Skip to content

build(deps): bump http-proxy-middleware from 2.0.6 to 4.0.0 in /frontend#3701

Closed
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/npm_and_yarn/frontend/develop/http-proxy-middleware-4.0.0
Closed

build(deps): bump http-proxy-middleware from 2.0.6 to 4.0.0 in /frontend#3701
dependabot[bot] wants to merge 1 commit into
developfrom
dependabot/npm_and_yarn/frontend/develop/http-proxy-middleware-4.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 19, 2026

Copy link
Copy Markdown
Contributor

Bumps http-proxy-middleware from 2.0.6 to 4.0.0.

Release notes

Sourced from http-proxy-middleware's releases.

v4.0.0

Notable changes

  • Switched proxy from http-proxy to httpxy ✨ (chimurai/http-proxy-middleware#1160) This replaces a long-standing core dependency and brings in many upstream fixes and behavior improvements documented by the httpxy project: unjs/httpxy#2

  • ESM-only package [BREAKING CHANGE] 💣 http-proxy-middleware now ships as native ES modules only. CommonJS require() usage is no longer supported, so imports should use ESM syntax.

  • Updated Node.js support policy [BREAKING CHANGE] 💣 Dropped Node.js 14, 16, 18, and 20. New minimum supported runtime is Node.js 22.15.0

  • Removed legacyCreateProxyMiddleware() [BREAKING CHANGE] 💣 The legacy compatibility wrapper has been removed as part of API cleanup. Use createProxyMiddleware() directly.

  • Added IPv6 literal support ✨ target and forward now support literal IPv6 URLs, for example: http://[::1]:3000.

  • Experimental Hono support 🧪 Added createHonoProxyMiddleware() for Hono apps, including dedicated subpath support via http-proxy-middleware/hono.

Many thanks to everyone who helped make this release possible. 🙏

What's Changed

... (truncated)

Changelog

Sourced from http-proxy-middleware's changelog.

v4.0.0

  • fix(types): fix Logger type
  • fix(error-response-plugin): sanitize input
  • feat: drop node v14/v16/v18 [BREAKING CHANGE]
  • refactor: replace http-proxy w/ httpxy
  • chore: remove legacyCreateProxyMiddleware() [BREAKING CHANGE]
  • ci: migrate from jest to vitest
  • chore(package.json): esm only [BREAKING CHANGE]
  • chore(package.json): bump to httpxy 0.5.0 (#1183)
  • chore(package.json): drop node20 [BREAKING CHANGE] (#1179)
  • refactor: remove deprecated url.parse() (#1176)
  • fix(fixRequestBody): support content-encoding on request body (#1142)
  • fix: prevent TypeError when ws enabled but server is undefined (#1163)
  • fix: applyPathRewrite logs old req.url instead of rewritten path (#1157)
  • feat(hono): support for hono with createHonoProxyMiddleware
  • feat(ipv6): support literal IPv6 addresses in target and forward options (ie. "http://[::1]:8000")
  • chore(package.json): bump httpxy to ^0.5.1
  • fix(logger-plugin): support ipv6 host and handle undefined protocol/host
  • ci(publish.yml): pin github.triggering_actor
  • chore(package.json): node ^22.15.0 (#1218)
  • refactor(package): subpath 'http-proxy-middleware/hono' (#1220)
  • chore: node 26 support

v3.0.5

  • fix(fixRequestBody): check readableLength (#1096)

v3.0.4

  • fix(fixRequestBody): handle invalid request (#1092)
  • fix(fixRequestBody): prevent multiple .write() calls (#1089)
  • fix(websocket): handle errors in handleUpgrade (#823)
  • ci(package): patch http-proxy (#1084)
  • fix(fixRequestBody): support multipart/form-data (#896)
  • feat(types): export Plugin type (#1071)

v3.0.3

  • fix(pathFilter): handle errors

v3.0.2

  • refactor(dependency): replace is-plain-obj with is-plain-object (#1031)
  • chore(package): upgrade to eslint v9 (#1032)
  • fix(logger-plugin): handle undefined protocol and hostname (#1036)

v3.0.1

  • fix(type): fix RequestHandler return type (#980)

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for http-proxy-middleware since your current version.

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) from 2.0.6 to 4.0.0.
- [Release notes](https://github.com/chimurai/http-proxy-middleware/releases)
- [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/master/CHANGELOG.md)
- [Commits](chimurai/http-proxy-middleware@v2.0.6...v4.0.0)

---
updated-dependencies:
- dependency-name: http-proxy-middleware
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 19, 2026
@github-actions

Copy link
Copy Markdown
Contributor

This pull request has been marked as stale because it has had no activity for 10 days. If you are still working on this, please provide some updates or it will be closed in 5 days.

@github-actions github-actions Bot added the stale label May 30, 2026
@github-actions

github-actions Bot commented Jun 4, 2026

Copy link
Copy Markdown
Contributor

This pull request has been closed because it had no updates in 15 days. If you're still working on this fell free to reopen.

@github-actions github-actions Bot closed this Jun 4, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 4, 2026

Copy link
Copy Markdown
Contributor Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/frontend/develop/http-proxy-middleware-4.0.0 branch June 4, 2026 12:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code stale

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants