Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update dependency hono to v3 - autoclosed #161

Closed
wants to merge 1 commit into from
Closed

fix(deps): update dependency hono to v3 - autoclosed #161

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Feb 21, 2023
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
hono (source) 2.7.8 -> 3.12.12 age adoption passing confidence

Release Notes

honojs/hono (hono)

v3.12.12

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.12.11...v3.12.12

v3.12.11

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v3.12.10...v3.12.11

v3.12.10

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.12.9...v3.12.10

v3.12.9

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v3.12.8...v3.12.9

v3.12.8

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.12.7...v3.12.8

v3.12.7

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.12.6...v3.12.7

v3.12.6

Compare Source

What's Changed
New Contributors

Full Changelog: honojs/hono@v3.12.5...v3.12.6

v3.12.5

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.12.4...v3.12.5

v3.12.4

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.12.3...v3.12.4

v3.12.3

Compare Source

What's Changed
New Contributors

Full Changelog: honojs/hono@v3.12.2...v3.12.3

v3.12.2

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v3.12.1...v3.12.2

v3.12.1

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v3.12.0...v3.12.1

v3.12.0

Compare Source

Hono v3.12.0 is now available! Let's take a look at the new features.

CSRF Protection Middleware

This release introduces CSRF Protection Middleware. It is easy to use and can prevent CSRF attacks by simply writing like the following:

import { csrf } from 'hono/csrf'

// ...

app.use('*', csrf())

CSRF Protection Middleware compares the Origin header value with the request URL. This is the same method used by SvelteKit and is valid in many situations except when using older browsers.

Thanks to @​usualoma! And, the original idea for CSRF Protection was suggested by @​htunnicliff. Thanks!

css Helper

We created a built-in CSS in JS(X). It's "hono/css".

The css helper can be used with JSX. You can write the CSS in a css template literal tag and specify the returned value as the class value and it will be applied to that element.

app.get('/', (c) => {
  const headerClass = css`
    background-color: orange;
    color: white;
    padding: 1rem;
  `
  return c.html(
    <html>
      <head>
        <Style />
      </head>
      <body>
        <h1 class={headerClass}>Hello!</h1>
      </body>
    </html>
  )
})

If you use VS Code, you can use vscode-styled-components for Syntax highlighting and IntelliSense for css tagged literals.

SS

By combining keyframes and JSX rendering, you can create a like button without JavaScript!

Like button

Also, you can use a CSS-generating design tool such as Figma to create components even if you are not a CSS guru.

You can use other CSS in JS libraries in Hono, such as Panda CSS. However, hono/css can be used by simply importing the hono package, and Async components and Suspense are also supported.

Thanks to @​usualoma!

stream.onAbort()

c.stream() is now deprecated and you should use stream() in Streaming Helper. And, stream.abort() has been added.

app.get('/stream', (c) => {
  return stream(c, async (stream) => {
    stream.onAbort(() => {
      console.log('Aborted!')
    })
    // ...
  })
})

Thanks to @​sor4chi!

onNotFound option for serveStatic

Cloudflare Workers, Deno, and Bun serveStatic now have an onNotFound option. You can write a handle when a file is not found.

app.get(
  '/static/*',
  serveStatic({
    onNotFound: (path, c) => {
      console.log(`${path} is not found, you access ${c.req.path}`)
    }
  })
)

Thanks to @​Th1nkK1D!

colorize option for showRoutes()

The colorize option has been added to the showRoutes function in hono/dev. If you set this value to false, the output will not be colored, which can be used when you want to log output, etc.

import { showRoutes } from 'hono/dev'

showRoutes(app, {
  colorize: false
})

Other new features

  • feat(dev): add getRouterName()
  • feat(helper): export SSEStreamingApi and SSEMessage. Thanks to @​thanks to @​watany-dev!
  • feat(client): add param option to $url()

All Updates

New Contributors

Full Changelog: honojs/hono@v3.11.12...v3.12.0

v3.11.12

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.11.11...v3.11.12

v3.11.11

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.11.10...v3.11.11

v3.11.10

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.11.9...v3.11.10

v3.11.9

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v3.11.8...v3.11.9

v3.11.8

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.11.7...v3.11.8

v3.11.7

Compare Source

Security Update

This release includes a security patch that fixes the vulnerability in TrieRouter.

If you are using the default preset or hono/quick, or specifying the router as TrieRouter, you must upgrade to this version 3.11.7 immediately.

How to upgrade

For Deno

Just increment the version specifier to v3.11.7.

import { Hono } from 'https://deno.land/x/[email protected]/mod.ts'
import { serveStatic } from 'https://deno.land/x/[email protected]/middleware.ts'
For Node.js

Upgrade the hono package via npm:

npm install hono

// OR

yarn add hono

// OR

pnpm up hono

You may not update the hono package with npm update, so please use npm install.

The vulnerability detail

The clients may override named path parameter values from previous requests if the application is using TrieRouter. So, there is a risk that a privileged user may use unintended parameters when deleting REST API resources.

TrieRouter is used either explicitly or when the application matches a pattern that is not supported by the default RegExpRouter.

The advisory: GHSA-f6gv-hh8j-q8vq

Our Approach to Security

If you discover such a vulnerability, please contact us immediately. We will respond immediately; we have enabled GitHub's private vulnerability reporting feature, so please use that.

https://github.com/honojs/hono/security/advisories

Thanks.

Full Changelog: honojs/hono@v3.11.6...v3.11.7

v3.11.6

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.11.5...v3.11.6

v3.11.5

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v3.11.4...v3.11.5

v3.11.4

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.11.3...v3.11.4

v3.11.3

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v3.11.2...v3.11.3

v3.11.2

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v3.11.1...v3.11.2

v3.11.1

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.11.0...v3.11.1

v3.11.0

Compare Source

Hono v3.11.0 is now available! Let's take a look at the new features.

ErrorBoundary

This release introduces the new JSX component ErrorBoundary. It allows you to catch errors in child components.

For instance, in the example below, it will display the content specified in fallback if an error occurs.

import { ErrorBoundary } from 'hono/jsx'

// ...

function SyncComponent() {
  throw new Error('Error')
  return <div>Hello</div>
}

app.get('/sync', async (c) => {
  return c.html(
    <html>
      <body>
        <ErrorBoundary fallback={<div>Out of Service</div>}>
          <SyncComponent />
        </ErrorBoundary>
      </body>
    </html>
  )
})

ErrorBoundary can be used with asynchronous components and Suspense as well.

async function AsyncComponent() {
  await new Promise((resolve) => setTimeout(resolve, 2000))
  throw new Error('Error')
  return <div>Hello</div>
}

app.get('/with-suspense', async (c) => {
  return c.html(
    <html>
      <body>
        <ErrorBoundary fallback={<div>Out of Service</div>}>
          <Suspense fallback={<div>Loading...</div>}>
            <AsyncComponent />
          </Suspense>
        </ErrorBoundary>
      </body>
    </html>
  )
})

Thanks to @​usualoma!

createFactory() and createHandlers()

The Factory helper now provides createFactory(), which creates an instance of the Factory class.

import { createFactory } from 'hono/factory'

const factory = createFactory()

createHandlers() in a Factory class instance assists in defining handlers.

import { createFactory } from 'hono/factory'
import { logger } from 'hono/logger'

// ...

const factory = createFactory<Env>()

const middleware = factory.createMiddleware(async (c, next) => {
  c.set('foo', 'bar')
  await next()
})

const handlers = factory.createHandlers(logger(), middleware, (c) => {
  return c.json(c.var.foo)
})

app.get('/api', ...handlers)

Dev Helper

Dev Helper is now available.

Instead of using app.showRoutes(), the showRoutes() function exported from hono/dev will display the registered routes in your console.

Consider an application like the following:

import { showRoutes } from 'hono/dev'

// ...

const app = new Hono().basePath('/v1')

app.get('/posts', (c) => {
  // ...
})

app.get('/posts/:id', (c) => {
  // ...
})

app.post('/posts', (c) => {
  // ...
})

showRoutes(app)

When this application starts, the routes will be displayed in your console as follows:

GET   /v1/posts
GET   /v1/posts/:id
POST  /v1/posts

Thanks to @​usualoma!

app.showRoutes has been deprecated.

c.json() supports RPC

c.json() now supports RPC, meaning you no longer need to use c.jsonT() for RPC-mode.

SS

c.jsonT() has been deprecated.

Thanks to @​usualoma!

c.req.routePath

You can retrieve the registered path within the handler as shown below:

app.get('/posts/:id', (c) => {
  return c.json({ path: c.req.routePath })
})

If you access /posts/123, it will return /posts/:id:

{ "path": "/posts/:id" }

Thanks to @​usualoma!

Other new features

All Updates

New Contributors

Full Changelog: honojs/hono@v3.10.5...v3.11.0

v3.10.5

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.10.4...v3.10.5

v3.10.4

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.10.3...v3.10.4

v3.10.3

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v3.10.2...v3.10.3

v3.10.2

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v3.10.1...v3.10.2

v3.10.1

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.10.0...v3.10.1

v3.10.0

Compare Source

Hono v3.10.0 is now available! Let's explore the new features.

Support for Async Components in JSX

Hono's JSX now supports Async Components. You can use async/await in your components.

const fetchData = async () => {
  const res = await fetch('https://jsonplaceholder.typicode.com/todos/1')
  return res.json<{ title: string }>()
}

const Component = async () => {
  const data = await fetchData()
  return <div>{data.title}</div>
}

app.get('/', (c) => {
  return c.html(
    <html>
      <body>
        <h1>Hono v3.10.0</h1>
        <Component />
      </body>
    </html>
  )
})

Thanks, @​usualoma!

Introduction of Suspense and renderToReadableStream()

With the Async Component, as shown above, it will await until fetch is completed. But now, if you want to render HTML before that, you can use Suspense.

When you use Suspense with renderToReadableStream(), it initially renders the content in fallback. After the Promise in Suspense is resolved, the real content is rendered.

import { renderToReadableStream, Suspense } from 'hono/jsx/streaming'

// ...

app.get('/', (c) => {
  const stream = renderToReadableStream(
    <html>
      <body>
        <h1>Hono v3.10.0</h1>
        <Suspense fallback={<div>loading...</div>}>
          <Component />
        </Suspense>
      </body>
    </html>
  )
  return c.body(stream, {
    headers: {
      'Content-Type': 'text/html; charset=UTF-8',
      'Transfer-Encoding': 'chunked'
    }
  })
})

If you make Component sleep for 2 seconds, the result will be as follows:

Area.mp4

Thanks, @​usualoma!

JSX Renderer Middleware Now Supports stream

The JSX Renderer Middleware now supports stream, allowing you to use Suspense with it. You can return streaming responses without renderToReadableStream() and without writing header values such as Transfer-Encoding: chunked.

import { jsxRenderer } from 'hono/jsx-renderer'

// ...

app.get(
  '*',
  jsxRenderer(
    ({ children }) => {
      return (
        <html>
          <body>
            <h1>Hono v3.10.0</h1>
            {children}
          </body>
        </html>
      )
    },
    {
      stream: true
    }
  )
)

app.get('/', (c) => {
  return c.render(
    <Suspense fallback={<div>loading...</div>}>
      <Component />
    </Suspense>
  )
})

Thanks, @​usualoma!

AWS Lambda Adapter Now Supports Streaming Response

The streamHandle is now available in the AWS Lambda adapter. With this, AWS Lambda can handle streaming responses.

import { Hono } from 'hono'
import { streamHandle } from 'hono/aws-lambda'

const app = new Hono()

app.get('/stream', async (c) => {
  return c.streamText(async (stream) => {
    for (let i = 0; i < 3; i++) {
      await stream.writeln(`${i}`)
      await stream.sleep(1)
    }
  })
})

const handler = streamHandle(app)

Thanks, @​watany-dev!

Support @jsx precompile for Deno

Now, Hono's JSX supports the precompile feature for Deno. To enable it, write deno.json as follows.

{
  "compilerOptions": {
    "jsx": "precompile",
    "jsxImportSource": "hono/jsx"
  },
  "imports": {
    "hono/jsx/jsx-runtime": "https://deno.land/x/[email protected]/jsx/jsx-runtime.ts"
  }
}

Thanks, @​usualoma!

Ecosystem

The ecosystem is evolving. Today, we introduce one framework using Hono.

  • Ree.js https://ree.js.org/ - Ree.js is a library that makes web development faster and easier by providing features such as URL Imports, JSX support, and server-side rendering.

All Updates

New Contributors

Full Changelog: honojs/hono@v3.9.2...v3.10.0

v3.9.2

Compare Source

Security Update for Windows

This release includes a security patch that fixes the vulnerability for serveStatic on Windows OS. If you run a Hono app on Windows with Deno or Node.js, you must upgrade to this version 3.9.2 immediately.

Note: You don't need upgrade it right now if you run it on Cloudflare, Deno on Linux/Unix/macOS, Deno Deploy, Bun, or Node.js on Linux/Unix/macOS.

How to upgrade

For Deno

Just increment the version specifier to v3.9.2.

import { Hono } from 'https://deno.land/x/[email protected]/mod.ts'
import { serveStatic } from 'https://deno.land/x/[email protected]/middleware.ts'
For Node.js

Upgrade the hono package via npm:

npm install hono

// OR

yarn add hono

// OR

pnpm up hono

You may not update the hono package with npm update, so please use npm install.

Our Approach to Security

If you discover such a vulnerability, please contact us immediately. We will respond immediately; we have enabled GitHub's private vulnerability reporting feature, so please use that.

https://github.com/honojs/hono/security/advisories

Thanks.

What's Changed

Full Changelog: honojs/hono@v3.9.1...v3.9.2

v3.9.1

Compare Source

What's Changed

Full Changelog: honojs/hono@v3.9.0...v3.9.1

v3.9.0

Compare Source

Release Notes

Hono v3.9.0 is out now! Let's take a look at what's new.

Improving the Developer Experience for JSX

Now we have the types for JSX.

Type definitions for JSX intrinsic elements are available. So, you can write your JSX with type annotation.

Screenshot 2023-10-27 at 16 03 54 Screenshot 2023-10-27 at 16 04 30

You can also override the definitions to add your custom elements and attributes.

declare global {
  namespace JSX {
    interface IntrinsicElements {
      'my-custom-element': Hono.HTMLAttributes & {
        'x-event'?: 'click' | 'scroll'
      }
    }
  }
}

Clerk Middleware

Now Clerk Middleware is available! You can use Clerk for authentication in your application.

import { clerkMiddleware, getAuth } from '@&#8203;hono/clerk-auth'
import { Hono } from 'hono'

const app = new Hono()

app.use('*', clerkMiddleware())
app.get('/', (c) => {
  const auth = getAuth(c)

  if (!auth?.userId) {
    return c.json({
      message: 'You are not logged in.'
    })
  }

  return c.json({
    message: 'You are logged in!',
    userId: auth.userId
  })
})

export default app

Thanks @​octoper!

New Starter Template for Cloudflare Pages

The Cloudflare Pages starter template is now Vite-based! You can develop truly full-stack applications quickly and fast thanks to Vite's HMR.

SC

It uses Hono's original dev-server provided by @​hono/vite-dev-server. And uses @​hono/vite-cloudflare-pages for building the application. The config file is very neat.

import { defineConfig } from 'vite'
import devServer from '@&#8203;hono/vite-dev-server'
import pages from '@&#8203;hono/vite-cloudflare-pages'

export default defineConfig({
  plugins: [
    pages(),
    devServer({
      entry: 'src/index.tsx'
    })
  ]
})

You can use it with the create hono command:

npm create hono@latest

Ecosystem

The ecosystem has evolved. We introduce two products for Hono and one framework using Hono. Try them!

All Updates

v3.8.4

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v3.8.3...v3.8.4

[`v3.

@renovate
Copy link
Contributor Author

renovate bot commented Feb 21, 2023
edited
Loading

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: hono/package-lock.json
npm ERR! code ERESOLVE
npm ERR! ERESOLVE could not resolve
npm ERR! 
npm ERR! While resolving: @honojs/[email protected]
npm ERR! Found: [email protected]
npm ERR! node_modules/hono
npm ERR!   hono@"3.12.12" from the root project
npm ERR! 
npm ERR! Could not resolve dependency:
npm ERR! peer hono@"^2.6.1" from @honojs/[email protected]
npm ERR! node_modules/@honojs/graphql-server
npm ERR!   @honojs/graphql-server@"0.1.2" from the root project
npm ERR! 
npm ERR! Conflicting peer dependency: [email protected]
npm ERR! node_modules/hono
npm ERR!   peer hono@"^2.6.1" from @honojs/[email protected]
npm ERR!   node_modules/@honojs/graphql-server
npm ERR!     @honojs/graphql-server@"0.1.2" from the root project
npm ERR! 
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR! 
npm ERR! See /tmp/renovate/cache/others/npm/eresolve-report.txt for a full report.

npm ERR! A complete log of this run can be found in:
npm ERR!     /tmp/renovate/cache/others/npm/_logs/2024-02-07T19_21_24_038Z-debug-0.log

@renovate renovate bot force-pushed the renovate/hono-3.x branch 2 times, most recently from 5eaf0f6 to a52ce31 Compare February 25, 2023 07:52
@renovate renovate bot force-pushed the renovate/hono-3.x branch from a52ce31 to 4dfb7d9 Compare March 2, 2023 14:57
@renovate renovate bot force-pushed the renovate/hono-3.x branch 4 times, most recently from 220f1de to 7b82b30 Compare March 19, 2023 09:37
@renovate renovate bot force-pushed the renovate/hono-3.x branch 2 times, most recently from 801c29f to da4c130 Compare March 26, 2023 13:42
@renovate renovate bot force-pushed the renovate/hono-3.x branch 2 times, most recently from bebab7c to 9175d01 Compare March 31, 2023 09:57
@renovate renovate bot force-pushed the renovate/hono-3.x branch from 9175d01 to a99777c Compare April 17, 2023 00:20
@renovate renovate bot force-pushed the renovate/hono-3.x branch 2 times, most recently from 4876bd2 to 1c629d3 Compare May 2, 2023 08:15
@renovate renovate bot force-pushed the renovate/hono-3.x branch 3 times, most recently from 66b8f95 to de4a2d4 Compare May 24, 2023 11:22
@renovate renovate bot force-pushed the renovate/hono-3.x branch from de4a2d4 to 6680374 Compare May 28, 2023 00:14
@renovate renovate bot force-pushed the renovate/hono-3.x branch 2 times, most recently from e80be11 to 24608ab Compare June 7, 2023 15:08
@renovate renovate bot force-pushed the renovate/hono-3.x branch 2 times, most recently from d0083e2 to aeb2ae7 Compare June 29, 2023 13:43
@renovate renovate bot force-pushed the renovate/hono-3.x branch 2 times, most recently from af55296 to e263416 Compare July 16, 2023 06:53
@renovate renovate bot force-pushed the renovate/hono-3.x branch 3 times, most recently from 7810be8 to 2b98217 Compare July 27, 2023 03:30
@renovate renovate bot force-pushed the renovate/hono-3.x branch 2 times, most recently from a468e83 to 8c3b2ea Compare August 8, 2023 04:51
@renovate renovate bot force-pushed the renovate/hono-3.x branch 5 times, most recently from 37190be to 71f5fe3 Compare December 9, 2023 09:41
@renovate renovate bot force-pushed the renovate/hono-3.x branch 4 times, most recently from 4905dde to 92543f6 Compare December 16, 2023 22:46
@renovate renovate bot force-pushed the renovate/hono-3.x branch 3 times, most recently from be482b3 to 5e435da Compare December 26, 2023 21:59
@renovate renovate bot force-pushed the renovate/hono-3.x branch 2 times, most recently from 36ac37a to 1e1c88a Compare January 4, 2024 16:43
@renovate renovate bot force-pushed the renovate/hono-3.x branch 5 times, most recently from b852e8b to 85625a1 Compare January 16, 2024 06:01
@renovate renovate bot force-pushed the renovate/hono-3.x branch 2 times, most recently from 11b941f to 9ef453a Compare January 25, 2024 03:52
@renovate renovate bot force-pushed the renovate/hono-3.x branch 3 times, most recently from 22a43bf to 531d0eb Compare February 2, 2024 13:55
@renovate renovate bot force-pushed the renovate/hono-3.x branch from 531d0eb to fd6ffc8 Compare February 5, 2024 16:03
@renovate renovate bot force-pushed the renovate/hono-3.x branch from fd6ffc8 to fddf21e Compare February 7, 2024 19:21
@renovate renovate bot changed the title fix(deps): update dependency hono to v3 fix(deps): update dependency hono to v3 - autoclosed Feb 9, 2024
@renovate renovate bot closed this Feb 9, 2024
@renovate renovate bot deleted the renovate/hono-3.x branch February 9, 2024 06:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants