⬆️ Update dependency hono to v3.11.7 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
hono (source)	3.2.7 -> 3.11.7

GitHub Vulnerability Alerts

CVE-2023-50710

Impact

The clients may override named path parameter values from previous requests if the application is using TrieRouter. So, there is a risk that a privileged user may use unintended parameters when deleting REST API resources.

TrieRouter is used either explicitly or when the application matches a pattern that is not supported by the default RegExpRouter.

The code to reproduce it. The server side application:

import { Hono } from 'hono'
import { TrieRouter } from 'hono/router/trie-router'

const wait = async (ms: number) => {
  return new Promise((resolve) => {
    setTimeout(resolve, ms)
  })
}

const app = new Hono({ router: new TrieRouter() })

app.use('*', async (c, next) => {
  await wait(Math.random() * 200)
  return next()
})

app.get('/modules/:id/versions/:version', async (c) => {
  const id = c.req.param('id')
  const version = c.req.param('version')

  console.log('path', c.req.path)
  console.log('version', version)

  return c.json({
    id,
    version,
  })
})

export default app

The client code which makes requests to the server application:

const examples = [
  'http://localhost:8787/modules/first/versions/first',
  'http://localhost:8787/modules/second/versions/second',
  'http://localhost:8787/modules/third/versions/third',
]

const test = () => {
  for (const example of examples) {
    fetch(example)
      .then((response) => response.json())
      .then((data) => {
        const splitted = example.split('/')
        const expected = splitted[splitted.length - 1]

        if (expected !== data.version) {
          console.error(`Error: exprected ${expected} but got ${data.version} - url was ${example}`)
        }
      })
  }
}

test()

The results:

Error: exprected second but got third - url was http://localhost:8787/modules/second/versions/second
Error: exprected first but got third - url was http://localhost:8787/modules/first/versions/first

Patches

"v3.11.7" includes the change to fix this issue.

Workarounds

Don't use TrieRouter directly.

// DON'T USE TrieRouter
import { TrieRouter } from 'hono/router/trie-router'
const app = new Hono({ router: new TrieRouter() })

References

Router options on the Hono website: https://hono.dev/api/hono#router-option

---

Release Notes

honojs/hono (hono)

v3.11.7

Compare Source

Security Update

This release includes a security patch that fixes the vulnerability in TrieRouter.

If you are using the default preset or hono/quick, or specifying the router as TrieRouter, you must upgrade to this version 3.11.7 immediately.

How to upgrade

For Deno

Just increment the version specifier to v3.11.7.

import { Hono } from 'https://deno.land/x/hono@v3.11.7/mod.ts'
import { serveStatic } from 'https://deno.land/x/hono@v3.11.7/middleware.ts'

For Node.js

Upgrade the hono package via npm:

npm install hono

// OR

yarn add hono

// OR

pnpm up hono

You may not update the hono package with npm update, so please use npm install.

The vulnerability detail

The clients may override named path parameter values from previous requests if the application is using TrieRouter. So, there is a risk that a privileged user may use unintended parameters when deleting REST API resources.

TrieRouter is used either explicitly or when the application matches a pattern that is not supported by the default RegExpRouter.

The advisory: GHSA-f6gv-hh8j-q8vq

Our Approach to Security

If you discover such a vulnerability, please contact us immediately. We will respond immediately; we have enabled GitHub's private vulnerability reporting feature, so please use that.

https://github.com/honojs/hono/security/advisories

Thanks.

---

Full Changelog: honojs/hono@v3.11.6...v3.11.7

v3.11.6

Compare Source

What's Changed

• fix(context): set status correctly by @​yusukebe in https://github.com/honojs/hono/pull/1814

Full Changelog: honojs/hono@v3.11.5...v3.11.6

v3.11.5

Compare Source

What's Changed

• fix(context): set headers values correctly by @​yusukebe in https://github.com/honojs/hono/pull/1808
• docs(readme): update hono/tiny size by @​ryuapp in https://github.com/honojs/hono/pull/1809
• fix(context): c.json() allows object and returns JSONParsed by @​yusukebe in https://github.com/honojs/hono/pull/1806

New Contributors

• @​ryuapp made their first contribution in https://github.com/honojs/hono/pull/1809

Full Changelog: honojs/hono@v3.11.4...v3.11.5

v3.11.4

Compare Source

What's Changed

• fix(client): c.json() supports undefined/null response by @​yusukebe in https://github.com/honojs/hono/pull/1794

Full Changelog: honojs/hono@v3.11.3...v3.11.4

v3.11.3

Compare Source

What's Changed

• fix(base): name private _basePath instead of #basePath by @​yusukebe in https://github.com/honojs/hono/pull/1785
• fix(client): make ClientResponse.json() returns Union correctly by @​yusukebe in https://github.com/honojs/hono/pull/1786
• fix: add missing tail to svg regex by @​eliasbrange in https://github.com/honojs/hono/pull/1788

New Contributors

• @​eliasbrange made their first contribution in https://github.com/honojs/hono/pull/1788

Full Changelog: honojs/hono@v3.11.2...v3.11.3

v3.11.2

Compare Source

What's Changed

• fix(types): Added E env type argument to showRoutes & inspectRoutes hono parameter by @​NuroDev in https://github.com/honojs/hono/pull/1778

New Contributors

• @​NuroDev made their first contribution in https://github.com/honojs/hono/pull/1778

Full Changelog: honojs/hono@v3.11.1...v3.11.2

v3.11.1

Compare Source

What's Changed

• fix(context): Strict type checking c.json() by @​yusukebe in https://github.com/honojs/hono/pull/1776

Full Changelog: honojs/hono@v3.11.0...v3.11.1

v3.11.0

Compare Source

Hono v3.11.0 is now available! Let's take a look at the new features.

ErrorBoundary

This release introduces the new JSX component ErrorBoundary. It allows you to catch errors in child components.

For instance, in the example below, it will display the content specified in fallback if an error occurs.

import { ErrorBoundary } from 'hono/jsx'

// ...

function SyncComponent() {
  throw new Error('Error')
  return <div>Hello</div>
}

app.get('/sync', async (c) => {
  return c.html(
    <html>
      <body>
        <ErrorBoundary fallback={<div>Out of Service</div>}>
          <SyncComponent />
        </ErrorBoundary>
      </body>
    </html>
  )
})

ErrorBoundary can be used with asynchronous components and Suspense as well.

async function AsyncComponent() {
  await new Promise((resolve) => setTimeout(resolve, 2000))
  throw new Error('Error')
  return <div>Hello</div>
}

app.get('/with-suspense', async (c) => {
  return c.html(
    <html>
      <body>
        <ErrorBoundary fallback={<div>Out of Service</div>}>
          <Suspense fallback={<div>Loading...</div>}>
            <AsyncComponent />
          </Suspense>
        </ErrorBoundary>
      </body>
    </html>
  )
})

Thanks to @​usualoma!

createFactory() and createHandlers()

The Factory helper now provides createFactory(), which creates an instance of the Factory class.

import { createFactory } from 'hono/factory'

const factory = createFactory()

createHandlers() in a Factory class instance assists in defining handlers.

import { createFactory } from 'hono/factory'
import { logger } from 'hono/logger'

// ...

const factory = createFactory<Env>()

const middleware = factory.createMiddleware(async (c, next) => {
  c.set('foo', 'bar')
  await next()
})

const handlers = factory.createHandlers(logger(), middleware, (c) => {
  return c.json(c.var.foo)
})

app.get('/api', ...handlers)

Dev Helper

Dev Helper is now available.

Instead of using app.showRoutes(), the showRoutes() function exported from hono/dev will display the registered routes in your console.

Consider an application like the following:

import { showRoutes } from 'hono/dev'

// ...

const app = new Hono().basePath('/v1')

app.get('/posts', (c) => {
  // ...
})

app.get('/posts/:id', (c) => {
  // ...
})

app.post('/posts', (c) => {
  // ...
})

showRoutes(app)

When this application starts, the routes will be displayed in your console as follows:

GET   /v1/posts
GET   /v1/posts/:id
POST  /v1/posts

Thanks to @​usualoma!

app.showRoutes has been deprecated.

c.json() supports RPC

c.json() now supports RPC, meaning you no longer need to use c.jsonT() for RPC-mode.

c.jsonT() has been deprecated.

Thanks to @​usualoma!

c.req.routePath

You can retrieve the registered path within the handler as shown below:

app.get('/posts/:id', (c) => {
  return c.json({ path: c.req.routePath })
})

If you access /posts/123, it will return /posts/:id:

{ "path": "/posts/:id" }

Thanks to @​usualoma!

Other new features

• feat(adaptor): Enhance AWS Lambda Event Handling and Interface. Thanks to @​watany-dev!
• feat(bearerAuth): accept a list of token strings. Thanks to @​thanks to @​mstibbard!
• feat(types): Support types until 10 handlers. Thanks to @​gabrielDonnantuoni!

All Updates

• Introduce ErrorBoundary component by @​usualoma in https://github.com/honojs/hono/pull/1714
• feat(adaptor): Enhance AWS Lambda Event Handling and Interface by @​watany-dev in https://github.com/honojs/hono/pull/1710
• feat(types): Support types until 10 handlers by @​gabrielDonnantuoni in https://github.com/honojs/hono/pull/1735
• feat: introduce createFactory() and createHandlers() by @​yusukebe in https://github.com/honojs/hono/pull/1743
• feat(context): remove experimental from c.render/c.setRenderer() by @​yusukebe in https://github.com/honojs/hono/pull/1748
• feat/allow bearerAuth to accept a list of token strings by @​mstibbard in https://github.com/honojs/hono/pull/1749
• Introduce inspectRoutes() and showRoutes() by @​usualoma in https://github.com/honojs/hono/pull/1716
• fix(types): Keep Env types with changed routes by @​yusukebe in https://github.com/honojs/hono/pull/1757
• refactor(router): remove duplication MESSAGE_MATCHER_IS_ALREADY_BUILT by @​yusukebe in https://github.com/honojs/hono/pull/1763
• Ensure that calls to c.json() have a type equivalent to c.jsonT() by @​usualoma in https://github.com/honojs/hono/pull/1728
• feat(request): Introduce matchedRoutes and routePath for HonoRequest by @​usualoma in https://github.com/honojs/hono/pull/1744
• feat(jsx): mark ErrorBoundary as experimental by @​yusukebe in https://github.com/honojs/hono/pull/1771
• fix(factory): Filter undefined in createHandlers by @​yusukebe in https://github.com/honojs/hono/pull/1772
• refactor: use # for private properties by @​yusukebe in https://github.com/honojs/hono/pull/1762
• Next by @​yusukebe in https://github.com/honojs/hono/pull/1774

New Contributors

• @​gabrielDonnantuoni made their first contribution in https://github.com/honojs/hono/pull/1735
• @​mstibbard made their first contribution in https://github.com/honojs/hono/pull/1749

Full Changelog: honojs/hono@v3.10.5...v3.11.0

v3.10.5

Compare Source

What's Changed

• fix(client): Allow optional props in JSON response by @​yusukebe in https://github.com/honojs/hono/pull/1769
• chore(benchmarks/jsx): Update benchmark by @​usualoma in https://github.com/honojs/hono/pull/1768

Full Changelog: honojs/hono@v3.10.4...v3.10.5

v3.10.4

Compare Source

What's Changed

• fix(context): Set content-type with c.text() correctly by @​yusukebe in https://github.com/honojs/hono/pull/1761

Full Changelog: honojs/hono@v3.10.3...v3.10.4

v3.10.3

Compare Source

What's Changed

• chore: remove jest.config.js by @​yusukebe in https://github.com/honojs/hono/pull/1731
• fix: Invalid HTTP header error is hidden by @​RobertSasak in https://github.com/honojs/hono/pull/1694
• fix(jsx): Write the raw value if the value is a HtmlEscaped string by @​usualoma in https://github.com/honojs/hono/pull/1739
• fix(helper/cookie): make default Path=/ for setCookie()/setSignedCookie() by @​yusukebe in https://github.com/honojs/hono/pull/1742

New Contributors

• @​RobertSasak made their first contribution in https://github.com/honojs/hono/pull/1694

Full Changelog: honojs/hono@v3.10.2...v3.10.3

v3.10.2

Compare Source

What's Changed

• ci: rename fastly compute@edge to compute by @​yusukebe in https://github.com/honojs/hono/pull/1708
• Fix/request param keys by @​usualoma in https://github.com/honojs/hono/pull/1715
• fix(types): fixed a typo by @​yusukebe in https://github.com/honojs/hono/pull/1721
• Export APIGatewayProxyResult from aws-lambda by @​juho in https://github.com/honojs/hono/pull/1711
• fix(compose): allow notFound handler to be async by @​rschick in https://github.com/honojs/hono/pull/1729
• fix(compose): allow onError() handler to be async by @​yusukebe in https://github.com/honojs/hono/pull/1730

New Contributors

• @​juho made their first contribution in https://github.com/honojs/hono/pull/1711
• @​rschick made their first contribution in https://github.com/honojs/hono/pull/1729

Full Changelog: honojs/hono@v3.10.1...v3.10.2

v3.10.1

Compare Source

What's Changed

• fix(context): c.text() set the status set by c.status() by @​yusukebe in https://github.com/honojs/hono/pull/1702
• perf(compose): simplify by @​yusukebe in https://github.com/honojs/hono/pull/1701

Full Changelog: honojs/hono@v3.10.0...v3.10.1

v3.10.0

Compare Source

Hono v3.10.0 is now available! Let's explore the new features.

Support for Async Components in JSX

Hono's JSX now supports Async Components. You can use async/await in your components.

const fetchData = async () => {
  const res = await fetch('https://jsonplaceholder.typicode.com/todos/1')
  return res.json<{ title: string }>()
}

const Component = async () => {
  const data = await fetchData()
  return <div>{data.title}</div>
}

app.get('/', (c) => {
  return c.html(
    <html>
      <body>
        <h1>Hono v3.10.0</h1>
        <Component />
      </body>
    </html>
  )
})

Thanks, @​usualoma!

Introduction of Suspense and renderToReadableStream()

With the Async Component, as shown above, it will await until fetch is completed. But now, if you want to render HTML before that, you can use Suspense.

When you use Suspense with renderToReadableStream(), it initially renders the content in fallback. After the Promise in Suspense is resolved, the real content is rendered.

import { renderToReadableStream, Suspense } from 'hono/jsx/streaming'

// ...

app.get('/', (c) => {
  const stream = renderToReadableStream(
    <html>
      <body>
        <h1>Hono v3.10.0</h1>
        <Suspense fallback={<div>loading...</div>}>
          <Component />
        </Suspense>
      </body>
    </html>
  )
  return c.body(stream, {
    headers: {
      'Content-Type': 'text/html; charset=UTF-8',
      'Transfer-Encoding': 'chunked'
    }
  })
})

If you make Component sleep for 2 seconds, the result will be as follows:

Area.mp4

Thanks, @​usualoma!

JSX Renderer Middleware Now Supports stream

The JSX Renderer Middleware now supports stream, allowing you to use Suspense with it. You can return streaming responses without renderToReadableStream() and without writing header values such as Transfer-Encoding: chunked.

import { jsxRenderer } from 'hono/jsx-renderer'

// ...

app.get(
  '*',
  jsxRenderer(
    ({ children }) => {
      return (
        <html>
          <body>
            <h1>Hono v3.10.0</h1>
            {children}
          </body>
        </html>
      )
    },
    {
      stream: true
    }
  )
)

app.get('/', (c) => {
  return c.render(
    <Suspense fallback={<div>loading...</div>}>
      <Component />
    </Suspense>
  )
})

Thanks, @​usualoma!

AWS Lambda Adapter Now Supports Streaming Response

The streamHandle is now available in the AWS Lambda adapter. With this, AWS Lambda can handle streaming responses.

import { Hono } from 'hono'
import { streamHandle } from 'hono/aws-lambda'

const app = new Hono()

app.get('/stream', async (c) => {
  return c.streamText(async (stream) => {
    for (let i = 0; i < 3; i++) {
      await stream.writeln(`${i}`)
      await stream.sleep(1)
    }
  })
})

const handler = streamHandle(app)

Thanks, @​watany-dev!

Support @jsx precompile for Deno

Now, Hono's JSX supports the precompile feature for Deno. To enable it, write deno.json as follows.

{
  "compilerOptions": {
    "jsx": "precompile",
    "jsxImportSource": "hono/jsx"
  },
  "imports": {
    "hono/jsx/jsx-runtime": "https://deno.land/x/hono@v3.10.0/jsx/jsx-runtime.ts"
  }
}

Thanks, @​usualoma!

Ecosystem

The ecosystem is evolving. Today, we introduce one framework using Hono.

• Ree.js https://ree.js.org/ - Ree.js is a library that makes web development faster and easier by providing features such as URL Imports, JSX support, and server-side rendering.

All Updates

• feat(adaptor): Support AWS Function URL Streaming by @​watany-dev in https://github.com/honojs/hono/pull/1625
• feat: Introduce streaming API with Suspense and use. by @​usualoma in https://github.com/honojs/hono/pull/1630
• feat(helper/factory): remove @experimental from createMiddleware() by @​yusukebe in https://github.com/honojs/hono/pull/1653
• fix(jsx/streaming): Fixed a bug that caused async components to be evaluated multiple times inside Suspense. by @​usualoma in https://github.com/honojs/hono/pull/1656
• fix(helper): Stream SSE Helper Non-Closure by @​watany-dev in https://github.com/honojs/hono/pull/1650
• feat(jsx): Define jsxTemplate/jsxAttr/jsxEscape for "@​jsx precompile" of Deno 1.38 by @​usualoma in https://github.com/honojs/hono/pull/1651
• feat(jsx/streaming): Support nested Suspense. by @​usualoma in https://github.com/honojs/hono/pull/1660
• perf(jsx/streaming): In multiple Suspense, go ahead in the order of resolved. by @​usualoma in https://github.com/honojs/hono/pull/1663
• feat(jsx-renderer): Support "stream" option in jsxRenderer. by @​usualoma in https://github.com/honojs/hono/pull/1662
• docs: rename Fastly Compute@Edge to Compute by @​yusukebe in https://github.com/honojs/hono/pull/1664
• fix(jsx/streaming): Fixed a problem when multiple children are added directly under Suspense. by @​usualoma in https://github.com/honojs/hono/pull/1665
• fix(types): infer env types with chaining handlers by @​yusukebe in https://github.com/honojs/hono/pull/1668
• feat(hono): remove experimental flag from app.mount() by @​yusukebe in https://github.com/honojs/hono/pull/1669
• fix(Adaptor): Lambda Response Streaming With Content Type by @​watany-dev in https://github.com/honojs/hono/pull/1673
• fix(types): allow arbitrary values as environment values by @​screendriver in https://github.com/honojs/hono/pull/1680
• fix(context): implement ContextVariableMap for c.var by @​yusukebe in https://github.com/honojs/hono/pull/1682
• feat(app): use console.error() for default errorHandler by @​yusukebe in https://github.com/honojs/hono/pull/1687
• Next by @​yusukebe in https://github.com/honojs/hono/pull/1690

New Contributors

• @​screendriver made their first contribution in https://github.com/honojs/hono/pull/1680

Full Changelog: honojs/hono@v3.9.2...v3.10.0

v3.9.2

Compare Source

Security Update for Windows

This release includes a security patch that fixes the vulnerability for serveStatic on Windows OS. If you run a Hono app on Windows with Deno or Node.js, you must upgrade to this version 3.9.2 immediately.

Note: You don't need upgrade it right now if you run it on Cloudflare, Deno on Linux/Unix/macOS, Deno Deploy, Bun, or Node.js on Linux/Unix/macOS.

How to upgrade

For Deno

Just increment the version specifier to v3.9.2.

import { Hono } from 'https://deno.land/x/hono@v3.9.2/mod.ts'
import { serveStatic } from 'https://deno.land/x/hono@v3.9.2/middleware.ts'

For Node.js

Upgrade the hono package via npm:

npm install hono

// OR

yarn add hono

// OR

pnpm up hono

You may not update the hono package with npm update, so please use npm install.

Our Approach to Security

If you discover such a vulnerability, please contact us immediately. We will respond immediately; we have enabled GitHub's private vulnerability reporting feature, so please use that.

https://github.com/honojs/hono/security/advisories

Thanks.

What's Changed

• chore(ci): maintenance Node.js by @​watany-dev in https://github.com/honojs/hono/pull/1636
• fix(utils/filepath): filepath supports Windows by @​yusukebe in https://github.com/honojs/hono/pull/1642

Full Changelog: honojs/hono@v3.9.1...v3.9.2

v3.9.1

Compare Source

What's Changed

• fix(package.json): export types correctly by @​yusukebe in https://github.com/honojs/hono/pull/1633

Full Changelog: honojs/hono@v3.9.0...v3.9.1

v3.9.0

Compare Source

Release Notes

Hono v3.9.0 is out now! Let's take a look at what's new.

Improving the Developer Experience for JSX

Now we have the types for JSX.

Type definitions for JSX intrinsic elements are available. So, you can write your JSX with type annotation.

You can also override the definitions to add your custom elements and attributes.

declare global {
  namespace JSX {
    interface IntrinsicElements {
      'my-custom-element': Hono.HTMLAttributes & {
        'x-event'?: 'click' | 'scroll'
      }
    }
  }
}

Clerk Middleware

Now Clerk Middleware is available! You can use Clerk for authentication in your application.

import { clerkMiddleware, getAuth } from '@​hono/clerk-auth'
import { Hono } from 'hono'

const app = new Hono()

app.use('*', clerkMiddleware())
app.get('/', (c) => {
  const auth = getAuth(c)

  if (!auth?.userId) {
    return c.json({
      message: 'You are not logged in.'
    })
  }

  return c.json({
    message: 'You are logged in!',
    userId: auth.userId
  })
})

export default app

Thanks @​octoper!

New Starter Template for Cloudflare Pages

The Cloudflare Pages starter template is now Vite-based! You can develop truly full-stack applications quickly and fast thanks to Vite's HMR.

It uses Hono's original dev-server provided by @​hono/vite-dev-server. And uses @​hono/vite-cloudflare-pages for building the application. The config file is very neat.

import { defineConfig } from 'vite'
import devServer from '@​hono/vite-dev-server'
import pages from '@​hono/vite-cloudflare-pages'

export default defineConfig({
  plugins: [
    pages(),
    devServer({
      entry: 'src/index.tsx'
    })
  ]
})

You can use it with the create hono command:

npm create hono@latest

Ecosystem

The ecosystem has evolved. We introduce two products for Hono and one framework using Hono. Try them!

• Hono Storage - Hono Storage is a storage helper for Hono, similar to multer in Express. by @​sor4chi
• Hono for Durable Object - Hono DO is a wrapper for Cloudflare Workers' Durable Object, designed for Hono. by @​sor4chi
• Hwy - Hwy is a simple, lightweight, and flexible web framework, built on Hono and HTMX. by @​sjc5

All Updates

• feat: types for JSX elements by @​yusukebe in https://github.com/honojs/hono/pull/1614
• feat(helper/adapter): add runtime option to env by @​yusukebe in https://github.com/honojs/hono/pull/1622
• feat(jsx-renderer): docType option by @​yusukebe in https://github.com/honojs/hono/pull/1621
• Next by @​yusukebe in https://github.com/honojs/hono/pull/1624

v3.8.4

Compare Source

What's Changed

• fix: combine fluent interface with route grouping by @​ashtonsix in https://github.com/honojs/hono/pull/1610
• fix(client/type): make args param optional if the input has no required keys by @​MonsterDeveloper in https://github.com/honojs/hono/pull/1618
• fix(lambda): Aws lambda cookies fix by @​OJ217 in https://github.com/honojs/hono/pull/1613

New Contributors

• @​ashtonsix made their first contribution in https://github.com/honojs/hono/pull/1610
• @​MonsterDeveloper made their first contribution in https://github.com/honojs/hono/pull/1618
• @​OJ217 made their first contribution in https://github.com/honojs/hono/pull/1613

Full Changelog: honojs/hono@v3.8.3...v3.8.4

v3.8.3

Compare Source

What's Changed

• fix(jsx-renderer): fix PropsForRenderer by @​yusukebe in https://github.com/honojs/hono/pull/1607
• fix(hc): allows optional schemas by @​yusukebe in https://github.com/honojs/hono/pull/1608

Full Changelog: honojs/hono@v3.8.2...v3.8.3

v3.8.2

Compare Source

What's Changed

• fix(context): change FetchEvent detection way by @​yusukebe in https://github.com/honojs/hono/pull/1595
• test(validator): fix the error message for node v18.18 by @​yusukebe in https://github.com/honojs/hono/pull/1596
• chore(ci): update node v20 by @​watany-dev in https://github.com/honojs/hono/pull/1598
• chore(ci): bun v1 by @​watany-dev in https://github.com/honojs/hono/pull/1599
• fix(package.json): export hono-base by @​yusukebe in https://github.com/honojs/hono/pull/1604
• fix: Don't kebab case style property values by @​bconnorwhite in https://github.com/honojs/hono/pull/1562

New Contributors

• @​bconnorwhite made their first contribution in https://github.com/honojs/hono/pull/1562

Full Changelog: honojs/hono@v3.8.1...v3.8.2

v3.8.1

Compare Source

What's Changed

• fix: c.req.params() in nested app with custom error handler. by @​usualoma in https://github.com/honojs/hono/pull/1593

Full Changelog: honojs/hono@v3.8.0...v3.8.1

v3.8.0

Compare Source

Hono v3.8.0 is out now! Let's take a look at the new features.

JSX Context API

The new feature for JSX. By using useContext(), you can share data globally across any level of the Component tree without passing values through props.

import type { FC } from 'hono/jsx'
import { createContext, useContext } from 'hono/jsx'

const themes = {
  light: {
    color: '#​000000',
    background: '#eeeeee'
  },
  dark: {
    color: '#ffffff',
    background: '#​222222'
  }
}

const ThemeContext = createContext(themes.light)

const Button: FC = () => {
  const theme = useContext(ThemeContext)
  return <button style={theme}>Push!</button>
}

const Toolbar: FC = () => {
  return (
    <div>
      <Button />
    </div>
  )
}

app.get('/', (c) => {
  return c.html(
    <div>
      <ThemeContext.Provider value={themes.dark}>
        <Toolbar />
      </ThemeContext.Provider>
    </div>
  )
})

Thanks @​usualoma!

JSX Renderer Middleware

JSX Renderer Middleware allows you to set up the layout when rendering JSX with the c.render() function, without the need for using c.setRenderer(). Additionally, it enables access to instances of Context within components through the use of useRequestContext().

import { Hono } from 'hono'
import { jsxRenderer, useRequestContext } from 'hono/jsx-renderer'

const app = new Hono()

const RequestUrlBadge: FC = () => {
  const c = useRequestContext()
  return <b>{c.req.url}</b>
}

app.get(
  '/page/*',
  jsxRenderer(({ children }) => {
    return (
      <html>
        <body>
          <nav>Menu</nav>
          <div>{children}</div>
        </body>
      </html>
    )
  })
)

app.get('/page/about', (c) => {
  return c.render(
    <>
      <h1>About me!</h1>
      <div>
        You are accessing: <RequestUrlBadge />
      </div>
    </>
  )
})

Thanks @​usualoma!

Streaming Helper

The streaming Helper provides a method to extend c.stream(). streamSSE() allows you to stream Server-Sent Events (SSE) seamlessly.

import { Hono } from 'hono'
import { streamSSE } from 'hono/streaming'

const app = new Hono()

app.get('/sse', async (c) => {
  return streamSSE(c, async (stream) => {
    while (true) {
      const message = `It is ${new Date().toISOString()}`
      await stream.writeSSE({ data: message })
      await stream.sleep(1000)
    }
  })
})

Thanks @​watany-dev!

Factory Helper

The Factory Helper provides useful functions for creating Hono's components such as Middleware. Sometimes it's difficult to set the proper TypeScript types, but this helper facilitates that.

createMiddleware() that is added this version will create your custom middleware.

import { Hono } from 'hono'
import { createMiddleware } from 'hono/factory'

const messageMiddleware = createMiddleware(async (c, next) => {
  await next()
  c.res.headers.set('X-Message', 'Good morning!')
})

Thanks @​arunavabasu-03 for helping!

parseBody() supports multi values

Now, c.req.parseBody() supports multi values.

If the key is foo[], it will be (string | File)[].

const body = await c.req.parseBody()
body['foo[]']

And, you can use the all option.

const body = await c.req.parseBody({ all: true })
body['foo']

Thanks @​sor4chi!

Improve path matching in the router

Improved the path matching in the router. Previously, for instance, a Duplicate param name error would be thrown if there were parameters with the same name, type, url, as shown below:

app.get('/:type/:url', (c) => {
  return c.text(`type: ${c.req.param('type')}, url: ${c.req.param('url')}`)
})

app.get('/foo/:type/:url', (c) => {
  return c.text(`foo type: ${c.req.param('type')}, url: ${c.req.param('url')}`)
})

With this improvement, the error is no longer thrown, and the correct parameter values can be obtained in each handler.

Thanks @​usualoma!

All Updates

• feat(helper): streaming-sse by @​watany-dev in https://github.com/honojs/hono/pull/1504
• feat: parseBody() for multi values' field by @​sor4chi in https://github.com/honojs/hono/pull/1528
• feat: rename middleware to createMiddleware by @​arunavabasu-03 in https://github.com/honojs/hono/pull/1540
• Introduce "Context" API and "renderer" for JSX. by @​usualoma in https://github.com/honojs/hono/pull/1496
• feat(reg-exp-router): Improve capture group support. by @​usualoma in https://github.com/honojs/hono/pull/1556
• chore: bump up denoify by @​yusukebe in https://github.com/honojs/hono/pull/1570
• feat: one params per a handler (optimized for RegExpRouter) by @​usualoma in https://github.com/honojs/hono/pull/1566
• test: fix the sleep time for SSE by @​yusukebe in https://github.com/honojs/hono/pull/1575
• feat(app): basePath option for the constructor, deprecate app.basePath() by @​yusukebe in https://github.com/honojs/hono/pull/1560
• feat(package.json): export streaming helper by @​yusukebe in https://github.com/honojs/hono/pull/1578
• fix(streaming): fix SSE format by @​yusukebe in https://github.com/honojs/hono/pull/1579
• fix(factory): fixed the comment by @​yusukebe in https://github.com/honojs/hono/pull/1581
• feat(deno): export the factory helper for Deno by @​yusukebe in https://github.com/honojs/hono/pull/1582
• Revert "feat(app): basePath option for the constructor, deprecate app.basePath() (#​1560)" by @​yusukebe in https://github.com/honojs/hono/pull/1586
• refactor: refactored hono-base by @​yusukebe in https://github.com/honojs/hono/pull/1588
• Next by @​yusukebe in https://github.com/honojs/hono/pull/1589

New Contributors

• @​arunavabasu-03 made their first contribution in https://github.com/honojs/hono/pull/1540

Full Changelog: honojs/hono@v3.7.6...v3.8.0

v3.7.6

Compare Source

What's Changed

• test: use Node.js Native Web APIs instead of miniflare's by @​yusukebe in https://github.com/honojs/hono/pull/1558
• fix: return status 500 when using validator 'form' by @​b-marques in https://github.com/honojs/hono/pull/1554
• perf(hono-base): use instanceOf by @​yusukebe in https://github.com/honojs/hono/pull/1565

New Contributors

• @​b-marques made their first contribution in https://github.com/honojs/hono/pull/1554

Full Changelog: honojs/hono@v3.7.5...v3.7.6

v3.7.5

Compare Source

What's Changed

• fix(types): don't use webworker types by @​yusukebe in https://github.com/honojs/hono/pull/1548

Full Changelog: honojs/hono@v3.7.4...v3.7.5

v3.7.4

Compare Source

What's Changed

• fix(context): use FetchEvent instead of FetchEventLike by @​yusukebe in https://github.com/honojs/hono/pull/1532
• refactor(hono-base): remove any casting by @​yusukebe in https://github.com/honojs/hono/pull/1535
• fix(jsx): render a child or odd children with Fragment correctly by @​yusukebe in https://github.com/honojs/hono/pull/1541
• fix(vercel): pass request context by @​yusukebe in https://github.com/honojs/hono/pull/1543

Full Changelog: honojs/hono@v3.7.3...v3.7.4

v3.7.3

Compare Source

What's Changed

• fix(types): fix inferring path strings for an optional parameter with regexp by @​yusukebe in https://github.com/honojs/hono/pull/1522
• feat(adaptor): Accessable Lambda "Context" by @​watany-dev in https://github.com/honojs/hono/pull/1523

Full Changelog: honojs/hono@v3.7.2...v3.7.3

v3.7.2

Compare Source

What's Changed

• fix(utils/buffer): fix bufferToFormData() by @​yusukebe in https://github.com/honojs/hono/pull/1500

Full Changelog: honojs/hono@v3.7.1...v3.7.2

v3.7.1

Compare Source

What's Changed

• fix(deno): export testing helper by @​yusukebe in https://github.com/honojs/hono/pull/1493

Full Changelog: honojs/hono@v3.7.0...v3.7.1

v3.7.0

Compare Source

Hono v3.7.0 is out now! Let's take a look at the new features.

c.stream() and c.streamText()

We added the awaited functionality related to streaming. c.stream() and c.streamText().

You can easily create HTTP Streaming endpoints with them.

app.get('/', (c) => {
  return c.streamText(async (stream) => {
    stream.writeln('Hello!')
    await stream.sleep(1000)
    stream.writeln('Hono!')
  })
})

You know Streaming works well with AI. With streamText() you can write your ChatGPT Gateway in elegant code.

app.post('/api', async (c) => {
  const body = await c.req.json<{ message: string }>()

  const openai = new OpenAI({ apiKey: c.env.OPENAI_API_KEY })
  const chatStream = await openai.chat.completions.create({
    messages: PROMPT(body.message),
    model: 'gpt-3.5-turbo',
    stream: true
  })

  return c.streamText(async (stream) => {
    for await (const message of chatStream) {
      await stream.write(message.choices[0]?.delta.content ?? '')
    }
  })
})

This application can display streamed data from OpenAI's API in a flowing manner.

Screen.Recording.2023-09-21.at.11.11.36.mov

Thanks, @​sor4chi and @​geelen !

Testing Helper

With testClient in Testing Helper you can easily write your tests. The object returned by this function is the hc client, so you can define your request with the editor completion.

import { testClient } from 'hono/testing'

it('test', async() => {
  const app = new Hono().get('/search', (c) => c.jsonT({ hello: 'world' }))
  const res = await testClient(app).search.$get()

  expect(await res.json()).toEqual({ hello: 'world' })
})

sc.mov

Thanks, @​hagishi !

JWT helper

We uses JWT functions internally, but now they are exported as JWT Helper. You can import and use them.

import { decode, sign, verify } from 'hono/jwt'

Thanks, @​julianpoma !

All Updates

• feat: Improvement of Parse Body by @​bakunya in https://github.com/honojs/hono/pull/1461
• feat: Refactor ClientRequest Type for header validation by @​hagishi in https://github.com/honojs/hono/pull/1462
• feat: expose the Jwt fucntions under the 'hono/jwt' path by @​julianpoma in https://github.com/honojs/hono/pull/1472
• feat: add Hono test client (RPC) by @​hagishi in https://github.com/honojs/hono/pull/1451
• chore(benchmark): add memoirist router by @​yusukebe in https://github.com/honojs/hono/pull/1474
• feat: add devcontainer to improve developer experience by @​C-Dao in https://github.com/honojs/hono/pull/1100
• fix: error to retrieve cookie by @​uaichat in https://github.com/honojs/hono/pull/1386
• feat(client) add cookie type validate by @​hagishi in https://github.com/honojs/hono/pull/1476
• fix(jwt): avoid using enum by @​yusukebe in https://github.com/honojs/hono/pull/1485
• fix(context): fix c.stream() and c.streamText() matters by @​yusukebe in https://github.com/honojs/hono/pull/1482
• fix(jwt): incorrect error message by @​NicoPlyley in https://github.com/honojs/hono/pull/1487
• Next by @​yusukebe in https://github.com/honojs/hono/pull/1489

New Contributors

• @​bakunya made their first contribution in https://github.com/honojs/hono/pull/1461
• @​julianpoma made their first contribution in https://github.com/honojs/hono/pull/1472
• @​C-Dao made their first contribution in https://github.com/honojs/hono/pull/1100
• @​uaichat made their first contribution in https://github.com/honojs/hono/pull/1386
• @​NicoPlyley made their first contribution in https://github.com/honojs/hono/pull/1487

Full Changelog: honojs/hono@v3.6.3...v3.7.0

v3.6.3

Compare Source

What's Changed

• fix(types): return types of jsonT() should be union by @​yusukebe in https://github.com/honojs/hono/pull/1471
• fix(types): support infering path types for multiple handlers by @​yusukebe in https://github.com/honojs/hono/pull/1473

Full Changelog: honojs/hono@v3.6.2...v3.6.3

v3.6.2

Compare Source

What's Changed

• fix(types): Use ExpectTypeOf from vitest to test types by @​vadhe in https://github.com/honojs/hono/pull/1458
• fix(types): middleware with different env types by @​yusukebe in https://github.com/honojs/hono/pull/1466
• fix(type): check 1st arg of middleware is string by @​yusukebe in https://github.com/honojs/hono/pull/1470

New Contributors

• @​vadhe made their first contribution in https://github.com/honojs/hono/pull/1458

Full Changelog: honojs/hono@v3.6.1...v3.6.2

v3.6.1

Compare Source

This release includes tiny features and bug fixes.

What's Changed

• feat: extend app.request paramters by @​hagishi in https://github.com/honojs/hono/pull/1442
• fix(hono-base): deprecate should be deprecated by @​yusukebe in https://github.com/honojs/hono/pull/1448
• feat: allow the type of app.request by @​hagishi in [https://github.com/feat: allow the type of app.request honojs/hono#1444](https://togithub.com/honojs/hono/pul