Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

@hono/node-server

Ecosystem:
npm
Package URL:
pkg:npm/@hono/node-server
Total PRs:
4,126 Dependabot PRs
Latest PR:
about 5 hours ago
Unique Repositories:
1,664 repositories
Unique Repos (30 days):
158 repositories
Security Advisories
@hono/node-server cannot handle "double dots" in URL
GHSA-rjq5-w47x-x359 CVE-2024-23340 MODERATE published over 2 years ago • updated 5 days ago
### Impact Since v1.3.0, we use our own Request object. This is great, but the `url` behavior is unexpected. In the standard API, if the URL cont...
@hono/node-server: Middleware bypass via repeated slashes in serveStatic
GHSA-92pp-h63x-v22m CVE-2026-39406 MODERATE published about 2 months ago • updated 10 days ago
## Summary A path handling inconsistency in `serveStatic` allows protected static files to be accessed by using repeated slashes (`//`) in the req...
@hono/node-server has Denial of Service risk when receiving Host header that cannot be parsed
GHSA-hgxw-5xg3-69jx CVE-2024-32652 HIGH published about 2 years ago • updated 5 days ago
### Impact The application hangs when receiving a Host header with a value that `@hono/node-server` can't handle well. Invalid values are those th...
@hono/node-server has authorization bypass for protected static paths via encoded slashes in Serve Static Middleware
GHSA-wc8c-qw6v-h7f6 CVE-2026-29087 HIGH published 3 months ago • updated 12 days ago
## Summary When using @hono/node-server's static file serving together with route-based middleware protections (e.g. protecting `/admin/*`), incon...
Recent PRs (filtered by: Major PRs )
RSS Feed Clear filter
build(deps): bump @hono/node-server from 1.19.11 to 2.0.0

wangrui1573/rsshub-koysobackup #133

1.19.11 → 2.0.0 Major PR
Open about 1 month ago 2 comments
wangrui1573
chore(deps): bump @hono/node-server from 1.12.0 to 2.0.0

backnero/RSSHub #1809

1.12.0 → 2.0.0 Major PR
Closed about 1 month ago 3 comments
backnero
Bump @hono/node-server from 1.14.0 to 2.0.0

mofanx/rsshub_test #1004

1.14.0 → 2.0.0 Major PR
Closed about 1 month ago 2 comments
mofanx
chore(deps): bump @hono/node-server from 1.14.3 to 2.0.0

do-dorio/rsshub-comment2434 #1076

1.14.3 → 2.0.0 Major PR
Closed about 1 month ago 2 comments
do-dorio
chore(deps): bump @hono/node-server from 1.19.7 to 2.0.0

jp0id/RSSHub #1617

1.19.7 → 2.0.0 Major PR
Open about 1 month ago 1 comment
jp0id
chore(deps): bump @hono/node-server from 1.13.8 to 2.0.0

tsfksj/RSSHub #4390

1.13.8 → 2.0.0 Major PR
Closed about 1 month ago 2 comments
tsfksj
chore(deps): bump @hono/node-server from 1.13.8 to 2.0.0

lshilshi/RSSHub #3860

1.13.8 → 2.0.0 Major PR
Open about 1 month ago 1 comment
lshilshi
chore(deps): bump @hono/node-server from 1.19.14 to 2.0.0

susumutomita/DeepForm #128

1.19.14 → 2.0.0 Major PR
Closed about 1 month ago 1 comment
susumutomita
chore(deps): bump @hono/node-server from 1.19.14 to 2.0.0 in /apps/api

kenwoo9y/forge-ts-example #501

1.19.14 → 2.0.0 Major PR
Closed about 1 month ago 1 comment
kenwoo9y
Bump the npm_and_yarn group across 7 directories with 4 updates

GlacierEQ/EdgeChains #8

0.6.0 → 1.19.14 Major PR
Open about 2 months ago 3 comments
GlacierEQ
chore(deps): bump @hono/node-server from 1.19.13 to 2.0.0

codetalcott/hyperfixi #147

1.19.13 → 2.0.0 Major PR
Closed about 2 months ago 1 comment
codetalcott
Package Details
Name: @hono/node-server
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/@hono/node-server
JSON API: View JSON
Security Advisories

4

Active advisories
HIGH 2
MODERATE 2
View All npm Advisories
Package Information
Description:

Node.js Adapter for Hono

Repository: https://github.com/honojs/node-server
Homepage: https://github.com/honojs/node-server
Latest Release: 1.14.4
12 months ago
Dependent Repos: 34
Dependent Packages: 4
Downloads: 1,870,953
Ranking: Top 2.2719% by dependent repos Top 1.5021% by downloads Top 4.4218% by dependent pkgs
PR Status
Open 1,972 (47.8%)
Merged 220 (5.3%)
Closed 1,714 (41.5%)
PR Types
Major 111 (2.7%)
Minor 1,404 (34.0%)
Patch 2,391 (57.9%)