[PR] chore(deps-dev): bump hono from 4.11.9 to 4.12.2 in /ui

via GitHub Mon, 23 Feb 2026 00:33:24 -0800


dependabot[bot] opened a new pull request, #4192:
URL: https://github.com/apache/streampipes/pull/4192


   Bumps [hono](https://github.com/honojs/hono) from 4.11.9 to 4.12.2.
   <details>
   <summary>Release notes</summary>
   <p><em>Sourced from <a href="https://github.com/honojs/hono/releases";>hono's 
releases</a>.</em></p>
   <blockquote>
   <h2>v4.12.2</h2>
   <h2>Security fix</h2>
   <p>Fixed incorrect handling of <code>X-Forwarded-For</code> in the AWS 
Lambda adapter behind ALB that could allow IP-based access control bypass. The 
detail: <a 
href="https://github.com/honojs/hono/security/advisories/GHSA-xh87-mx6m-69f3";>https://github.com/honojs/hono/security/advisories/GHSA-xh87-mx6m-69f3</a></p>
   <p>Thanks <a 
href="https://github.com/EdamAme-x";><code>@EdamAme-x</code></a></p>
   <h2>What's Changed</h2>
   <ul>
   <li>fix(context): revert PR <a 
href="https://redirect.github.com/honojs/hono/issues/4707";>#4707</a> by <a 
href="https://github.com/yusukebe";><code>@yusukebe</code></a> in <a 
href="https://redirect.github.com/honojs/hono/pull/4757";>honojs/hono#4757</a></li>
   </ul>
   <p><strong>Full Changelog</strong>: <a 
href="https://github.com/honojs/hono/compare/v4.12.1...v4.12.2";>https://github.com/honojs/hono/compare/v4.12.1...v4.12.2</a></p>
   <h2>v4.12.1</h2>
   <h2>What's Changed</h2>
   <ul>
   <li>fix(client): export <code>ApplyGlobalResponse</code> from 
<code>hono/client</code> by <a 
href="https://github.com/sushichan044";><code>@sushichan044</code></a> in <a 
href="https://redirect.github.com/honojs/hono/pull/4743";>honojs/hono#4743</a></li>
   </ul>
   <p><strong>Full Changelog</strong>: <a 
href="https://github.com/honojs/hono/compare/v4.12.0...v4.12.1";>https://github.com/honojs/hono/compare/v4.12.0...v4.12.1</a></p>
   <h2>v4.12.0</h2>
   <h1>Release Notes</h1>
   <p>Hono v4.12.0 is now available!</p>
   <p>This release includes new features for the Hono client, middleware 
improvements, adapter enhancements, and significant performance improvements to 
the router and context.</p>
   <h2><code>$path</code> for Hono Client</h2>
   <p>The Hono client now has a <code>$path()</code> method that returns the 
path string instead of a full URL. This is useful when you need just the path 
portion for routing or key-based operations:</p>
   <pre lang="ts"><code>const client = hc&lt;typeof 
app&gt;('http://localhost:8787')
   <p>// Get the path string
   const path = client.api.posts.$path()
   // =&gt; '/api/posts'</p>
   <p>// With path parameters
   const postPath = client.api.posts[':id'].$path({
   param: { id: '123' },
   })
   // =&gt; '/api/posts/123'</p>
   <p>// With query parameters
   const searchPath = client.api.posts.$path({
   query: { filter: 'test' },
   })
   // =&gt; '/api/posts?filter=test'
   </code></pre></p>
   <!-- raw HTML omitted -->
   </blockquote>
   <p>... (truncated)</p>
   </details>
   <details>
   <summary>Commits</summary>
   <ul>
   <li><a 
href="https://github.com/honojs/hono/commit/df97e5f49771a2a219770515859b9cc1d80abab0";><code>df97e5f</code></a>
 4.12.2</li>
   <li><a 
href="https://github.com/honojs/hono/commit/212c64f2c262c60585e4d80d547fb154fd8b9a16";><code>212c64f</code></a>
 fix(context): revert PR <a 
href="https://redirect.github.com/honojs/hono/issues/4707";>#4707</a> (<a 
href="https://redirect.github.com/honojs/hono/issues/4757";>#4757</a>)</li>
   <li><a 
href="https://github.com/honojs/hono/commit/5cc8f8f79eb600a1d98be117c2c7c2de3e0d400e";><code>5cc8f8f</code></a>
 ci: apply automated fixes</li>
   <li><a 
href="https://github.com/honojs/hono/commit/41adbf56e252c04611f8972364ac0887ae07a4c7";><code>41adbf5</code></a>
 Merge commit from fork</li>
   <li><a 
href="https://github.com/honojs/hono/commit/2de30d7c2a25885c5df03c454582c305a34da771";><code>2de30d7</code></a>
 4.12.1</li>
   <li><a 
href="https://github.com/honojs/hono/commit/91ef235f9fd34266dbb473a4c43d999465be3c87";><code>91ef235</code></a>
 fix(client): export <code>ApplyGlobalResponse</code> from 
<code>hono/client</code> (<a 
href="https://redirect.github.com/honojs/hono/issues/4743";>#4743</a>)</li>
   <li><a 
href="https://github.com/honojs/hono/commit/d2ed2e9c966d82e2369bd74bdae4acd4e8f57807";><code>d2ed2e9</code></a>
 4.12.0</li>
   <li><a 
href="https://github.com/honojs/hono/commit/01e78adc637de2bc4ae532cf4a80bf7863652f8e";><code>01e78ad</code></a>
 Merge pull request <a 
href="https://redirect.github.com/honojs/hono/issues/4735";>#4735</a> from 
honojs/next</li>
   <li><a 
href="https://github.com/honojs/hono/commit/a340a25fc6065f41328a20068c495f8a32410401";><code>a340a25</code></a>
 perf(context): use <code>createResponseInstance</code> for new Response (<a 
href="https://redirect.github.com/honojs/hono/issues/4733";>#4733</a>)</li>
   <li><a 
href="https://github.com/honojs/hono/commit/bd26c3129f8e159864d3f96522f44e900516e847";><code>bd26c31</code></a>
 perf(trie-router): improve performance (1.5x ~ 2.0x) (<a 
href="https://redirect.github.com/honojs/hono/issues/4724";>#4724</a>)</li>
   <li>Additional commits viewable in <a 
href="https://github.com/honojs/hono/compare/v4.11.9...v4.12.2";>compare 
view</a></li>
   </ul>
   </details>
   <br />
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=hono&package-manager=npm_and_yarn&previous-version=4.11.9&new-version=4.12.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   <details>
   <summary>Dependabot commands and options</summary>
   <br />
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot show <dependency name> ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   You can disable automated security fix PRs for this repo from the [Security 
Alerts page](https://github.com/apache/streampipes/network/alerts).
   
   </details>


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

[PR] chore(deps-dev): bump hono from 4.11.9 to 4.12.2 in /ui

Reply via email to