Skip to content

chore(deps): bump @hono/node-server from 1.19.3 to 1.19.10#1274

Merged
BYK merged 1 commit intomainfrom
dependabot/npm_and_yarn/hono/node-server-1.19.10
Mar 5, 2026
Merged

chore(deps): bump @hono/node-server from 1.19.3 to 1.19.10#1274
BYK merged 1 commit intomainfrom
dependabot/npm_and_yarn/hono/node-server-1.19.10

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 4, 2026
edited
Loading

Bumps @hono/node-server from 1.19.3 to 1.19.10.

Release notes

Sourced from @​hono/node-server's releases.

v1.19.10

Security Fix

Fixed an authorization bypass in Serve Static Middleware caused by inconsistent URL decoding (%2F handling) between the router and static file resolution. Users of Serve Static Middleware are encouraged to upgrade to this version.

See GHSA-wc8c-qw6v-h7f6 for details.

v1.19.9

What's Changed

Full Changelog: honojs/node-server@v1.19.8...v1.19.9

v1.19.8

What's Changed

New Contributors

Full Changelog: honojs/node-server@v1.19.7...v1.19.8

v1.19.7

What's Changed

New Contributors

Full Changelog: honojs/node-server@v1.19.6...v1.19.7

v1.19.6

What's Changed

Full Changelog: honojs/node-server@v1.19.5...v1.19.6

v1.19.5

What's Changed

Full Changelog: honojs/node-server@v1.19.4...v1.19.5

v1.19.4

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 4, 2026
@vercel
Copy link
Copy Markdown

vercel bot commented Mar 4, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment
Project Deployment Actions Updated (UTC)
spotlightjs Skipped Skipped Mar 5, 2026 0:30am

Request Review

@dependabot dependabot bot deployed to Preview March 4, 2026 20:55 Active
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 4, 2026
edited
Loading

Semver Impact of This PR

🟢 Patch (bug fixes)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

New Features ✨

  • (telemetry) EmptyState component by Shubhdeep12 in #1264
  • (ui) Collapsible insights section by Shubhdeep12 in #1263
  • Added new codecov action by MathurAditya724 in #1255

Bug Fixes 🐛

  • (cli) Show options in command-specific help output by BYK in #1260
  • (deps) Address Dependabot security alerts by BYK in #1261
  • (ui) Update TelemetryView layout for better responsiveness by Shubhdeep12 in #1262
  • Updated the codecov action to point to getsentry by MathurAditya724 in #1259

Internal Changes 🔧

Deps

  • Bump @hono/node-server from 1.19.3 to 1.19.10 by dependabot[bot] in #1274
  • Bump hono from 4.11.7 to 4.12.4 by dependabot in #1273
  • Bump hono from 4.11.4 to 4.11.7 by dependabot in #1267
  • Bump hono from 4.10.3 to 4.11.4 by dependabot in #1254

Other

  • (ci) Fix workflow warnings for cache action and codecov by BYK in #1251
  • (release) Fix Docker Latest Target by BYK in #1252
  • Use pull_request_target for changelog preview by BYK in #1256

Other

  • Update documentation link in README.md by sergical in #1253

🤖 This preview updates automatically when you update the PR.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 4, 2026
edited
Loading

Codecov Results 📊

✅ Patch coverage is 100.00%. Project has 1348 uncovered lines.

Files with missing lines (31)
File Patch % Lines
event.ts 52.61% ⚠️ 263 Missing
mcp.ts 65.91% ⚠️ 151 Missing
messageBuffer.ts 67.57% ⚠️ 120 Missing
docker-compose.ts 77.33% ⚠️ 85 Missing
utils.ts 31.71% ⚠️ 84 Missing
extras.ts 28.13% ⚠️ 69 Missing
debugLogging.ts 29.47% ⚠️ 67 Missing
utils.ts 75.28% ⚠️ 66 Missing
index.ts 24.59% ⚠️ 46 Missing
cors.ts 91.08% ⚠️ 39 Missing and 1 partials
logs.ts 28.85% ⚠️ 37 Missing
traces.ts 93.10% ⚠️ 33 Missing and 1 partials
userAgent.ts 52.63% ⚠️ 27 Missing
index.ts 80.47% ⚠️ 25 Missing
utils.ts 66.67% ⚠️ 23 Missing
errors.ts 75.53% ⚠️ 23 Missing
JsonViewer.tsx 71.62% ⚠️ 21 Missing
traces.ts 75.86% ⚠️ 21 Missing
processEnvelope.ts 86.67% ⚠️ 18 Missing
eventContainer.ts 78.05% ⚠️ 18 Missing
open.ts 42.86% ⚠️ 16 Missing
CodeViewer.tsx 54.55% ⚠️ 15 Missing
contentType.ts 66.67% ⚠️ 15 Missing
Attachment.tsx 90.00% ⚠️ 12 Missing and 1 partials
helpers.ts 70.27% ⚠️ 11 Missing
streaming.ts 76.09% ⚠️ 11 Missing
ShikiProvider.tsx 54.17% ⚠️ 11 Missing
AnsiText.tsx 91.00% ⚠️ 9 Missing
logger.ts 65.22% ⚠️ 8 Missing
logger.ts 87.50% ⚠️ 4 Missing and 1 partials
profileChunkProcessor.ts 100.00% ⚠️ 1 partials

Generated by Codecov Action

@BYK
Copy link
Copy Markdown
Member

BYK commented Mar 5, 2026

@dependabot rebase

@BYK BYK enabled auto-merge (squash) March 5, 2026 12:29
@dependabot
chore(deps): bump @hono/node-server from 1.19.3 to 1.19.10
e4fbdd3 
Bumps [@hono/node-server](https://github.com/honojs/node-server) from 1.19.3 to 1.19.10.
- [Release notes](https://github.com/honojs/node-server/releases)
- [Commits](honojs/node-server@v1.19.3...v1.19.10)

---
updated-dependencies:
- dependency-name: "@hono/node-server"
  dependency-version: 1.19.10
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/hono/node-server-1.19.10 branch from 8a9ba4a to e4fbdd3 Compare March 5, 2026 12:30
@dependabot dependabot bot deployed to Preview March 5, 2026 12:30 Active
@BYK BYK merged commit 2c0e4b3 into main Mar 5, 2026
23 checks passed
@BYK BYK deleted the dependabot/npm_and_yarn/hono/node-server-1.19.10 branch March 5, 2026 12:37
This was referenced Mar 16, 2026
Closed
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@BYK