Skip to content

chore(deps): Bump @hono/node-server from 1.19.14 to 2.0.5#156

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/hono/node-server-2.0.4
Open

chore(deps): Bump @hono/node-server from 1.19.14 to 2.0.5#156
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/hono/node-server-2.0.4

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 7, 2026

Copy link
Copy Markdown
Contributor

Bumps @hono/node-server from 1.19.14 to 2.0.5.

Release notes

Sourced from @​hono/node-server's releases.

v2.0.5

Security Fix

Fixed a security issue in Serve Static Middleware where prefix-mounted middleware could be bypassed on Windows. This only affects applications running on Windows that use Serve Static Middleware. Affected users are encouraged to upgrade to this version.

See GHSA-frvp-7c67-39w9 for details.

v2.0.4

What's Changed

Full Changelog: honojs/node-server@v2.0.3...v2.0.4

v2.0.3

What's Changed

New Contributors

Full Changelog: honojs/node-server@v2.0.2...v2.0.3

v2.0.2

What's Changed

Full Changelog: honojs/node-server@v2.0.1...v2.0.2

v2.0.1

What's Changed

New Contributors

Full Changelog: honojs/node-server@v2.0.0...v2.0.1

v2.0.0

Now, we release the second major version of the Hono Node.js adapter 🎉 🎉 🎉

The Hono Node.js adapter is now up to 2.3x faster

v2 of the Hono Node.js adapter reaches up to 2.3x the throughput of v1 — that's the peak number, measured on the body-parsing scenario of bun-http-framework-benchmark. The other scenarios (Ping, Query) get a smaller but real boost too.

... (truncated)

Commits
  • 9d56900 2.0.5
  • cd076e1 Merge commit from fork
  • 9e1cdee 2.0.4
  • b4ca622 fix: stub ws types to prevent them leaking in public types (#359)
  • 9d87987 2.0.3
  • 9463250 fix: preserve headers mutated after raw Response construction (#357)
  • cee5e81 docs: Align the ServeStaticOption command with the current specification (#...
  • 4aa0650 chore(ci): update GitHub Actions versions (#352)
  • 808159c 2.0.2
  • 1a9748e fix: handle serveStatic stream fallback backpressure (#351)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 7, 2026
@github-actions github-actions Bot added the deps:needs-review Major or risky dep bump — manual review required label Jun 7, 2026
@github-actions

github-actions Bot commented Jun 7, 2026

Copy link
Copy Markdown

Major or Rust-minor bump — needs manual review before merge.

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/hono/node-server-2.0.4 branch from c7ad1b8 to 1f3da46 Compare June 7, 2026 08:45
@github-actions

github-actions Bot commented Jun 7, 2026

Copy link
Copy Markdown

Major or Rust-minor bump — needs manual review before merge.

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/hono/node-server-2.0.4 branch from 1f3da46 to f716fc9 Compare June 9, 2026 08:41
@github-actions

github-actions Bot commented Jun 9, 2026

Copy link
Copy Markdown

Major or Rust-minor bump — needs manual review before merge.

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/hono/node-server-2.0.4 branch from f716fc9 to 9fa98c6 Compare June 9, 2026 10:14
@github-actions

github-actions Bot commented Jun 9, 2026

Copy link
Copy Markdown

Major or Rust-minor bump — needs manual review before merge.

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/hono/node-server-2.0.4 branch from 9fa98c6 to 79020f8 Compare June 11, 2026 02:27
@github-actions

Copy link
Copy Markdown

Major or Rust-minor bump — needs manual review before merge.

@dependabot dependabot Bot changed the title chore(deps): bump @hono/node-server from 1.19.14 to 2.0.4 chore(deps): Bump @hono/node-server from 1.19.14 to 2.0.4 Jun 15, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/hono/node-server-2.0.4 branch from 79020f8 to 793157c Compare June 15, 2026 04:23
@github-actions

Copy link
Copy Markdown

Major or Rust-minor bump — needs manual review before merge.

@dependabot dependabot Bot changed the title chore(deps): Bump @hono/node-server from 1.19.14 to 2.0.4 chore(deps): Bump @hono/node-server from 1.19.14 to 2.0.5 Jun 18, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/hono/node-server-2.0.4 branch from 793157c to ae1260b Compare June 18, 2026 19:03
@github-actions

Copy link
Copy Markdown

Major or Rust-minor bump — needs manual review before merge.

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/hono/node-server-2.0.4 branch from ae1260b to 31f51ae Compare June 20, 2026 10:51
@github-actions

Copy link
Copy Markdown

Major or Rust-minor bump — needs manual review before merge.

Bumps [@hono/node-server](https://github.com/honojs/node-server) from 1.19.14 to 2.0.5.
- [Release notes](https://github.com/honojs/node-server/releases)
- [Commits](honojs/node-server@v1.19.14...v2.0.5)

---
updated-dependencies:
- dependency-name: "@hono/node-server"
  dependency-version: 2.0.4
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/hono/node-server-2.0.4 branch from 31f51ae to f6d4ce8 Compare June 20, 2026 13:47
@github-actions

Copy link
Copy Markdown

Major or Rust-minor bump — needs manual review before merge.

@dependabot @github

dependabot Bot commented on behalf of github Jun 24, 2026

Copy link
Copy Markdown
Contributor Author

Dependabot can't resolve your JavaScript dependency files. Because of this, Dependabot cannot update this pull request.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file deps:needs-review Major or risky dep bump — manual review required

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants