Skip to content

Bump the prod-deps group across 1 directory with 2 updates #14

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

Bump the prod-deps group across 1 directory with 2 updates #14

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 15, 2025
edited
Loading

Bumps the prod-deps group with 2 updates in the /packages/worker directory: hono and zod.

Updates hono from 4.10.7 to 4.11.1

Release notes

Sourced from hono's releases.

v4.11.1

What's Changed

Full Changelog: honojs/hono@v4.11.0...v4.11.1

v4.11.0

Release Notes

Hono v4.11.0 is now available!

This release includes new features for the Hono client, middleware improvements, and an important type system fix.

Type System Fix for Middleware

We've fixed a bug in the type system for middleware. Previously, app did not have the correct type with pathless handlers:

const app = new Hono()
  .use(async (c, next) => {
    await next()
  })
  .get('/a', async (c, next) => {
    await next()
  })
  .get((c) => {
    return c.text('Hello')
  })
// app's type was incorrect

This has now been fixed.

Thanks @​kosei28!

Typed URL for Hono Client

You can now pass the base URL as the second type parameter to hc to get more precise URL types:

const client = hc<typeof app, 'http://localhost:8787'>(
  'http://localhost:8787/'
)
const url = client.api.posts.$url()
// url is TypedURL with precise type information
// including protocol, host, and path

... (truncated)

Commits
  • 1fbe45b 4.11.1
  • 37c3809 fix(types): fix app.on method array type inference (#4578)
  • fe278e9 4.11.0
  • 0d739b6 Merge pull request #4574 from honojs/next
  • 3e12de6 fix(types): replace schema-based path tracking with CurrentPath parameter (#4...
  • 6d62638 feat(secure-headers): Add CSP report-to and report-uri directive support (#4555)
  • b694129 feat(client): add buildSearchParams option to customize query serialization (...
  • d94f4a4 feat(context-storage): Add optional tryGetContext helper to context-storage m...
  • 61f473b feat(pretty-json): support force option (#4531)
  • 44bb7bb feat(timing): add wrapTime to simplify usage (#4519)
  • Additional commits viewable in compare view

Updates zod from 3.25.76 to 4.2.0

Release notes

Sourced from zod's releases.

v4.2.0

Features

Implement Standard JSON Schema

standard-schema/standard-schema#134

Implement z.fromJSONSchema()

const jsonSchema = {
  type: "object",
  properties: {
    name: { type: "string" },
    age: { type: "number" }
  },
  required: ["name"]
};
const schema = z.fromJSONSchema(jsonSchema);

Implement z.xor()

const schema = z.xor(
  z.object({ type: "user", name: z.string() }),
  z.object({ type: "admin", role: z.string() })
);
// Exactly one of the schemas must match

Implement z.looseRecord()

const schema = z.looseRecord(z.string(), z.number());
// Allows additional properties beyond those defined

Commits:

  • af49c084f66339110d00e37ff71dc7b3b9f2b7ef Update docs for JSON Schema conversion of z.undefined() (#5504)
  • 767f320318986e422f524b939f1a7174544fda2e Add .toJSONSchema() method (#5477)
  • e17dcb63573397063e87d7c7fe10a5a78968181a Add z.fromJSONSchema(), z.looseRecord(), z.xor() (#5534)

v4.1.13

Commits:

  • 5c2602ceb8be8941c64bbe5ac7d92cc174ae6f7e Update AI widget (#5318)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the prod-deps group across 1 directory with 2 updates
8600220 
Bumps the prod-deps group with 2 updates in the /packages/worker directory: [hono](https://github.com/honojs/hono) and [zod](https://github.com/colinhacks/zod).


Updates `hono` from 4.10.7 to 4.11.1
- [Release notes](https://github.com/honojs/hono/releases)
- [Commits](honojs/hono@v4.10.7...v4.11.1)

Updates `zod` from 3.25.76 to 4.2.0
- [Release notes](https://github.com/colinhacks/zod/releases)
- [Commits](colinhacks/zod@v3.25.76...v4.2.0)

---
updated-dependencies:
- dependency-name: hono
  dependency-version: 4.11.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-deps
- dependency-name: zod
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: prod-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Dec 15, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 5, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Jan 5, 2026
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/packages/worker/prod-deps-c17220071f branch January 5, 2026 19:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant