-
-
Notifications
You must be signed in to change notification settings - Fork 1.7k
Commit b24a7e6
authored
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4&size=40){kind=avatar}
chore(deps): bump hono from 4.7.10 to 4.9.7 in /dev-packages/e2e-tests/test-applications/cloudflare-hono (#17630)
Bumps [hono](https://github.com/honojs/hono) from 4.7.10 to 4.9.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/honojs/hono/releases">hono's
releases</a>.</em></p>
<blockquote>
<h2>v4.9.7</h2>
<h2>Security</h2>
<ul>
<li>Fixed an issue in the <code>bodyLimit</code> middleware where the
body size limit could be bypassed when both <code>Content-Length</code>
and <code>Transfer-Encoding</code> headers were present. If you are
using this middleware, please update immediately. <a
href="https://github.com/honojs/hono/security/advisories/GHSA-92vj-g62v-jqhh">Security
Advisory</a></li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>fix(client): Fix <code>parseResponse</code> not parsing json in
react native by <a
href="https://github.com/lr0pb"><code>@lr0pb</code></a> in <a
href="https://redirect.github.com/honojs/hono/pull/4399">honojs/hono#4399</a></li>
<li>chore: add <code>.tool-versions</code> file by <a
href="https://github.com/3w36zj6"><code>@3w36zj6</code></a> in <a
href="https://redirect.github.com/honojs/hono/pull/4397">honojs/hono#4397</a></li>
<li>chore: update <code>bun install</code> commands to use
<code>--frozen-lockfile</code> by <a
href="https://github.com/3w36zj6"><code>@3w36zj6</code></a> in <a
href="https://redirect.github.com/honojs/hono/pull/4398">honojs/hono#4398</a></li>
<li>test(jwk): Add tests of JWK token verification by <a
href="https://github.com/buckett"><code>@buckett</code></a> in <a
href="https://redirect.github.com/honojs/hono/pull/4402">honojs/hono#4402</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/lr0pb"><code>@lr0pb</code></a> made
their first contribution in <a
href="https://redirect.github.com/honojs/hono/pull/4399">honojs/hono#4399</a></li>
<li><a href="https://github.com/buckett"><code>@buckett</code></a> made
their first contribution in <a
href="https://redirect.github.com/honojs/hono/pull/4402">honojs/hono#4402</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/honojs/hono/compare/v4.9.6...v4.9.7">https://github.com/honojs/hono/compare/v4.9.6...v4.9.7</a></p>
<h2>v4.9.6</h2>
<h2>Security</h2>
<p>Fixed a bug in URL path parsing (<code>getPath</code>) that could
cause path confusion under malformed requests.</p>
<p>If you rely on reverse proxies (e.g. Nginx) for ACLs or restrict
access to endpoints like <code>/admin</code>, please update
immediately.</p>
<p>See advisory for details: GHSA-9hp6-4448-45g2</p>
<h2>What's Changed</h2>
<ul>
<li>chore: update packages in the router bench by <a
href="https://github.com/yusukebe"><code>@yusukebe</code></a> in <a
href="https://redirect.github.com/honojs/hono/pull/4386">honojs/hono#4386</a></li>
<li>chore(benchmarks): remove comment-out from router bench by <a
href="https://github.com/yusukebe"><code>@yusukebe</code></a> in <a
href="https://redirect.github.com/honojs/hono/pull/4387">honojs/hono#4387</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/honojs/hono/compare/v4.9.5...v4.9.6">https://github.com/honojs/hono/compare/v4.9.5...v4.9.6</a></p>
<h2>v4.9.5</h2>
<h2>What's Changed</h2>
<ul>
<li>chore: replace supertest with undici by <a
href="https://github.com/BarryThePenguin"><code>@BarryThePenguin</code></a>
in <a
href="https://redirect.github.com/honojs/hono/pull/4365">honojs/hono#4365</a></li>
<li>fix(aws-lambda): preserve percent-encoded values in query strings by
<a href="https://github.com/yusukebe"><code>@yusukebe</code></a> in <a
href="https://redirect.github.com/honojs/hono/pull/4372">honojs/hono#4372</a></li>
<li>feat(cors): Allow async functions for <code>origin</code> and
<code>allowMethods</code> by <a
href="https://github.com/jobrk"><code>@jobrk</code></a> in <a
href="https://redirect.github.com/honojs/hono/pull/4373">honojs/hono#4373</a></li>
<li>feat(cors): Correct origin function return type asynchronously
returning null or undefined for origin by <a
href="https://github.com/jobrk"><code>@jobrk</code></a> in <a
href="https://redirect.github.com/honojs/hono/pull/4375">honojs/hono#4375</a></li>
<li>fix(service-worker): correct args for <code>app.fetch</code> in
<code>handle</code> by <a
href="https://github.com/yusukebe"><code>@yusukebe</code></a> in <a
href="https://redirect.github.com/honojs/hono/pull/4374">honojs/hono#4374</a></li>
<li>fix(language-detector): Detect language from path after getPath
changed by <a
href="https://github.com/iflamed"><code>@iflamed</code></a> in <a
href="https://redirect.github.com/honojs/hono/pull/4369">honojs/hono#4369</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/jobrk"><code>@jobrk</code></a> made
their first contribution in <a
href="https://redirect.github.com/honojs/hono/pull/4373">honojs/hono#4373</a></li>
<li><a href="https://github.com/iflamed"><code>@iflamed</code></a> made
their first contribution in <a
href="https://redirect.github.com/honojs/hono/pull/4369">honojs/hono#4369</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/honojs/hono/compare/v4.9.4...v4.9.5">https://github.com/honojs/hono/compare/v4.9.4...v4.9.5</a></p>
<h2>v4.9.4</h2>
<h2>What's Changed</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/honojs/hono/commit/5ece99500fbcdc1026ab7f458f65cbe9eab29a6b"><code>5ece995</code></a>
4.9.7</li>
<li><a
href="https://github.com/honojs/hono/commit/605c70560b52f13af10379f79b76717042fafe8d"><code>605c705</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/honojs/hono/commit/6792789ec06bd14c96ecdf38a368f7d7526e601a"><code>6792789</code></a>
test(jwk): Add tests of JWK token verification (<a
href="https://redirect.github.com/honojs/hono/issues/4402">#4402</a>)</li>
<li><a
href="https://github.com/honojs/hono/commit/2f489b3562cd0d29075062b2ea0648ab92b88727"><code>2f489b3</code></a>
chore: update <code>bun install</code> commands to use
<code>--frozen-lockfile</code> (<a
href="https://redirect.github.com/honojs/hono/issues/4398">#4398</a>)</li>
<li><a
href="https://github.com/honojs/hono/commit/9b0a8f51ed15910b86cd2a6dd8f15b16b45e1c06"><code>9b0a8f5</code></a>
chore: add <code>.tool-versions</code> file (<a
href="https://redirect.github.com/honojs/hono/issues/4397">#4397</a>)</li>
<li><a
href="https://github.com/honojs/hono/commit/5b277d811cc655667683ae60141f739fa40b65e1"><code>5b277d8</code></a>
fix(client): Fix <code>parseResponse</code> not parsing json in react
native (<a
href="https://redirect.github.com/honojs/hono/issues/4399">#4399</a>)</li>
<li><a
href="https://github.com/honojs/hono/commit/7f4311c010dbd15bd25e16551ecf58059887d105"><code>7f4311c</code></a>
4.9.6</li>
<li><a
href="https://github.com/honojs/hono/commit/1d79aedc3f82d8c9969b115fe61bc4bd705ec8de"><code>1d79aed</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/honojs/hono/commit/adecab1caeb2665c8da83a470de958566890d6ba"><code>adecab1</code></a>
chore(benchmarks): remove comment-out from router bench (<a
href="https://redirect.github.com/honojs/hono/issues/4387">#4387</a>)</li>
<li><a
href="https://github.com/honojs/hono/commit/b3d5b404291a71ec088c5f5c9d6f2940150fbb5b"><code>b3d5b40</code></a>
chore: update packages in the router bench (<a
href="https://redirect.github.com/honojs/hono/issues/4386">#4386</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/honojs/hono/compare/v4.7.10...v4.9.7">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/getsentry/sentry-javascript/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>1 parent 34b3597 commit b24a7e6Copy full SHA for b24a7e6
File tree
Expand file treeCollapse file tree
1 file changed
+1
-1
lines changedFilter options
- dev-packages/e2e-tests/test-applications/cloudflare-hono
Expand file treeCollapse file tree
1 file changed
+1
-1
lines changedCollapse file: dev-packages/e2e-tests/test-applications/cloudflare-hono/package.json
dev-packages/e2e-tests/test-applications/cloudflare-hono/package.json
Copy file name to clipboardExpand all lines: dev-packages/e2e-tests/test-applications/cloudflare-hono/package.json+1-1Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
12 | 12 | | |
13 | 13 | | |
14 | 14 | | |
15 | | - | |
| 15 | + | |
16 | 16 | | |
17 | 17 | | |
18 | 18 | | |
| |||
0 commit comments