Releases: honojs/hono
v4.6.8
What's Changed
- fix(bun/ws): fix invalid types by @nakasyou in #3562
- fix(utils/cookie): partitioned typo in CookieOptions by @imcotton in #3566
- fix(websocket): Fix typo in WSContextInit type by @Ariel-Moroshko in #3575
- fix(websocket): prevent sending entire buffer when streaming Uint8Array chunks by @Ariel-Moroshko in #3570
- fix(bun/ws): supoort
--hot
by @nakasyou in #3576 - feat(header): suggest name of header and combine in one file by @EdamAme-x in #3577
- fix(devcontainer): remove unknown flag on docker-compose by @EdamAme-x in #3582
- fix(types): replace Hono with HonoBase to get better consistency of types by @m-shaka in #3580
New Contributors
- @Ariel-Moroshko made their first contribution in #3575
Full Changelog: v4.6.7...v4.6.8
v4.6.7
What's Changed
- fix(vercel): remove
requestContext
by @yusukebe in #3549 - feat(jwt): Support custom secret keys for signing JWTs by @kaandok in #3546
- feat(ws): Make WebSocket adapter more changeable by @nakasyou in #3531
- perf(router): improve performance of router by @EdamAme-x in #3526
New Contributors
Full Changelog: v4.6.6...v4.6.7
v4.6.6
What's Changed
- docs(powered-by): add JSDoc by @yusukebe in #3520
- chore: podman support for devcontainer by @marcomuser in #3529
- refactor(secure-headers): refine secureHeadersNonce init by @imcotton in #3535
- fix(serve-static): silence
NotFound
warning on Deno by @pablo-abc in #3542 - fix(client): return query params in $url by @alex-grover in #3541
New Contributors
- @marcomuser made their first contribution in #3529
- @imcotton made their first contribution in #3535
- @pablo-abc made their first contribution in #3542
- @alex-grover made their first contribution in #3541
Full Changelog: v4.6.5...v4.6.6
v4.6.5
Security fix for CSRF Protection Middleware
This release includes a security fix for CSRF Protection Middleware. If you are using CSRF Protection Middleware, please upgrade this hono
package immediately.
Before this release, a request without a Content-Type
header can bypass the protection. This fix does not allow it. See: GHSA-2234-fmw7-43wr
What's Changed
- perf(types): replace intersection with union to get better perf by @m-shaka in #3443
- ci: use Deno
v2
by @yusukebe in #3506 - ci: use Deno v2 for a test running for deno by @nakasyou in #3509
- fix(types): rm ExcludeEmptyObject to fix massively increased type instantiations by @m-shaka in #3507
- fix(cors): avoid setting
Access-Control-Allow-Origin
if there is no matching origin by @uki00a in #3510 - feat(powered-by): optional server name by @PatrickJS in #3492
- fix(factory): revert PR #3498 by @yusukebe in #3515
- fix(build): remove private fields by @nakasyou in #3514
New Contributors
- @uki00a made their first contribution in #3510
- @PatrickJS made their first contribution in #3492
Full Changelog: v4.6.4...v4.6.5
v4.6.4
What's Changed
- chore: upgrade dependencies by @yusukebe in #3446
- chore: remove
crypto-js
from dev dependencies by @yusukebe in #3447 - chore(test): suppress no-unused-vars "'x' is assigned a value but only used as type" by @exoego in #3451
- chore(test): include bun coverage by @exoego in #3457
- test(deno): remove duplicated app.get by @exoego in #3469
- fix(types): add key to IntrinsicAttributes by @codehz in #3474
- fix(factory): relax Bindings and Variables for
createMiddleware
by @yusukebe in #3498 - fix(service-worker): bind fetch to
globalThis
by @sapphi-red in #3500 - refactor(jsx): add
override
totoStringToBuffer
in classes extendingJSXNode
by @yusukebe in #3505
New Contributors
- @sapphi-red made their first contribution in #3500
Full Changelog: v4.6.3...v4.6.4
v4.6.3
This release has many new features, but each feature is small, so we've released it as a patch release.
What's Changed
- chore: rename
runtime_tests
toruntime-tests
by @yusukebe in #3419 - ci: Type check perf by @m-shaka in #3406
- refactor(jsx/streaming): Clarified the type of renderToReadableStream. by @usualoma in #3434
- perf(types): use homomorphic mapped type to reduce conditional branches by @m-shaka in #3440
- ci: prettify type check result and rm a comment by @m-shaka in #3442
- fix(types): useSyncExternalStore type by @codehz in #3437
- fix(combine/every): make
every
middleware work with short-circuiting middlewares by @paolostyle in #3441 - feat(secureHeader): add CSP Report-Only mode support by @isoppp in #3413
- feat(jwt): make JwtVariables generic for improved type safety by @TinsFox in #3428
- feat(request): Make request.ts available throught JSR for frameworks that need to instantiate HonoRequest by @Sorikairox in #3425
- feat(jsx/precompile): Normalization and stringification of attribute values as
renderToString
by @usualoma in #3432 - feat(serve-static): support absolute root by @yusukebe in #3420
New Contributors
- @codehz made their first contribution in #3437
- @paolostyle made their first contribution in #3441
- @isoppp made their first contribution in #3413
- @TinsFox made their first contribution in #3428
- @Sorikairox made their first contribution in #3425
Full Changelog: v4.6.2...v4.6.3
v4.6.2
v4.6.1
v4.6.0
Hono v4.6.0 is now available!
One of the highlights of this release is the Context Storage Middleware. Let's introduce it.
Context Storage Middleware
Many users may have been waiting for this feature. The Context Storage Middleware uses AsyncLocalStorage
to allow handling of the current Context object even outside of handlers.
For example, let’s define a Hono app with a variable message: string
.
type Env = {
Variables: {
message: string
}
}
const app = new Hono<Env>()
To enable Context Storage Middleware, register contextStorage()
as middleware at the top and set the message
value.
import { contextStorage } from 'hono/context-storage'
//...
app.use(contextStorage())
app.use(async (c, next) => {
c.set('message', 'Hello!')
await next()
})
getContext()
returns the current Context object, allowing you to get the value of the message
variable outside the handler.
import { getContext } from 'hono/context-storage'
app.get('/', (c) => {
return c.text(getMessage())
})
// Access the variable outside the handler.
const getMessage = () => {
return getContext<Env>().var.message
}
In the case of Cloudflare Workers, you can also access the Bindings
outside the handler by using this middleware.
type Env = {
Bindings: {
KV: KVNamespace
}
}
const app = new Hono<Env>()
app.use(contextStorage())
const setKV = (value: string) => {
return getContext<Env>().env.KV.put('key', value)
}
Thanks @marceloverdijk !
New features
- feat(secureHeader): add Permissions-Policy header to secure headers middleware #3314
- feat(cloudflare-pages): enable
c.env.eventContext
in handleMiddleware #3332 - feat(websocket): Add generics type to
WSContext
#3337 - feat(jsx-renderer): set
Content-Encoding
whenstream
is true #3355 - feat(serveStatic): add
precompressed
option #3366 - feat(helper/streaming): Support
Promise<string>
or (async)JSX.Element
instreamSSE
#3344 - feat(context): make fetch Response headers mutable #3318
- feat(serve-static): add
onFound
option #3396 - feat(basic-auth): added custom response message option #3371
- feat(bearer-auth): added custom response message options #3372
Other changes
- chore(jsx-renderer): fix typo in JSDoc by @taga3s in #3378
- chore(deno): use the latest jsr libraries for testing by @ryuapp in #3375
- fix(secure-headers): optimize getPermissionsPolicyDirectives function by @kbkn3 in #3398
- fix(bearer-auth): typo by @yusukebe in #3404
New Contributors
- @kbkn3 made their first contribution in #3314
- @hayatosc made their first contribution in #3337
- @inetol made their first contribution in #3366
Full Changelog: v4.5.11...v4.6.0
v4.5.11
What's Changed
- fix(jsx): race condition in ErrorBoundary with event loop by @usualoma in #3343
- perf(jsx): skip the special behavior when the element is in the head. by @usualoma in #3352
- refactor(utils/body): shorten the code by @yusukebe in #3353
- docs:
Twitter
toX
by @yusukebe in #3354 - chore: fix typo in JSDoc by @taga3s in #3364
- refactor(utils/basic-auth): Moved Internal function to utils by @sugar-cat7 in #3359
New Contributors
- @taga3s made their first contribution in #3364
- @sugar-cat7 made their first contribution in #3359
Full Changelog: v4.5.10...v4.5.11