Security Fixes
This release includes important security fixes.
If you are using serveStatic() with Bun, you must upgrade to this version immediately. Alternatively, you can install the upcoming Bun release, which will include relevant fixes related to this issue.
You can do so using the following commands:
npm install hono@latestOr
yarn upgrade hono@latestAlso, fixes have been made to the JSX middleware. If you're using this, please ensure that you upgrade it as well.
What's Changed
- fix(lambda-edge) Adding Export Type CloudFrontResponse and CloudFrontConfig by @watany-dev in #1263
- fix escapeToBuffer vulnerability by @Codinak in #1266
- fix(utils/filepath): don't allow dot segments by @yusukebe in #1271
- added generic parameters to aws-lambda handler to fix #1265 by @DianomiJH in #1269
- fix(utils/filepath): allow
..in filename by @yusukebe in #1272 - feat(cloudflare-pages): add
serveStatic()by @yusukebe in #1273
New Contributors
- @Codinak made their first contribution in #1266
- @DianomiJH made their first contribution in #1269
Full Changelog: v3.3.3...v3.3.4