Skip to content

build(deps): bump http-proxy-middleware from 2.0.9 to 4.2.0 in the npm_and_yarn group across 1 directory#267

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-da641bee23
Closed

build(deps): bump http-proxy-middleware from 2.0.9 to 4.2.0 in the npm_and_yarn group across 1 directory#267
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm_and_yarn-da641bee23

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm_and_yarn group with 1 update in the / directory: http-proxy-middleware.

Updates http-proxy-middleware from 2.0.9 to 4.2.0

Release notes

Sourced from http-proxy-middleware's releases.

v4.2.0

What's Changed

New Contributors

Full Changelog: chimurai/http-proxy-middleware@v4.1.1...v4.2.0

v4.1.1

What's Changed

Full Changelog: chimurai/http-proxy-middleware@v4.1.0...v4.1.1

v4.1.0

What's Changed

... (truncated)

Changelog

Sourced from http-proxy-middleware's changelog.

v4.2.0

  • feat(types): export OnProxyEvent type
  • feat(debug-proxy-errors-plugin): diagnostic message for POST + bodyParser + ECONNRESET error
  • chore(package.json): update to httpxy v0.5.4

v4.1.1

  • fix(fixRequestBody): harden form-data stringification

v4.1.0

  • feat(definePlugin): helper function to create plugins
  • chore(package.json): update to httpxy@0.5.3
  • fix(ipv6): preserve credentials when normalizing bracketed IPv6 target string
  • fix(ipv6): unspecified IPv6 target hostname (::)
  • fix(response-interceptor): reduce responseInterceptor buffer churn
  • fix(ws): handle multi-server upgrade subscription and safe proxy shutdown
  • feat(router): add 'res' and 'options' to router function
  • feat(pathRewrite): add 'res' and 'options' to custom pathRewrite function
  • fix(responseInterceptor): prevent trailer/content-length conflict
  • feat(zstd): support zstd compression in responseInterceptor and fixRequestBody
  • fix(responseInterceptor): handle bodyless responses (HEAD/1xx/204/304) with content-encoding
  • fix(router): harden proxy-table matching

v4.0.0

  • fix(types): fix Logger type
  • fix(error-response-plugin): sanitize input
  • feat: drop node v14/v16/v18 [BREAKING CHANGE]
  • refactor: replace http-proxy w/ httpxy
  • chore: remove legacyCreateProxyMiddleware() [BREAKING CHANGE]
  • ci: migrate from jest to vitest
  • chore(package.json): esm only [BREAKING CHANGE]
  • chore(package.json): bump to httpxy 0.5.0 (#1183)
  • chore(package.json): drop node20 [BREAKING CHANGE] (#1179)
  • refactor: remove deprecated url.parse() (#1176)
  • fix(fixRequestBody): support content-encoding on request body (#1142)
  • fix: prevent TypeError when ws enabled but server is undefined (#1163)
  • fix: applyPathRewrite logs old req.url instead of rewritten path (#1157)
  • feat(hono): support for hono with createHonoProxyMiddleware
  • feat(ipv6): support literal IPv6 addresses in target and forward options (ie. "http://[::1]:8000")
  • chore(package.json): bump httpxy to ^0.5.1
  • fix(logger-plugin): support ipv6 host and handle undefined protocol/host
  • ci(publish.yml): pin github.triggering_actor
  • chore(package.json): node ^22.15.0 (#1218)
  • refactor(package): subpath 'http-proxy-middleware/hono' (#1220)
  • chore: node 26 support

v3.0.5

... (truncated)

Commits
  • 4abb1ba chore(package.json): v4.2.0 (#1276)
  • d40ae3e chore(package.json): update dependencies (#1275)
  • 89a78d0 chore(debug-proxy-errors-plugin): fix BODY_PARSER_ERROR_MESSAGE formatting (#...
  • 7ba87a9 feat(debug-proxy-errors-plugin): debug message for bodyParser + ECONNRESET er...
  • 006f1a4 test(e2e): assert invalid multipart error log (#1272)
  • 22281bf test(e2e): add HttpAgent keepAlive test (#472) (#1267)
  • 5b37301 chore(package.json): bump dev deps (#1265)
  • 3695b93 refactor(errors): use HttpProxyMiddlewareError class (#1264)
  • b9242af feat(types): export OnProxyEvent type (#1263)
  • b3b98d2 chore(package.json): v4.1.1 (#1262)
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for http-proxy-middleware since your current version.

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the npm_and_yarn group with 1 update in the / directory: [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware).


Updates `http-proxy-middleware` from 2.0.9 to 4.2.0
- [Release notes](https://github.com/chimurai/http-proxy-middleware/releases)
- [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/master/CHANGELOG.md)
- [Commits](chimurai/http-proxy-middleware@v2.0.9...v4.2.0)

---
updated-dependencies:
- dependency-name: http-proxy-middleware
  dependency-version: 4.2.0
  dependency-type: indirect
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: npm. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 6, 2026

@codescene-delta-analysis codescene-delta-analysis Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No application code in the PR — skipped Code Health checks.

See analysis details in CodeScene

Quality Gate Profile: Custom Configuration
Install CodeScene MCP: safeguard and uplift AI-generated code. Catch issues early with our IDE extension and CLI tool.

@github-actions

Copy link
Copy Markdown
Contributor

This pull request has been open for 3 days without activity. It will be automatically closed soon.

@github-actions github-actions Bot added the stale label Jul 10, 2026
@github-actions

Copy link
Copy Markdown
Contributor

This pull request has been automatically closed because it has been open for more than 3 days without being merged.

@github-actions github-actions Bot closed this Jul 10, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/npm_and_yarn-da641bee23 branch July 10, 2026 03:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file stale

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant