-
-
Notifications
You must be signed in to change notification settings - Fork 5
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): update dependency hono to ^4.6.5 #317
base: main
Are you sure you want to change the base?
Conversation
The latest updates on your projects. Learn more about Vercel for Git ↗︎ 1 Skipped Deployment
|
Important Review skippedBot user detected. To trigger a single review, invoke the You can disable this status message by setting the 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
ea74270
to
aa09b85
Compare
9c608a3
to
0f0b13a
Compare
0f0b13a
to
5525a53
Compare
455e246
to
77c7dd1
Compare
59ae0b8
to
b30529f
Compare
b30529f
to
0e2b2f2
Compare
0e2b2f2
to
796969f
Compare
This PR contains the following updates:
^4.5.5
->^4.6.5
Release Notes
honojs/hono (hono)
v4.6.5
Compare Source
Security fix for CSRF Protection Middleware
This release includes a security fix for CSRF Protection Middleware. If you are using CSRF Protection Middleware, please upgrade this
hono
package immediately.Before this release, a request without a
Content-Type
header can bypass the protection. This fix does not allow it. See: GHSA-2234-fmw7-43wrWhat's Changed
v2
by @yusukebe in https://github.com/honojs/hono/pull/3506Access-Control-Allow-Origin
if there is no matching origin by @uki00a in https://github.com/honojs/hono/pull/3510New Contributors
Full Changelog: honojs/hono@v4.6.4...v4.6.5
v4.6.4
Compare Source
What's Changed
crypto-js
from dev dependencies by @yusukebe in https://github.com/honojs/hono/pull/3447createMiddleware
by @yusukebe in https://github.com/honojs/hono/pull/3498globalThis
by @sapphi-red in https://github.com/honojs/hono/pull/3500override
totoStringToBuffer
in classes extendingJSXNode
by @yusukebe in https://github.com/honojs/hono/pull/3505New Contributors
Full Changelog: honojs/hono@v4.6.3...v4.6.4
v4.6.3
Compare Source
This release has many new features, but each feature is small, so we've released it as a patch release.
What's Changed
runtime_tests
toruntime-tests
by @yusukebe in https://github.com/honojs/hono/pull/3419every
middleware work with short-circuiting middlewares by @paolostyle in https://github.com/honojs/hono/pull/3441renderToString
by @usualoma in https://github.com/honojs/hono/pull/3432New Contributors
Full Changelog: honojs/hono@v4.6.2...v4.6.3
v4.6.2
Compare Source
What's Changed
Full Changelog: honojs/hono@v4.6.1...v4.6.2
v4.6.1
Compare Source
What's Changed
New Contributors
Full Changelog: honojs/hono@v4.6.0...v4.6.1
v4.6.0
Compare Source
Hono v4.6.0 is now available!
One of the highlights of this release is the Context Storage Middleware. Let's introduce it.
Context Storage Middleware
Many users may have been waiting for this feature. The Context Storage Middleware uses
AsyncLocalStorage
to allow handling of the current Context object even outside of handlers.For example, let’s define a Hono app with a variable
message: string
.To enable Context Storage Middleware, register
contextStorage()
as middleware at the top and set themessage
value.getContext()
returns the current Context object, allowing you to get the value of themessage
variable outside the handler.In the case of Cloudflare Workers, you can also access the
Bindings
outside the handler by using this middleware.Thanks @marceloverdijk !
New features
c.env.eventContext
in handleMiddleware https://github.com/honojs/hono/pull/3332WSContext
https://github.com/honojs/hono/pull/3337Content-Encoding
whenstream
is true https://github.com/honojs/hono/pull/3355precompressed
option https://github.com/honojs/hono/pull/3366Promise<string>
or (async)JSX.Element
instreamSSE
https://github.com/honojs/hono/pull/3344onFound
option https://github.com/honojs/hono/pull/3396Other changes
New Contributors
Full Changelog: honojs/hono@v4.5.11...v4.6.0
v4.5.11
Compare Source
What's Changed
Twitter
toX
by @yusukebe in https://github.com/honojs/hono/pull/3354New Contributors
Full Changelog: honojs/hono@v4.5.10...v4.5.11
v4.5.10
Compare Source
What's Changed
New Contributors
Full Changelog: honojs/hono@v4.5.9...v4.5.10
v4.5.9
Compare Source
What's Changed
NO_COLOR
by @ryuapp in https://github.com/honojs/hono/pull/3306type
(MIME) attribute types by @ssssota in https://github.com/honojs/hono/pull/3305Full Changelog: honojs/hono@v4.5.8...v4.5.9
v4.5.8
Compare Source
Security Fix for CSRF Protection Middleware
Before this release, in versions 4.5.7 and below, the CSRF Protection Middleware did not treat requests including
Content-Types
with uppercase letters (e.g.,Application/x-www-form-urlencoded
) as potential attacks, allowing them to pass.This could cause unexpected behavior, leading to a vulnerability. If you are using the CSRF Protection Middleware, please upgrade to version 4.5.8 or higher immediately.
For more details, see the report here: GHSA-rpfr-3m35-5vx5
v4.5.7
Compare Source
What's Changed
target
andformtarget
attribute types by @ssssota in https://github.com/honojs/hono/pull/3299New Contributors
Full Changelog: honojs/hono@v4.5.6...v4.5.7
v4.5.6
Compare Source
What's Changed
New Contributors
Full Changelog: honojs/hono@v4.5.5...v4.5.6
Configuration
📅 Schedule: Branch creation - "before 2pm on Monday" in timezone Europe/London, Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.