Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update dependency hono to v4 - autoclosed #290

Closed
wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jun 3, 2024

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
hono (source) 2.7.8 -> 4.6.13 age adoption passing confidence

Release Notes

honojs/hono (hono)

v4.6.13

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.6.12...v4.6.13

v4.6.12

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.6.11...v4.6.12

v4.6.11

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.6.10...v4.6.11

v4.6.10

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.6.9...v4.6.10

v4.6.9

Compare Source

What's Changed
New Contributors

Full Changelog: honojs/hono@v4.6.8...v4.6.9

v4.6.8

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.6.7...v4.6.8

v4.6.7

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.6.6...v4.6.7

v4.6.6

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.6.5...v4.6.6

v4.6.5

Compare Source

Security fix for CSRF Protection Middleware

This release includes a security fix for CSRF Protection Middleware. If you are using CSRF Protection Middleware, please upgrade this hono package immediately.

Before this release, a request without a Content-Type header can bypass the protection. This fix does not allow it. See: GHSA-2234-fmw7-43wr

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.6.4...v4.6.5

v4.6.4

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.6.3...v4.6.4

v4.6.3

Compare Source

This release has many new features, but each feature is small, so we've released it as a patch release.

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.6.2...v4.6.3

v4.6.2

Compare Source

What's Changed

Full Changelog: honojs/hono@v4.6.1...v4.6.2

v4.6.1

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.6.0...v4.6.1

v4.6.0

Compare Source

Hono v4.6.0 is now available!

One of the highlights of this release is the Context Storage Middleware. Let's introduce it.

Context Storage Middleware

Many users may have been waiting for this feature. The Context Storage Middleware uses AsyncLocalStorage to allow handling of the current Context object even outside of handlers.

For example, let’s define a Hono app with a variable message: string.

type Env = {
  Variables: {
    message: string
  }
}

const app = new Hono<Env>()

To enable Context Storage Middleware, register contextStorage() as middleware at the top and set the message value.

import { contextStorage } from 'hono/context-storage'

//...

app.use(contextStorage())

app.use(async (c, next) => {
  c.set('message', 'Hello!')
  await next()
})

getContext() returns the current Context object, allowing you to get the value of the message variable outside the handler.

import { getContext } from 'hono/context-storage'

app.get('/', (c) => {
  return c.text(getMessage())
})

// Access the variable outside the handler.
const getMessage = () => {
  return getContext<Env>().var.message
}

In the case of Cloudflare Workers, you can also access the Bindings outside the handler by using this middleware.

type Env = {
  Bindings: {
    KV: KVNamespace
  }
}

const app = new Hono<Env>()

app.use(contextStorage())

const setKV = (value: string) => {
  return getContext<Env>().env.KV.put('key', value)
}

Thanks @​marceloverdijk !

New features

Other changes

New Contributors

Full Changelog: honojs/hono@v4.5.11...v4.6.0

v4.5.11

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.5.10...v4.5.11

v4.5.10

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.5.9...v4.5.10

v4.5.9

Compare Source

What's Changed

Full Changelog: honojs/hono@v4.5.8...v4.5.9

v4.5.8

Compare Source

Security Fix for CSRF Protection Middleware

Before this release, in versions 4.5.7 and below, the CSRF Protection Middleware did not treat requests including Content-Types with uppercase letters (e.g., Application/x-www-form-urlencoded) as potential attacks, allowing them to pass.

This could cause unexpected behavior, leading to a vulnerability. If you are using the CSRF Protection Middleware, please upgrade to version 4.5.8 or higher immediately.

For more details, see the report here: GHSA-rpfr-3m35-5vx5

v4.5.7

Compare Source

What's Changed
New Contributors

Full Changelog: honojs/hono@v4.5.6...v4.5.7

v4.5.6

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.5.5...v4.5.6

v4.5.5

Compare Source

What's Changed

Full Changelog: honojs/hono@v4.5.4...v4.5.5

v4.5.4

Compare Source

What's Changed
New Contributors

Full Changelog: honojs/hono@v4.5.3...v4.5.4

v4.5.3

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.5.2...v4.5.3

v4.5.2

Compare Source

What's Changed

Full Changelog: honojs/hono@v4.5.1...v4.5.2

v4.5.1

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.5.0...v4.5.1

v4.5.0

Compare Source

v4.4.13

Compare Source

What's Changed

Full Changelog: honojs/hono@v4.4.12...v4.4.13

v4.4.12

Compare Source

What's Changed

New Contributors

Full Changelog: honojs/hono@v4.4.11...v4.4.12

v4.4.11

Compare Source

What's Changed

  • refactor: remove unnecessary async keyword from router test

Copy link
Contributor Author

renovate bot commented Jun 3, 2024

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: hono/package-lock.json
npm ERR! code ERESOLVE
npm ERR! ERESOLVE could not resolve
npm ERR! 
npm ERR! While resolving: @honojs/graphql-server@0.1.2
npm ERR! Found: hono@4.6.13
npm ERR! node_modules/hono
npm ERR!   hono@"4.6.13" from the root project
npm ERR! 
npm ERR! Could not resolve dependency:
npm ERR! peer hono@"^2.6.1" from @honojs/graphql-server@0.1.2
npm ERR! node_modules/@honojs/graphql-server
npm ERR!   @honojs/graphql-server@"0.1.2" from the root project
npm ERR! 
npm ERR! Conflicting peer dependency: hono@2.7.8
npm ERR! node_modules/hono
npm ERR!   peer hono@"^2.6.1" from @honojs/graphql-server@0.1.2
npm ERR!   node_modules/@honojs/graphql-server
npm ERR!     @honojs/graphql-server@"0.1.2" from the root project
npm ERR! 
npm ERR! Fix the upstream dependency conflict, or retry
npm ERR! this command with --force, or --legacy-peer-deps
npm ERR! to accept an incorrect (and potentially broken) dependency resolution.
npm ERR! 
npm ERR! See /tmp/renovate/cache/others/npm/eresolve-report.txt for a full report.

npm ERR! A complete log of this run can be found in:
npm ERR!     /tmp/renovate/cache/others/npm/_logs/2024-12-06T12_01_53_085Z-debug-0.log

@renovate renovate bot force-pushed the renovate/hono-4.x branch 2 times, most recently from 3f35ddb to 3246840 Compare June 11, 2024 06:34
@renovate renovate bot force-pushed the renovate/hono-4.x branch 2 times, most recently from e31d3bb to cf0348d Compare June 19, 2024 06:50
@renovate renovate bot force-pushed the renovate/hono-4.x branch 3 times, most recently from af698ef to c1d5ad3 Compare June 30, 2024 00:42
@renovate renovate bot force-pushed the renovate/hono-4.x branch 2 times, most recently from d993f3a to 56a4453 Compare July 6, 2024 08:42
@renovate renovate bot force-pushed the renovate/hono-4.x branch 2 times, most recently from 0c26617 to 31508dd Compare July 16, 2024 16:35
@renovate renovate bot force-pushed the renovate/hono-4.x branch 2 times, most recently from 6fe43f2 to c8440e6 Compare July 27, 2024 11:16
@renovate renovate bot force-pushed the renovate/hono-4.x branch from c8440e6 to cfb0414 Compare July 29, 2024 17:06
@renovate renovate bot force-pushed the renovate/hono-4.x branch 2 times, most recently from 4c7b91b to a13d2b6 Compare August 11, 2024 06:54
@renovate renovate bot force-pushed the renovate/hono-4.x branch 3 times, most recently from 63a323d to 681e7af Compare August 22, 2024 09:01
@renovate renovate bot force-pushed the renovate/hono-4.x branch 2 times, most recently from 8a87912 to 5eb8f6c Compare August 31, 2024 03:33
@renovate renovate bot force-pushed the renovate/hono-4.x branch from 5eb8f6c to 02dd35f Compare September 3, 2024 10:15
@renovate renovate bot force-pushed the renovate/hono-4.x branch 2 times, most recently from 733046f to 0d283bc Compare September 17, 2024 01:51
@renovate renovate bot force-pushed the renovate/hono-4.x branch 2 times, most recently from bde4077 to 8726818 Compare September 30, 2024 21:31
@renovate renovate bot force-pushed the renovate/hono-4.x branch 2 times, most recently from 198cd74 to 269192c Compare October 15, 2024 09:08
@renovate renovate bot force-pushed the renovate/hono-4.x branch from 269192c to cd6b4be Compare October 22, 2024 07:28
@renovate renovate bot force-pushed the renovate/hono-4.x branch 2 times, most recently from 4c50f8f to 693aac4 Compare October 29, 2024 08:39
@renovate renovate bot force-pushed the renovate/hono-4.x branch from 693aac4 to be44a35 Compare November 4, 2024 06:45
@renovate renovate bot force-pushed the renovate/hono-4.x branch 2 times, most recently from 6c9e997 to fd5e33c Compare November 20, 2024 00:43
@renovate renovate bot force-pushed the renovate/hono-4.x branch from fd5e33c to 7c73d32 Compare November 25, 2024 06:19
@renovate renovate bot force-pushed the renovate/hono-4.x branch from 7c73d32 to ec2b983 Compare December 6, 2024 12:01
@renovate renovate bot changed the title fix(deps): update dependency hono to v4 fix(deps): update dependency hono to v4 - autoclosed Dec 8, 2024
@renovate renovate bot closed this Dec 8, 2024
@renovate renovate bot deleted the renovate/hono-4.x branch December 8, 2024 18:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants