /app/bin/
+
+# Start server.
+EXPOSE 8080
+CMD ["/app/bin/server"]
diff --git a/pkg/image_proxy/README.md b/pkg/image_proxy/README.md
new file mode 100644
index 0000000000..799fc2c0e7
--- /dev/null
+++ b/pkg/image_proxy/README.md
@@ -0,0 +1,20 @@
+# Image proxy for pub.dev.
+
+
+Will forward requests to a url, when given a request like:
+```
+https://external-image.pub.dev/<base64(hmac(url,hmac_kms(date))>/<date>/<urlencode(url)>
+```
+
+date is a "microsecond after epoch" timestamp of a specific date's midnight.
+
+hmac_kms is calculated in KMS with the key version at HMAC_KEY_ID.
+
+## Development
+
+To build the docker image (from the repository root):
+
+```
+docker build -t image-proxy-server . --file pkg/image_proxy/Dockerfile
+```
+
diff --git a/pkg/image_proxy/bin/server.dart b/pkg/image_proxy/bin/server.dart
new file mode 100644
index 0000000000..d328375ea3
--- /dev/null
+++ b/pkg/image_proxy/bin/server.dart
@@ -0,0 +1,5 @@
+// Copyright (c) 2025, the Dart project authors.  Please see the AUTHORS file
+// for details. All rights reserved. Use of this source code is governed by a
+// BSD-style license that can be found in the LICENSE file.
+
+export 'package:pub_dev_image_proxy/image_proxy_service.dart' show main;
diff --git a/pkg/image_proxy/lib/image_proxy_service.dart b/pkg/image_proxy/lib/image_proxy_service.dart
new file mode 100644
index 0000000000..5ae8c114fc
--- /dev/null
+++ b/pkg/image_proxy/lib/image_proxy_service.dart
@@ -0,0 +1,309 @@
+// Copyright (c) 2025, the Dart project authors.  Please see the AUTHORS file
+// for details. All rights reserved. Use of this source code is governed by a
+// BSD-style license that can be found in the LICENSE file.
+
+import 'dart:async';
+import 'dart:convert';
+import 'dart:io';
+import 'dart:typed_data';
+
+import 'package:crypto/crypto.dart';
+import 'package:googleapis/cloudkms/v1.dart' as kms;
+import 'package:googleapis_auth/auth_io.dart' as auth;
+import 'package:googleapis_auth/googleapis_auth.dart';
+import 'package:http/http.dart' as http;
+import 'package:retry/retry.dart';
+import 'package:shelf/shelf.dart' as shelf;
+import 'package:shelf/shelf_io.dart';
+
+bool isTesting = Platform.environment['IMAGE_PROXY_TESTING'] == 'true';
+
+Duration timeoutDelay = Duration(seconds: isTesting ? 1 : 8);
+
+/// The keys we currently allow the url to be signed with.
+Map<int, Uint8List> allowedKeys = {};
+
+/// Ensure that [allowedKeys] contains keys for today and the two surrounding
+/// days.
+Future<void> updateAllowedKeys() async {
+  final now = DateTime.now();
+  final yesterday = DateTime(now.year, now.month, now.day - 1);
+  final today = DateTime(now.year, now.month, now.day);
+  final tomorrow = DateTime(now.year, now.month, now.day + 1);
+
+  for (final d in [yesterday, today, tomorrow]) {
+    if (!allowedKeys.containsKey(d.millisecondsSinceEpoch)) {
+      allowedKeys[d.millisecondsSinceEpoch] = isTesting
+          ? await getDailySecretMock(d)
+          : await getDailySecret(d);
+      print('Generating new key for ${d.toIso8601String()}');
+    }
+  }
+  while (allowedKeys.length > 3) {
+    final dates = allowedKeys.keys.toList()..sort();
+    allowedKeys.remove(dates.first);
+  }
+  assert(allowedKeys.length == 3);
+}
+
+late auth.AuthClient? _apiClient;
+
+/// The client used for communicating with the google apis.
+Future<AuthClient> authClient() async {
+  return (_apiClient ??= await retry(() async {
+    return await auth.clientViaApplicationDefaultCredentials(scopes: []);
+  }))!;
+}
+
+Future<Uint8List> getDailySecretMock(DateTime day) async {
+  return hmacSign(
+    utf8.encode('fake secret'),
+    utf8.encode(
+      DateTime(day.year, day.month, day.day).toUtc().toIso8601String(),
+    ),
+  );
+}
+
+/// Requests a derived hmac key corresponding to [day] using.
+Future<Uint8List> getDailySecret(DateTime day) async {
+  final api = kms.CloudKMSApi(await authClient());
+  final response = await api
+      .projects
+      .locations
+      .keyRings
+      .cryptoKeys
+      .cryptoKeyVersions
+      .macSign(
+        kms.MacSignRequest()
+          ..dataAsBytes = utf8.encode(
+            DateTime(day.year, day.month, day.day).toUtc().toIso8601String(),
+          ),
+        Platform.environment['HMAC_KEY_ID']!,
+      );
+  return response.macAsBytes as Uint8List;
+}
+
+bool _constantTimeEquals(Uint8List a, Uint8List b) {
+  if (a.length != b.length) return false;
+  bool answer = true;
+  for (var i = 0; i < a.length; i++) {
+    answer &= a[i] == b[i];
+  }
+  return answer;
+}
+
+// The client used for requesting the images.
+// Using raw dart:io client such that we can disable autoUncompress.
+final HttpClient client = HttpClient()
+  ..autoUncompress = false
+  ..connectionTimeout = Duration(seconds: 10)
+  ..idleTimeout = Duration(seconds: 15);
+
+final maxImageSize = 1024 * 1024 * 10; // At most 10 MB.
+
+Future<shelf.Response> handler(shelf.Request request) async {
+  try {
+    if (request.method != 'GET') {
+      return shelf.Response.notFound('Unsupported method');
+    }
+    final segments = request.url.pathSegments;
+    if (segments.length != 3) {
+      return shelf.Response.badRequest(
+        body:
+            'malformed request, ${segments.length} should be of the form <base64(hmac(url,daily_secret))>/<date>/<urlencode(url)>',
+      );
+    }
+    final Uint8List signature;
+    try {
+      signature = base64Decode(segments[0]);
+    } on FormatException catch (_) {
+      return shelf.Response.badRequest(
+        body: 'malformed request, could not decode mac signature',
+      );
+    }
+    final date = int.tryParse(segments[1]);
+    if (date == null) {
+      return shelf.Response.badRequest(body: 'malformed request, missing date');
+    }
+    final secret = allowedKeys[date];
+    if (secret == null) {
+      return shelf.Response.badRequest(
+        body: 'malformed request, proxy url expired',
+      );
+    }
+
+    final imageUrl = segments[2];
+    if (imageUrl.length > 1024) {
+      return shelf.Response.badRequest(body: 'proxied url too long');
+    }
+    final imageUrlBytes = utf8.encode(imageUrl);
+
+    if (_constantTimeEquals(hmacSign(secret, imageUrlBytes), signature)) {
+      final Uri parsedImageUrl;
+      try {
+        parsedImageUrl = Uri.parse(imageUrl);
+      } on FormatException catch (e) {
+        return shelf.Response.badRequest(body: 'Malformed proxied url $e');
+      }
+      if (!(parsedImageUrl.isScheme('http') ||
+          parsedImageUrl.isScheme('https'))) {
+        return shelf.Response.badRequest(
+          body: 'Can only proxy http and https urls',
+        );
+      }
+      if (!parsedImageUrl.isAbsolute) {
+        return shelf.Response.badRequest(body: 'Can only proxy absolute urls');
+      }
+
+      int statusCode;
+      List<int> bytes;
+      String? contentType;
+      String? contentEncoding;
+      try {
+        (statusCode, bytes, contentType, contentEncoding) = await retry(
+          maxDelay: timeoutDelay,
+          maxAttempts: isTesting ? 2 : 8,
+          () async {
+            final request = await client.getUrl(parsedImageUrl);
+            Timer? timeoutTimer;
+            void scheduleRequestTimeout() {
+              timeoutTimer?.cancel();
+              timeoutTimer = Timer(timeoutDelay, () {
+                request.abort(RequestTimeoutException('No response'));
+              });
+            }
+
+            request.headers.add(
+              'user-agent',
+              'Image proxy for pub.dev. See https://github.com/dart-lang/pub-dev/pkg/image-proxy. If you have any issues, contact support@pub.dev.',
+            );
+            request.followRedirects = false;
+            scheduleRequestTimeout();
+            var response = await request.close();
+            var redirectCount = 0;
+            while (response.isRedirect) {
+              await response.drain();
+              redirectCount++;
+              if (redirectCount > 10) {
+                throw RedirectException('Too many redirects.');
+              }
+              final location = response.headers.value(
+                HttpHeaders.locationHeader,
+              );
+              if (location == null) {
+                throw RedirectException('No location header in redirect.');
+              }
+              final uri = parsedImageUrl.resolve(location);
+              final request = await client.getUrl(uri);
+
+              request.headers.add('user-agent', 'pub-proxy');
+              // Set the body or headers as desired.
+              request.followRedirects = false;
+              scheduleRequestTimeout();
+              response = await request.close();
+            }
+            switch (response.statusCode) {
+              case final int statusCode && >= 500 && < 600:
+                throw ServerSideException(statusCode: statusCode);
+              case final int statusCode && >= 300 && < 400:
+                throw ServerSideException(statusCode: statusCode);
+            }
+            final contentLength = response.contentLength;
+            if (contentLength != -1 && contentLength > maxImageSize) {
+              throw TooLargeException();
+            }
+            return (
+              response.statusCode,
+              await readAllBytes(
+                response,
+                contentLength == -1 ? maxImageSize : contentLength,
+              ).timeout(
+                timeoutDelay,
+                onTimeout: () {
+                  throw RequestTimeoutException('No response');
+                },
+              ),
+              response.headers.value('content-type'),
+              response.headers.value('content-encoding'),
+            );
+          },
+          retryIf: (e) =>
+              e is SocketException ||
+              e is http.ClientException ||
+              e is ServerSideException,
+        );
+      } on TooLargeException {
+        return shelf.Response.badRequest(body: 'Image too large');
+      } on RedirectException catch (e) {
+        return shelf.Response.badRequest(body: e.message);
+      } on RequestTimeoutException catch (e) {
+        return shelf.Response.badRequest(body: e.message);
+      } on ServerSideException catch (e) {
+        return shelf.Response.badRequest(
+          body: 'Failed to retrieve image. Status code ${e.statusCode}',
+        );
+      }
+
+      return shelf.Response(
+        statusCode,
+        body: bytes,
+        headers: {
+          'Cache-control': 'max-age=180, public',
+          'content-type': ?contentType,
+          'content-encoding': ?contentEncoding,
+        },
+      );
+    } else {
+      return shelf.Response.unauthorized('Bad hmac');
+    }
+  } catch (e, st) {
+    stderr.writeln('Uncaught error: $e $st');
+    rethrow;
+  }
+}
+
+void main(List<String> args) async {
+  await updateAllowedKeys();
+  Timer.periodic(Duration(hours: 1), (_) => updateAllowedKeys());
+  final server = await serve(
+    handler,
+    InternetAddress.anyIPv6,
+    int.tryParse(Platform.environment['IMAGE_PROXY_PORT'] ?? '') ?? 80,
+  );
+  print('Serving image proxy on ${server.address}:${server.port}');
+}
+
+class TooLargeException implements Exception {
+  TooLargeException();
+}
+
+class ServerSideException implements Exception {
+  int statusCode;
+  ServerSideException({required this.statusCode});
+}
+
+class RedirectException implements Exception {
+  String message;
+  RedirectException(this.message);
+}
+
+class RequestTimeoutException implements Exception {
+  String message;
+  RequestTimeoutException(this.message);
+}
+
+Uint8List hmacSign(Uint8List key, Uint8List imageUrlBytes) {
+  return Hmac(sha256, key).convert(imageUrlBytes).bytes as Uint8List;
+}
+
+Future<Uint8List> readAllBytes(Stream<List<int>> stream, int maxBytes) async {
+  final builder = BytesBuilder();
+
+  await for (final chunk in stream) {
+    if (builder.length + chunk.length > maxBytes) {
+      throw TooLargeException();
+    }
+    builder.add(chunk);
+  }
+  return builder.takeBytes();
+}
diff --git a/pkg/image_proxy/pubspec.yaml b/pkg/image_proxy/pubspec.yaml
new file mode 100644
index 0000000000..637dcb0c24
--- /dev/null
+++ b/pkg/image_proxy/pubspec.yaml
@@ -0,0 +1,18 @@
+name: pub_dev_image_proxy
+environment:
+  sdk: ^3.9.0-0
+
+resolution: workspace
+
+dependencies:
+  shelf: ^1.4.2
+  crypto: ^3.0.6
+  http: ^1.5.0
+  retry: ^3.1.2
+  gcloud: ^0.8.19
+  googleapis_auth: ^2.0.0
+  googleapis: ^14.0.0
+  yaml: ^3.1.3
+dev_dependencies:
+  test:
+  lints:
diff --git a/pkg/image_proxy/test/image_proxy_test.dart b/pkg/image_proxy/test/image_proxy_test.dart
new file mode 100644
index 0000000000..11334fe9f2
--- /dev/null
+++ b/pkg/image_proxy/test/image_proxy_test.dart
@@ -0,0 +1,448 @@
+// Copyright (c) 2025, the Dart project authors.  Please see the AUTHORS file
+// for details. All rights reserved. Use of this source code is governed by a
+// BSD-style license that can be found in the LICENSE file.
+
+import 'dart:async';
+import 'dart:convert';
+import 'dart:io';
+
+import 'package:crypto/crypto.dart';
+import 'package:pub_dev_image_proxy/image_proxy_service.dart';
+import 'package:shelf/shelf.dart' as shelf;
+import 'package:shelf/shelf_io.dart' as shelf_io;
+import 'package:test/test.dart';
+
+Future<int> startImageProxy() async {
+  final p = await Process.start(
+    Platform.resolvedExecutable,
+    ['run', '-r', 'bin/server.dart'],
+    environment: {'IMAGE_PROXY_TESTING': 'true', 'IMAGE_PROXY_PORT': '0'},
+  );
+  addTearDown(() => p.kill());
+  int? port;
+  await for (final line in LineSplitter().bind(Utf8Decoder().bind(p.stdout))) {
+    if (line.startsWith('Serving image proxy on')) {
+      port = int.parse(line.split(':').last);
+      break;
+    }
+  }
+  return port!;
+}
+
+Stream<List<int>> infiniteStream() async* {
+  while (true) {
+    yield List.generate(1000, (i) => 0);
+  }
+}
+
+Future<int> startImageServer() async {
+  var i = 0;
+  final server = await shelf_io.serve(
+    (shelf.Request request) async {
+      switch (request.url.path) {
+        case 'path/to/image.jpg':
+          return shelf.Response.ok(
+            File(jpgImagePath).readAsBytesSync(),
+            headers: {'content-type': 'image/jpeg'},
+          );
+        case 'path/to/image.png':
+          return shelf.Response.ok(
+            File(pngImagePath).readAsBytesSync(),
+            headers: {'content-type': 'image/png'},
+          );
+        case 'path/to/image.svg':
+          return shelf.Response.ok(
+            GZipCodec().encode(File(svgImagePath).readAsBytesSync()),
+            headers: {
+              'content-type': 'image/svg+xml',
+              'Content-Encoding': 'gzip',
+            },
+          );
+        case 'canBeCachedLong':
+          return shelf.Response.ok(
+            File(jpgImagePath).readAsBytesSync(),
+            headers: {
+              'content-type': 'image/jpeg',
+              'cache-control': 'max-age=20000, public',
+            },
+          );
+        case 'redirect':
+          return shelf.Response.movedPermanently('path/to/image.jpg');
+        case 'redirectForever':
+          return shelf.Response.movedPermanently('redirectForever');
+        case 'serverError':
+          return shelf.Response.internalServerError();
+        case 'worksSecondTime':
+          if (i++ == 0) {
+            return shelf.Response.internalServerError();
+          }
+          return shelf.Response.ok(
+            File(jpgImagePath).readAsBytesSync(),
+            headers: {'content-type': 'image/jpeg'},
+          );
+        case 'timeout':
+          await Future.delayed(Duration(hours: 1));
+          return shelf.Response.notFound('Not found');
+        case 'timeoutstreaming':
+          late final StreamController lateStreamController;
+          lateStreamController = StreamController(
+            onListen: () async {
+              // Return a single byte, and then stall.
+              lateStreamController.add([1]);
+              await Future.delayed(Duration(hours: 1));
+              await lateStreamController.close();
+            },
+          );
+          return shelf.Response.ok(
+            lateStreamController.stream,
+            headers: {'content-type': 'image/jpeg'},
+          );
+        case 'okstreaming':
+          return shelf.Response.ok(
+            // Has no content-length
+            File(jpgImagePath).openRead(),
+            headers: {'content-type': 'image/jpeg'},
+          );
+        case 'toobig':
+          return shelf.Response.ok(
+            infiniteStream(),
+            headers: {
+              'content-type': 'image/jpeg',
+              'content-length': '100000000',
+            },
+          );
+        case 'toobigstreaming':
+          return shelf.Response.ok(
+            infiniteStream(),
+            headers: {'content-type': 'image/jpeg'},
+          );
+        default:
+          return shelf.Response.notFound('Not found');
+      }
+    },
+    'localhost',
+    0,
+  );
+  return server.port;
+}
+
+final jpgImagePath = 'test/test_data/image.jpg';
+final pngImagePath = 'test/test_data/image.png';
+final svgImagePath = 'test/test_data/image.svg';
+
+final now = DateTime.now();
+final yesterday = DateTime(now.year, now.month, now.day - 1);
+final today = DateTime(now.year, now.month, now.day);
+final tomorrow = DateTime(now.year, now.month, now.day + 1);
+
+Future<HttpClientResponse> getImage({
+  required int imageProxyPort,
+  required int imageServerPort,
+  String pathToImage = 'path/to/image.jpg',
+  DateTime? day,
+  bool disturbSignature = false,
+}) async {
+  final client = HttpClient();
+  day ??= today;
+  final dailySecret = await getDailySecretMock(day);
+  final imageUrl = 'http://localhost:$imageServerPort/$pathToImage';
+  final signature = hmacSign(dailySecret, utf8.encode(imageUrl));
+  if (disturbSignature) {
+    signature[0]++;
+  }
+  final url = Uri(
+    scheme: 'http',
+    host: 'localhost',
+    port: imageProxyPort,
+    pathSegments: [
+      base64Encode(signature),
+      day.millisecondsSinceEpoch.toString(),
+      imageUrl,
+    ],
+  );
+  final request = await client.getUrl(url);
+  return await request.close();
+}
+
+Future<void> main() async {
+  test('Can proxy images', () async {
+    final imageProxyPort = await startImageProxy();
+    final imageServerPort = await startImageServer();
+
+    for (final day in [yesterday, today, tomorrow]) {
+      final response = await getImage(
+        day: day,
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+      );
+      expect(response.statusCode, 200);
+      expect(response.headers['content-type']!.single, 'image/jpeg');
+      expect(response.headers['cache-control']!.single, 'max-age=180, public');
+
+      final hash = await sha256.bind(response).single;
+      final expected = sha256.convert(File(jpgImagePath).readAsBytesSync());
+      expect(hash, expected);
+    }
+
+    {
+      final response = await getImage(
+        day: today,
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+        pathToImage: 'path/to/image.png',
+      );
+      expect(response.statusCode, 200);
+      expect(response.headers['content-type']!.single, 'image/png');
+      final hash = await sha256.bind(response).single;
+      final expected = sha256.convert(File(pngImagePath).readAsBytesSync());
+      expect(hash, expected);
+    }
+
+    {
+      final response = await getImage(
+        day: today,
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+        pathToImage: 'path/to/image.svg',
+      );
+      expect(response.statusCode, 200);
+      expect(response.headers['content-type']!.single, 'image/svg+xml');
+      final hash = await sha256.bind(response).single;
+      final expected = sha256.convert(File(svgImagePath).readAsBytesSync());
+      expect(hash, expected);
+    }
+
+    {
+      final response = await getImage(
+        day: today,
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+        // Gives no content-length
+        pathToImage: 'okstreaming',
+      );
+      expect(response.statusCode, 200);
+      expect(response.headers['content-type']!.single, 'image/jpeg');
+      final jpgFile = File(jpgImagePath).readAsBytesSync();
+      expect(response.contentLength, jpgFile.length);
+      final hash = await sha256.bind(response).single;
+      final expected = sha256.convert(jpgFile);
+      expect(hash, expected);
+    }
+  });
+
+  test('Fails on days outside recent range', () async {
+    final imageProxyPort = await startImageProxy();
+    final imageServerPort = await startImageServer();
+    {
+      final response = await getImage(
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+        day: tomorrow.add(Duration(days: 1)),
+      );
+      expect(response.statusCode, 400);
+
+      expect(
+        await Utf8Codec().decodeStream(response),
+        'malformed request, proxy url expired',
+      );
+    }
+  });
+
+  test('Fails with bad hmac', () async {
+    final imageProxyPort = await startImageProxy();
+    final imageServerPort = await startImageServer();
+    {
+      final response = await getImage(
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+        day: today,
+        disturbSignature: true,
+      );
+      expect(response.statusCode, 401);
+
+      expect(await Utf8Codec().decodeStream(response), 'Bad hmac');
+    }
+  });
+
+  test('Fails with too long query url', () async {
+    final imageProxyPort = await startImageProxy();
+    final imageServerPort = await startImageServer();
+    {
+      final response = await getImage(
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+        day: today,
+        disturbSignature: true,
+        pathToImage: 'next/' * 1000 + 'image.jpg',
+      );
+      expect(response.statusCode, 400);
+
+      expect(await Utf8Codec().decodeStream(response), 'proxied url too long');
+    }
+  });
+
+  test('Follows redirect', () async {
+    final imageProxyPort = await startImageProxy();
+    final imageServerPort = await startImageServer();
+    {
+      final response = await getImage(
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+        day: today,
+        pathToImage: 'redirect',
+      );
+
+      expect(response.statusCode, 200);
+      final hash = await sha256.bind(response).single;
+      final expected = sha256.convert(File(jpgImagePath).readAsBytesSync());
+      expect(hash, expected);
+    }
+  });
+
+  test('Fails with infinite redirect', () async {
+    final imageProxyPort = await startImageProxy();
+    final imageServerPort = await startImageServer();
+    {
+      final response = await getImage(
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+        day: today,
+        pathToImage: 'redirectForever',
+      );
+
+      expect(await Utf8Codec().decodeStream(response), 'Too many redirects.');
+      expect(response.statusCode, 400);
+    }
+  });
+
+  test('Fails with 500', () async {
+    final imageProxyPort = await startImageProxy();
+    final imageServerPort = await startImageServer();
+    {
+      final response = await getImage(
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+        day: today,
+        pathToImage: 'serverError',
+      );
+
+      expect(
+        await Utf8Codec().decodeStream(response),
+        'Failed to retrieve image. Status code 500',
+      );
+      expect(response.statusCode, 400);
+    }
+  });
+
+  test('Fails on 4xx', () async {
+    final imageProxyPort = await startImageProxy();
+    final imageServerPort = await startImageServer();
+    {
+      final response = await getImage(
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+        day: today,
+        pathToImage: 'doesntexist',
+      );
+
+      expect(await Utf8Codec().decodeStream(response), 'Not found');
+      expect(response.statusCode, 404);
+    }
+  });
+
+  test('Retries 500', () async {
+    final imageProxyPort = await startImageProxy();
+    final imageServerPort = await startImageServer();
+    {
+      final response = await getImage(
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+        day: today,
+        pathToImage: 'worksSecondTime',
+      );
+
+      expect(response.statusCode, 200);
+      final hash = await sha256.bind(response).single;
+      final expected = sha256.convert(File(jpgImagePath).readAsBytesSync());
+      expect(hash, expected);
+    }
+  });
+
+  test('Doesn\'t forward cache header', () async {
+    final imageProxyPort = await startImageProxy();
+    final imageServerPort = await startImageServer();
+    {
+      final response = await getImage(
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+        day: today,
+        pathToImage: 'canBeCachedLong',
+      );
+
+      expect(response.statusCode, 200);
+      // The proxy doesn't cache as long time as the original.
+      expect(response.headers['cache-control']!.single, 'max-age=180, public');
+      final hash = await sha256.bind(response).single;
+      final expected = sha256.convert(File(jpgImagePath).readAsBytesSync());
+      expect(hash, expected);
+    }
+  });
+
+  test('times out', () async {
+    final imageProxyPort = await startImageProxy();
+    final imageServerPort = await startImageServer();
+    {
+      final response = await getImage(
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+        day: today,
+        pathToImage: 'timeout',
+      );
+
+      expect(response.statusCode, 400);
+      // The proxy doesn't cache as long time as the original.
+      expect(await Utf8Codec().decodeStream(response), 'No response');
+    }
+    {
+      final response = await getImage(
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+        day: today,
+        pathToImage: 'timeoutstreaming',
+      );
+
+      expect(response.statusCode, 400);
+      // The proxy doesn't cache as long time as the original.
+      expect(await Utf8Codec().decodeStream(response), 'No response');
+    }
+  });
+
+  test('protects against too big files', () async {
+    final imageProxyPort = await startImageProxy();
+    final imageServerPort = await startImageServer();
+    {
+      final response = await getImage(
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+        day: today,
+        pathToImage: 'toobig',
+      );
+
+      expect(response.statusCode, 400);
+      // The proxy doesn't cache as long time as the original.
+      expect(await Utf8Codec().decodeStream(response), 'Image too large');
+    }
+    {
+      final response = await getImage(
+        imageProxyPort: imageProxyPort,
+        imageServerPort: imageServerPort,
+        day: today,
+        pathToImage: 'toobigstreaming',
+      );
+
+      expect(response.statusCode, 400);
+      // The proxy doesn't cache as long time as the original.
+      expect(await Utf8Codec().decodeStream(response), 'Image too large');
+    }
+  });
+}
diff --git a/pkg/image_proxy/test/test_data/image.jpg b/pkg/image_proxy/test/test_data/image.jpg
new file mode 100644
index 0000000000..a77cb57c14
Binary files /dev/null and b/pkg/image_proxy/test/test_data/image.jpg differ
diff --git a/pkg/image_proxy/test/test_data/image.png b/pkg/image_proxy/test/test_data/image.png
new file mode 100644
index 0000000000..2b149017d5
Binary files /dev/null and b/pkg/image_proxy/test/test_data/image.png differ
diff --git a/pkg/image_proxy/test/test_data/image.svg b/pkg/image_proxy/test/test_data/image.svg
new file mode 100644
index 0000000000..ccc5b2d47d
--- /dev/null
+++ b/pkg/image_proxy/test/test_data/image.svg
@@ -0,0 +1,248 @@
+<?xml version="1.0" standalone="no"?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 20010904//EN"
+ "http://www.w3.org/TR/2001/REC-SVG-20010904/DTD/svg10.dtd">
+<svg version="1.0" xmlns="http://www.w3.org/2000/svg"
+ width="1024.000000pt" height="1024.000000pt" viewBox="0 0 1024.000000 1024.000000"
+ preserveAspectRatio="xMidYMid meet">
+<metadata>
+Created by potrace 1.16, written by Peter Selinger 2001-2019
+</metadata>
+<g transform="translate(0.000000,1024.000000) scale(0.100000,-0.100000)"
+fill="#000000" stroke="none">
+<path d="M1930 7544 c-135 -19 -236 -60 -299 -123 -92 -92 -112 -264 -52 -441
+40 -118 76 -183 209 -380 180 -266 217 -365 252 -690 34 -311 51 -419 86 -560
+105 -411 271 -533 704 -516 85 3 175 9 200 12 l45 6 -35 -29 c-265 -214 -431
+-463 -434 -648 -1 -58 5 -85 33 -155 29 -73 34 -102 40 -205 8 -132 17 -159
+76 -215 54 -52 92 -126 120 -236 14 -54 34 -110 44 -124 10 -14 47 -43 84 -65
+88 -53 119 -84 184 -182 70 -106 97 -123 217 -133 107 -9 160 -29 237 -90 74
+-58 111 -72 200 -72 95 0 195 32 339 110 183 99 224 157 350 487 39 105 120
+298 180 430 125 279 219 516 258 650 15 52 30 95 34 95 3 0 8 -134 10 -297 4
+-243 8 -309 22 -358 55 -194 116 -193 173 3 13 46 17 116 21 355 2 163 7 297
+10 297 4 0 15 -28 24 -63 37 -141 154 -436 313 -792 37 -82 98 -232 136 -332
+37 -100 82 -210 100 -244 50 -100 123 -164 276 -242 149 -76 218 -97 313 -97
+89 0 123 12 191 65 79 62 135 85 232 95 135 14 152 24 230 140 68 103 80 115
+172 170 44 27 88 61 97 77 9 16 26 66 38 112 26 104 57 166 115 231 76 86 78
+90 85 223 5 89 13 138 30 182 51 135 55 165 37 241 -47 190 -176 379 -364 532
+-51 42 -91 78 -89 80 2 2 47 -1 100 -7 202 -23 394 -9 516 38 230 88 337 345
+400 966 41 403 63 465 277 783 159 236 201 327 223 478 23 168 -42 314 -170
+379 -89 45 -172 59 -350 59 -189 1 -313 -17 -505 -69 -375 -103 -746 -306
+-1138 -623 -463 -373 -858 -803 -1182 -1286 -59 -87 -81 -113 -83 -98 -2 12 2
+30 7 41 28 52 7 109 -46 125 -13 4 -23 12 -23 17 0 19 73 124 211 305 206 272
+205 269 309 532 22 56 40 105 40 107 0 3 -7 5 -15 5 -24 0 -46 -45 -71 -147
+-31 -126 -85 -235 -173 -348 -189 -244 -254 -331 -283 -382 l-31 -55 -18 23
+c-14 19 -20 21 -32 11 -10 -9 -17 -10 -22 -2 -13 21 -41 9 -59 -25 -10 -19
+-28 -37 -40 -41 -55 -17 -78 -72 -51 -124 9 -17 15 -39 13 -48 -2 -10 -46 46
+-112 143 -200 294 -394 531 -646 789 -724 741 -1444 1132 -2115 1150 -77 3
+-156 2 -175 0z m75 -98 c65 -28 29 -88 -61 -102 -120 -18 -151 61 -39 101 51
+18 58 18 100 1z m6362 -17 c39 -25 45 -62 11 -80 -27 -14 -106 -6 -148 16 -25
+13 -31 22 -28 43 6 54 93 65 165 21z m-6173 -5 c27 -10 7 -24 -35 -24 -28 0
+-39 4 -39 15 0 16 43 21 74 9z m5921 -9 c0 -12 -50 -19 -73 -10 -14 5 -14 7
+-2 16 19 12 75 7 75 -6z m-6251 -138 c14 -23 -9 -42 -68 -58 -80 -22 -116 28
+-46 64 43 21 99 19 114 -6z m6615 12 c33 -11 56 -42 46 -59 -10 -15 -93 -12
+-125 5 -28 14 -39 43 -23 58 10 11 67 8 102 -4z m-1096 -177 c14 -13 46 -31
+73 -42 31 -12 44 -20 34 -24 -84 -32 -465 -146 -488 -146 -62 0 -48 56 29 115
+27 21 109 68 182 106 l132 68 7 -28 c4 -15 18 -37 31 -49z m-4357 8 c172 -87
+264 -162 248 -203 -4 -11 -17 -17 -39 -17 -28 0 -490 141 -502 154 -2 2 20 11
+51 20 57 17 96 52 96 87 0 11 6 19 14 19 7 0 67 -27 132 -60z m253 -26 c82
+-38 196 -115 210 -142 21 -42 -23 -56 -82 -26 -67 33 -306 198 -301 206 10 16
+98 -3 173 -38z m3851 36 c0 -12 -222 -160 -293 -197 -100 -50 -129 -8 -42 60
+57 45 195 123 243 137 39 12 92 12 92 0z m-5362 -32 c32 -32 -7 -118 -53 -118
+-49 0 -61 76 -19 109 30 24 54 27 72 9z m6777 -13 c28 -28 32 -66 9 -89 -24
+-24 -50 -19 -78 15 -30 36 -32 55 -9 81 22 25 49 23 78 -7z m-5910 -56 c103
+-12 288 -58 357 -88 50 -21 73 -50 63 -81 -12 -38 -37 -42 -193 -30 -81 6
+-246 14 -368 18 -184 7 -226 11 -248 25 -44 29 -35 84 20 117 71 45 206 59
+369 39z m5285 -13 c87 -32 123 -93 81 -135 -26 -26 -50 -29 -291 -36 -113 -3
+-265 -10 -338 -17 -148 -12 -177 -6 -188 37 -9 35 15 60 83 85 69 26 197 59
+293 76 99 18 300 12 360 -10z m-6085 -182 c13 -6 45 -53 45 -68 0 -3 -11 -13
+-25 -22 -23 -15 -27 -15 -50 0 -27 18 -34 63 -13 84 14 14 20 15 43 6z m6615
+-15 c26 -48 -23 -104 -69 -80 -27 15 -27 41 0 75 25 31 54 34 69 5z m-5826
+-32 c35 -23 33 -50 -6 -83 -64 -53 -209 -101 -266 -88 -72 18 -142 74 -142
+115 0 27 37 57 84 68 23 6 100 9 173 7 103 -2 137 -6 157 -19z m5356 -2 c63
+-33 66 -63 11 -115 -51 -49 -111 -66 -182 -51 -109 23 -219 91 -219 136 0 13
+5 27 11 30 24 15 112 24 224 21 93 -2 128 -6 155 -21z m-1458 -192 c2 -18 14
+-35 34 -48 l31 -20 -65 -47 c-69 -51 -95 -58 -124 -31 -31 28 -21 54 44 115
+33 32 65 58 69 58 4 0 9 -12 11 -27z m-2732 -24 c63 -49 79 -79 60 -114 -25
+-47 -49 -41 -149 34 -46 34 -51 42 -35 47 30 11 54 35 54 56 0 27 12 23 70
+-23z m-1785 -9 c7 -22 -1 -40 -17 -40 -18 0 -48 32 -48 51 0 36 53 27 65 -11z
+m6283 -5 c-18 -41 -58 -44 -58 -5 0 26 39 53 56 39 10 -8 10 -16 2 -34z
+m-4718 -8 c55 -23 173 -98 185 -118 4 -6 -3 -21 -15 -34 -26 -28 -16 -30 -187
+52 l-122 59 19 32 c24 39 44 40 120 9z m3221 -18 c6 -11 9 -22 7 -24 -15 -15
+-256 -125 -273 -125 -27 0 -49 24 -42 44 10 25 128 98 196 122 70 24 91 21
+112 -17z m-3858 -4 c104 -27 182 -78 237 -155 l19 -27 -197 -6 c-114 -4 -214
+-3 -237 2 -78 19 -108 93 -61 147 44 52 133 67 239 39z m4549 5 c43 -12 88
+-61 88 -96 0 -14 -7 -35 -16 -49 -31 -47 -84 -56 -311 -48 l-193 6 33 46 c76
+106 273 176 399 141z m-4082 -46 c100 -26 246 -92 275 -124 17 -19 17 -20 -11
+-31 -47 -18 -113 -5 -199 38 -44 21 -117 54 -163 72 -91 37 -104 48 -77 67 20
+15 40 12 175 -22z m3620 12 c0 -20 -16 -30 -114 -70 -48 -20 -115 -50 -148
+-67 -80 -40 -154 -49 -187 -22 l-25 20 65 36 c94 53 134 68 239 93 113 27 170
+30 170 10z m-862 -138 c-201 -198 -400 -433 -598 -705 -56 -79 -104 -143 -106
+-143 -6 0 62 104 163 248 172 247 316 412 532 609 69 62 127 113 129 113 3 0
+-51 -55 -120 -122z m-1918 -138 c129 -130 242 -263 346 -410 76 -109 215 -320
+209 -320 -2 0 -47 60 -99 134 -185 260 -354 463 -571 686 -111 114 -137 145
+-85 100 41 -36 131 -121 200 -190z m-2120 145 c15 -18 5 -65 -13 -65 -20 0
+-37 21 -37 45 0 37 27 48 50 20z m6048 -16 c3 -29 -20 -54 -43 -45 -18 7 -20
+47 -3 64 19 19 43 10 46 -19z m-4653 -22 c43 -24 53 -51 20 -54 -14 -2 -29 10
+-47 37 -32 46 -28 48 27 17z m3229 -22 c-26 -35 -53 -43 -61 -18 -5 13 52 53
+75 53 8 0 3 -14 -14 -35z m-3078 -297 c199 -153 467 -318 1019 -630 28 -15 46
+-28 41 -28 -11 0 -377 193 -526 278 -315 179 -618 409 -825 622 -50 52 -29 36
+71 -54 78 -70 177 -155 220 -188z m3209 251 c-158 -161 -411 -366 -608 -493
+-178 -114 -737 -419 -737 -402 0 3 21 17 48 30 159 81 583 333 787 469 207
+138 286 201 458 364 112 105 142 124 52 32z m-3672 15 c62 -15 77 -25 160 -99
+51 -45 103 -94 115 -108 l24 -25 -74 -6 c-40 -3 -161 -13 -268 -22 -107 -8
+-244 -22 -304 -30 -182 -23 -221 -18 -274 39 -73 78 -7 181 147 227 177 54
+327 61 474 24z m4188 6 c180 -37 265 -82 289 -155 22 -66 -37 -141 -118 -152
+-21 -3 -121 4 -222 16 -102 11 -273 28 -380 36 -107 9 -202 17 -210 18 -21 4
+172 188 220 209 49 23 177 46 258 47 35 1 109 -8 163 -19z m-5221 -139 c15
+-29 12 -87 -5 -101 -32 -27 -66 41 -46 93 12 32 36 35 51 8z m5938 7 c18 -18
+15 -84 -5 -103 -16 -16 -18 -16 -35 5 -22 27 -23 58 -2 88 17 25 25 27 42 10z
+m-4535 -191 c37 -16 306 -206 307 -217 0 -3 -64 -16 -142 -28 -79 -13 -246
+-45 -373 -72 -325 -70 -453 -91 -587 -97 -141 -7 -194 8 -228 61 -38 62 -20
+126 54 194 57 52 110 76 241 107 237 57 370 75 535 71 115 -2 165 -7 193 -19z
+m3666 -21 c251 -51 327 -76 385 -127 50 -44 86 -103 86 -142 0 -35 -40 -89
+-80 -109 -69 -35 -278 -19 -570 43 -341 72 -521 107 -608 119 -51 7 -91 16
+-90 20 2 4 64 53 139 109 172 127 188 132 399 127 130 -3 185 -9 339 -40z
+m-5035 -218 c16 -23 21 -73 10 -102 -8 -22 -41 -20 -54 3 -14 27 -13 94 2 109
+17 17 25 15 42 -10z m5882 -26 c8 -43 -12 -87 -41 -87 -25 0 -38 50 -24 92 18
+55 55 52 65 -5z m-3981 -92 c44 -21 89 -46 100 -54 19 -15 18 -15 -15 -9 -19
+3 -78 16 -130 29 -52 12 -96 21 -98 19 -3 -3 210 -73 363 -119 71 -21 27 -19
+-88 4 -55 11 -102 20 -105 20 -19 -2 69 -31 195 -65 79 -21 141 -40 139 -42
+-2 -2 -53 1 -114 8 -158 16 -159 6 -2 -20 74 -12 145 -26 158 -29 12 -4 -68
+-5 -179 -3 -111 2 -231 0 -267 -5 -73 -8 -110 -3 428 -54 167 -16 211 -28 106
+-29 -123 -2 -734 -39 -901 -56 -82 -8 -233 -28 -335 -45 -280 -47 -430 -68
+-599 -85 -178 -17 -201 -18 -221 -5 -12 7 -11 13 9 34 22 23 198 107 256 122
+14 3 28 10 31 15 3 5 -1 7 -8 5 -44 -14 -250 -46 -259 -40 -16 9 -3 62 27 107
+32 49 130 120 202 147 228 86 965 206 1177 192 33 -2 78 -16 130 -42z m2460
+24 c215 -26 547 -85 700 -123 236 -60 358 -134 400 -245 26 -68 18 -71 -116
+-47 -62 12 -122 21 -134 21 -11 0 36 -23 105 -50 131 -52 200 -96 185 -120
+-16 -25 -324 7 -770 80 -132 22 -305 46 -385 55 -143 15 -788 54 -925 56 -145
+2 21 23 485 63 l145 12 -126 8 c-69 5 -194 7 -278 5 -168 -5 -166 -1 28 32
+156 27 156 36 -1 20 -61 -7 -112 -10 -114 -8 -2 2 74 25 169 51 94 26 179 52
+187 58 13 8 13 9 -1 5 -41 -13 -231 -48 -240 -45 -6 2 56 23 138 47 264 78
+301 99 86 48 -57 -14 -103 -23 -103 -21 0 7 183 97 225 110 45 16 149 12 340
+-12z m-1475 -5 c0 -11 -4 -17 -10 -14 -5 3 -10 13 -10 21 0 8 5 14 10 14 6 0
+10 -9 10 -21z m72 -11 c-9 -9 -12 -7 -12 12 0 19 3 21 12 12 9 -9 9 -15 0 -24z
+m-135 -36 c-14 -17 -22 0 -12 26 5 14 7 14 15 2 5 -9 4 -20 -3 -28z m211 4 c3
+-12 -1 -17 -10 -14 -7 3 -15 13 -16 22 -3 12 1 17 10 14 7 -3 15 -13 16 -22z
+m-168 -66 c0 -5 -4 -10 -9 -10 -5 0 -18 -3 -28 -7 -16 -6 -16 -5 -4 10 15 19
+41 23 41 7z m146 -5 c15 -11 16 -14 3 -15 -8 0 -24 7 -35 15 -15 11 -16 14 -3
+15 8 0 24 -7 35 -15z m-195 -237 c-23 -112 -32 -274 -20 -373 5 -53 8 -99 6
+-101 -7 -7 -35 123 -42 191 -7 71 7 183 36 278 24 80 36 83 20 5z m229 -49
+c26 -95 29 -267 5 -360 -9 -35 -21 -68 -27 -74 -7 -7 -8 -4 -4 10 3 11 11 63
+17 115 12 103 7 212 -16 321 -26 123 -11 116 25 -12z m-2965 -46 c8 -39 3 -41
+-25 -11 -19 21 -27 68 -13 82 9 8 28 -29 38 -71z m5715 43 c0 -25 -35 -76 -51
+-76 -11 0 -6 22 17 78 15 36 34 35 34 -2z m-2969 -101 l-8 -90 -2 66 c0 37 2
+82 6 100 11 57 13 19 4 -76z m187 -20 c-1 -70 -1 -70 -8 -20 -5 28 -8 70 -8
+95 0 37 1 40 8 20 4 -14 8 -56 8 -95z m-403 -97 c35 -28 63 -54 60 -56 -6 -6
+-100 48 -137 79 -30 26 -31 28 -11 29 12 0 52 -23 88 -52z m715 47 c0 -7 -152
+-105 -163 -105 -15 0 3 18 64 64 52 40 99 59 99 41z m-923 -72 c2 -6 -25 -16
+-59 -22 -35 -7 -128 -29 -208 -49 -180 -45 -291 -48 -470 -9 l-115 24 55 6
+c30 4 123 14 205 22 179 19 451 60 485 74 20 7 33 4 65 -14 21 -12 41 -27 42
+-32z m1178 32 c91 -19 340 -51 533 -69 85 -8 156 -16 158 -18 8 -9 -275 -58
+-331 -58 -33 0 -109 12 -170 26 -60 14 -165 38 -233 53 -114 25 -122 28 -105
+42 23 20 55 38 68 39 6 0 42 -7 80 -15z m-1075 -103 c0 -4 -41 -25 -90 -47
+-50 -21 -89 -39 -87 -41 1 -2 47 10 101 26 54 15 95 26 93 24 -3 -3 -29 -21
+-58 -39 -67 -43 -58 -45 21 -5 33 17 62 30 66 30 3 0 -29 -29 -73 -63 -131
+-106 -138 -126 -13 -37 130 94 122 80 -55 -97 -181 -180 -325 -299 -451 -369
+-164 -92 -417 -170 -470 -145 -55 25 -15 121 97 228 56 55 89 98 121 156 31
+59 69 107 138 178 111 113 104 110 384 163 239 46 276 51 276 38z m1061 -32
+c316 -58 307 -54 420 -169 73 -73 105 -115 137 -177 31 -59 62 -100 117 -153
+85 -82 115 -132 115 -190 0 -34 -4 -42 -24 -47 -91 -22 -410 103 -596 234 -71
+50 -501 450 -494 460 2 3 170 -112 197 -136 9 -8 17 -12 17 -9 0 8 -90 92
+-140 130 -22 17 -38 32 -36 34 1 2 29 -10 62 -27 79 -40 92 -38 25 5 -29 18
+-55 36 -58 38 -2 3 37 -8 89 -24 51 -16 96 -28 101 -26 4 1 -33 20 -83 41 -91
+39 -117 56 -82 56 11 0 116 -18 233 -40z m-1959 0 c54 -10 105 -23 113 -28 12
+-6 -27 -21 -132 -51 -168 -49 -428 -149 -583 -224 -58 -29 -108 -53 -112 -55
+-4 -2 3 16 17 40 30 55 39 105 25 142 -9 24 -15 28 -40 24 -17 -3 -30 -4 -30
+-3 0 12 190 121 255 147 102 41 300 44 487 8z m2972 20 c100 -10 188 -46 307
+-126 68 -45 103 -78 58 -54 -20 11 -25 10 -42 -11 -23 -29 -19 -79 12 -141 11
+-23 19 -43 18 -45 -2 -1 -46 20 -98 47 -174 90 -429 185 -684 255 -70 20 -64
+25 48 50 143 32 252 39 381 25z m-2789 -180 c-94 -95 -108 -105 -240 -172
+-241 -122 -443 -245 -604 -367 -100 -76 -116 -84 -141 -71 -41 22 -65 173 -35
+229 48 94 317 255 586 351 166 60 429 128 504 129 28 1 24 -4 -70 -99z m2410
+53 c268 -68 450 -141 640 -254 217 -129 261 -197 220 -337 -16 -52 -37 -82
+-58 -82 -7 0 -73 45 -147 100 -160 118 -323 217 -559 339 -155 80 -181 97
+-252 168 -44 43 -85 87 -91 97 -10 18 -7 19 48 12 33 -4 122 -23 199 -43z
+m-1615 -179 c-185 -458 -295 -764 -329 -914 -24 -106 -54 -296 -49 -311 2 -7
+19 39 37 102 91 312 193 585 296 794 52 106 51 102 -31 -214 -35 -134 -63
+-246 -61 -247 2 -2 32 81 67 186 36 104 66 188 67 186 6 -6 -37 -214 -57 -275
+-50 -152 -315 -693 -360 -733 -43 -40 -99 -52 -167 -37 -30 7 -57 19 -60 26
+-3 7 15 69 41 138 25 69 82 245 127 393 98 321 137 428 217 590 54 108 184
+322 196 322 2 0 -29 -72 -70 -161 -42 -89 -74 -163 -72 -164 2 -2 29 45 61
+103 64 117 159 273 164 268 2 -2 -6 -25 -17 -52z m254 20 c41 -41 40 -58 -1
+-28 -22 16 -51 64 -39 64 2 0 20 -16 40 -36z m169 -14 c-10 -10 -29 -21 -43
+-25 -22 -6 -20 -3 15 32 28 28 41 35 43 25 2 -8 -4 -22 -15 -32z m374 -206
+c31 -57 58 -102 60 -100 2 2 -26 68 -62 147 -37 79 -69 151 -72 159 -9 26 55
+-70 124 -185 116 -195 176 -342 283 -700 39 -129 96 -307 126 -396 31 -88 53
+-163 50 -166 -3 -3 -30 -11 -60 -18 -78 -18 -136 -3 -183 47 -31 32 -295 575
+-332 680 -31 89 -65 246 -59 274 2 9 29 -64 61 -161 33 -97 61 -175 63 -173 2
+2 -17 80 -42 173 -25 94 -54 208 -65 255 -11 47 -22 94 -24 105 -8 30 69 -132
+134 -285 58 -135 125 -328 200 -575 46 -151 51 -135 16 60 -34 193 -64 299
+-147 515 -39 102 -103 271 -143 375 -40 105 -76 199 -80 210 -12 35 93 -132
+152 -241z m-2697 199 c-1 -22 -23 -53 -39 -53 -16 0 -13 31 6 52 20 23 33 23
+33 1z m4494 -5 c20 -28 20 -48 1 -48 -16 0 -35 30 -35 54 0 23 16 20 34 -6z
+m-3504 -25 c-1 -26 -62 -108 -125 -166 -81 -74 -121 -141 -131 -219 -6 -47
+-10 -52 -129 -157 -67 -60 -166 -157 -220 -215 -114 -122 -127 -127 -185 -68
+-31 30 -40 51 -56 115 l-18 79 24 45 c67 125 452 413 735 549 93 45 105 49
+105 37z m2747 -123 c254 -146 551 -395 585 -491 8 -21 -14 -125 -37 -172 -21
+-44 -59 -77 -89 -77 -15 0 -59 37 -132 111 -60 61 -159 158 -220 215 -102 96
+-112 108 -118 149 -12 77 -60 157 -140 231 -67 63 -123 143 -110 157 9 8 138
+-53 261 -123z m-1562 10 c3 -5 -1 -10 -9 -10 -9 0 -16 5 -16 10 0 6 4 10 9 10
+6 0 13 -4 16 -10z m130 0 c-3 -5 -11 -10 -16 -10 -6 0 -7 5 -4 10 3 6 11 10
+16 10 6 0 7 -4 4 -10z m-2395 -28 c0 -29 -24 -72 -41 -72 -15 0 -10 53 7 78
+21 30 34 28 34 -6z m3103 -104 c56 -40 74 -61 122 -143 111 -188 262 -529 304
+-685 40 -149 45 -277 12 -337 -13 -25 -60 -53 -87 -53 -9 0 -33 10 -54 21 -71
+40 -105 131 -220 587 -78 309 -125 456 -200 625 -28 61 -50 112 -50 114 0 2
+24 -15 53 -39 30 -24 83 -64 120 -90z m1566 118 c16 -19 26 -86 14 -86 -24 0
+-61 69 -48 90 9 14 20 13 34 -4z m-3004 -90 c-69 -149 -129 -334 -205 -636
+-130 -513 -173 -605 -281 -605 -54 0 -95 43 -104 109 -22 143 72 445 245 785
+123 242 141 269 217 321 37 25 87 62 112 82 25 21 49 37 53 38 4 0 -13 -42
+-37 -94z m611 -54 c-9 -8 -26 10 -26 26 1 15 2 15 15 -2 8 -11 13 -21 11 -24z
+m108 14 c-3 -9 -10 -13 -16 -10 -5 3 -4 12 3 20 15 18 22 13 13 -10z m-1068
+-205 c-79 -156 -133 -282 -220 -511 -84 -221 -104 -266 -137 -302 -65 -68
+-197 -9 -229 103 -28 95 77 310 276 569 110 144 155 184 259 229 50 22 96 40
+103 40 7 1 -16 -55 -52 -128z m2134 53 c93 -51 356 -412 429 -589 14 -33 26
+-87 29 -120 3 -52 0 -65 -23 -100 -36 -54 -69 -77 -121 -83 -80 -9 -108 29
+-199 268 -83 219 -146 371 -222 529 -40 85 -73 158 -73 162 0 10 120 -35 180
+-67z m-1180 31 c10 -12 10 -15 -4 -15 -9 0 -16 7 -16 15 0 8 2 15 4 15 2 0 9
+-7 16 -15z m-2307 -32 c48 -78 60 -162 33 -228 -8 -19 -16 -35 -18 -35 -2 0
+-4 25 -5 56 -1 40 -11 75 -37 131 -20 41 -36 84 -36 94 0 33 38 22 63 -18z
+m2422 27 c-3 -5 -11 -10 -16 -10 -6 0 -7 5 -4 10 3 6 11 10 16 10 6 0 7 -4 4
+-10z m2355 -4 c0 -8 -14 -44 -31 -80 -17 -36 -36 -98 -42 -137 l-11 -72 -12
+34 c-28 77 -8 195 43 251 19 21 53 24 53 4z m-3657 -68 c-6 -7 -58 -74 -117
+-148 -121 -152 -212 -285 -281 -410 -25 -46 -52 -88 -58 -92 -39 -25 -111 8
+-153 71 -23 35 -26 49 -22 99 3 50 11 70 53 133 62 92 245 280 303 308 27 14
+79 26 135 32 51 6 94 13 96 15 2 2 15 4 29 4 18 0 22 -3 15 -12z m2631 -8 c53
+-7 92 -17 122 -35 90 -53 242 -214 317 -337 42 -70 48 -126 20 -185 -21 -46
+-86 -93 -128 -93 -39 0 -53 15 -98 105 -52 103 -145 242 -270 400 -61 77 -116
+146 -121 154 -9 12 -4 13 34 7 25 -4 80 -11 124 -16z m-1434 -72 c0 -13 -23
+-5 -28 10 -2 7 2 10 12 6 9 -3 16 -11 16 -16z m105 3 c-3 -6 -11 -11 -17 -11
+-6 0 -6 6 2 15 14 17 26 13 15 -4z m-105 -122 c0 -6 -4 -7 -10 -4 -5 3 -10 11
+-10 16 0 6 5 7 10 4 6 -3 10 -11 10 -16z m92 -1 c-7 -7 -12 -8 -12 -2 0 14 12
+26 19 19 2 -3 -1 -11 -7 -17z m-85 -74 c-3 -3 -12 -4 -19 -1 -8 3 -5 6 6 6 11
+1 17 -2 13 -5z m-2217 -84 c49 -26 91 -150 80 -234 l-5 -40 -18 60 c-20 66
+-70 149 -98 165 -23 12 -24 23 -3 43 18 19 20 19 44 6z m4545 -6 c14 -15 13
+-19 -19 -55 -40 -43 -68 -95 -87 -157 -10 -35 -14 -40 -22 -26 -23 41 24 197
+71 234 30 24 36 25 57 4z m-219 -418 c22 -17 27 -12 -61 -68 -39 -25 -92 -69
+-119 -99 -37 -41 -47 -48 -41 -29 26 92 97 181 157 199 45 13 42 13 64 -3z
+m-4050 -17 c38 -23 85 -86 102 -138 19 -55 15 -54 -46 7 -31 33 -80 71 -109
+85 -28 15 -54 31 -58 37 -21 34 60 41 111 9z m383 -250 c32 -18 96 -87 88 -95
+-2 -2 -22 6 -44 17 -23 11 -71 25 -107 31 -69 11 -77 19 -49 50 21 24 67 23
+112 -3z m3301 -6 c20 -26 20 -28 3 -34 -10 -4 -36 -8 -58 -9 -36 -1 -68 -10
+-129 -35 -36 -15 15 54 59 81 54 33 98 32 125 -3z m-2480 1 c0 -15 -23 -45
+-43 -56 -14 -8 -64 -13 -133 -13 -101 0 -110 1 -101 17 18 28 54 38 140 39 45
+0 91 4 102 9 24 10 35 12 35 4z m1678 -14 c91 0 121 -10 142 -50 10 -18 8 -19
+-17 -9 -15 5 -66 9 -114 7 -76 -3 -91 0 -116 18 -15 12 -29 29 -31 38 -3 13 1
+14 23 6 14 -5 66 -10 113 -10z m-2068 -25 c9 -11 10 -19 3 -26 -13 -13 -63 9
+-63 28 0 18 45 17 60 -2z m2375 6 c7 -12 -34 -41 -57 -41 -21 0 -24 20 -6 38
+14 14 54 16 63 3z m-2566 -121 c18 -9 48 -66 40 -75 -3 -2 -27 10 -54 27 -46
+28 -48 31 -30 44 22 17 22 17 44 4z m410 -16 c-13 -16 -49 -19 -49 -4 0 13 31
+29 47 23 10 -4 11 -9 2 -19z m2338 11 c6 -16 -7 -29 -59 -60 -27 -16 -28 -15
+-28 5 0 25 42 70 65 70 9 0 18 -7 22 -15z m-413 -11 c5 -12 0 -15 -21 -12 -14
+2 -28 9 -31 16 -6 18 45 15 52 -4z m-2059 -33 c8 -14 -36 -41 -67 -41 -34 0
+-36 13 -6 34 25 18 64 21 73 7z m2228 -13 l22 -23 -28 -3 c-31 -4 -81 23 -72
+38 11 18 55 10 78 -12z"/>
+<path d="M4480 6591 c0 -22 124 -316 156 -371 18 -30 65 -98 105 -150 154
+-200 229 -303 260 -358 18 -31 35 -50 37 -44 6 20 -93 171 -203 310 -188 238
+-229 310 -271 470 -14 53 -31 108 -37 122 -12 25 -47 41 -47 21z"/>
+</g>
+</svg>
diff --git a/pubspec.yaml b/pubspec.yaml
index 056a4fdfa4..d29bd4f52b 100644
--- a/pubspec.yaml
+++ b/pubspec.yaml
@@ -15,6 +15,7 @@ workspace:
   - pkg/indexed_blob
   - pkg/pub_package_reader
   - pkg/puppeteer_screenshots
+  - pkg/image_proxy
 
 dev_dependencies:
   lints: ^6.0.0