Skip to content

fix(deps): update dependency hono to ^4.7.0 - autoclosed#187

Closed
renovate[bot] wants to merge 1 commit intotrunkfrom
renovate/all-minor-patch
Closed

fix(deps): update dependency hono to ^4.7.0 - autoclosed#187
renovate[bot] wants to merge 1 commit intotrunkfrom
renovate/all-minor-patch

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Nov 25, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
hono (source) ^4.6.20 -> ^4.7.0 age adoption passing confidence

Release Notes

honojs/hono (hono)

v4.7.0

Compare Source

Release Notes

Hono v4.7.0 is now available!

This release introduces one helper and two middleware.

  • Proxy Helper
  • Language Middleware
  • JWK Auth Middleware

Plus, Standard Schema Validator has been born.

Let's look at each of these.

Proxy Helper

We sometimes use the Hono application as a reverse proxy. In that case, it accesses the backend using fetch. However, it sends an unintended headers.

app.all('/proxy/:path', (c) => {
  // Send unintended header values to the origin server
  return fetch(`http://${originServer}/${c.req.param('path')}`)
})

For example, fetch may send Accept-Encoding, causing the origin server to return a compressed response. Some runtimes automatically decode it, leading to a Content-Length mismatch and potential client-side errors.

Also, you should probably remove some of the headers sent from the origin server, such as Transfer-Encoding.

Proxy Helper will send requests to the origin and handle responses properly. The above headers problem is solved simply by writing as follows.

import { Hono } from 'hono'
import { proxy } from 'hono/proxy'

app.get('/proxy/:path', (c) => {
  return proxy(`http://${originServer}/${c.req.param('path')}`)
})

You can also use it in more complex ways.

app.get('/proxy/:path', async (c) => {
  const res = await proxy(
    `http://${originServer}/${c.req.param('path')}`,
    {
      headers: {
        ...c.req.header(),
        'X-Forwarded-For': '127.0.0.1',
        'X-Forwarded-Host': c.req.header('host'),
        Authorization: undefined,
      },
    }
  )
  res.headers.delete('Set-Cookie')
  return res
})

Thanks @​usualoma!

Language Middleware

Language Middleware provides 18n functions to Hono applications. By using the languageDetector function, you can get the language that your application should support.

import { Hono } from 'hono'
import { languageDetector } from 'hono/language'

const app = new Hono()

app.use(
  languageDetector({
    supportedLanguages: ['en', 'ar', 'ja'], // Must include fallback
    fallbackLanguage: 'en', // Required
  })
)

app.get('/', (c) => {
  const lang = c.get('language')
  return c.text(`Hello! Your language is ${lang}`)
})

You can get the target language in various ways, not just by using Accept-Language.

  • Query parameters
  • Cookies
  • Accept-Language header
  • URL path

Thanks @​lord007tn!

JWK Auth Middleware

Finally, middleware that supports JWK (JSON Web Key) has landed. Using JWK Auth Middleware, you can authenticate by verifying JWK tokens. It can access keys fetched from the specified URL.

import { Hono } from 'hono'
import { jwk } from 'hono/jwk'

app.use(
  '/auth/*',
  jwk({
    jwks_uri: `https://${backendServer}/.well-known/jwks.json`,
  })
)

app.get('/auth/page', (c) => {
  return c.text('You are authorized')
})

Thanks @​Beyondo!

Standard Schema Validator

Standard Schema provides a common interface for TypeScript validator libraries. Standard Schema Validator is a validator that uses it. This means that Standard Schema Validator can handle several validators, such as Zod, Valibot, and ArkType, with the same interface.

The code below really works!

import { Hono } from 'hono'
import { sValidator } from '@​hono/standard-validator'
import { type } from 'arktype'
import * as v from 'valibot'
import { z } from 'zod'

const aSchema = type({
  agent: 'string',
})

const vSchema = v.object({
  slag: v.string(),
})

const zSchema = z.object({
  name: z.string(),
})

const app = new Hono()

app.get(
  '/:slag',
  sValidator('header', aSchema),
  sValidator('param', vSchema),
  sValidator('query', zSchema),
  (c) => {
    const headerValue = c.req.valid('header')
    const paramValue = c.req.valid('param')
    const queryValue = c.req.valid('query')
    return c.json({ headerValue, paramValue, queryValue })
  }
)

const res = await app.request('/foo?name=foo', {
  headers: {
    agent: 'foo',
  },
})

console.log(await res.json())

Thanks @​muningis!

New features

All changes

New Contributors

Full Changelog: honojs/hono@v4.6.20...v4.7.0

Configuration

📅 Schedule: Branch creation - "* 0-3 * * 1" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

@renovate renovate bot force-pushed the renovate/all-minor-patch branch 9 times, most recently from f43527a to 841a6b9 Compare November 28, 2024 19:15
@renovate renovate bot changed the title chore(deps): update all non-major dependencies chore(deps): update dependency typescript to v5.6.3 Nov 28, 2024
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 841a6b9 to ab05ef8 Compare November 29, 2024 20:02
@renovate renovate bot changed the title chore(deps): update dependency typescript to v5.6.3 chore(deps): update dependency typescript to v5.7.2 Nov 29, 2024
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 3 times, most recently from 47adf9a to f0e6ffe Compare December 6, 2024 21:50
@renovate renovate bot changed the title chore(deps): update dependency typescript to v5.7.2 chore(deps): update all non-major dependencies Dec 6, 2024
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from f0e6ffe to 297d9c9 Compare December 7, 2024 10:18
@renovate renovate bot changed the title chore(deps): update all non-major dependencies chore(deps): update dependency eslint to v9.16.0 Dec 8, 2024
@renovate renovate bot changed the title chore(deps): update dependency eslint to v9.16.0 chore(deps): update all non-major dependencies Dec 8, 2024
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 8 times, most recently from 8e8ae41 to ce5f13a Compare December 11, 2024 16:00
@renovate renovate bot changed the title chore(deps): update all non-major dependencies fix(deps): update all non-major dependencies Dec 11, 2024
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 12 times, most recently from 7fd4176 to 6cefa24 Compare December 26, 2024 11:21
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 7 times, most recently from 057863d to 895885b Compare January 2, 2025 10:54
@renovate renovate bot force-pushed the renovate/all-minor-patch branch 8 times, most recently from 0427fae to 8606cd9 Compare January 10, 2025 11:18
@renovate renovate bot force-pushed the renovate/all-minor-patch branch from 8606cd9 to 22963ff Compare January 11, 2025 06:35
@socket-security
Copy link

socket-security bot commented Feb 7, 2025

Updated and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/hono@4.7.0 🔁 npm/hono@4.6.20 None 0 1.13 MB yusukebe

View full report↗︎

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants