Skip to content

feat(deps): upgrade http-proxy-middleware to v4.0.0-beta.2 #189

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
chenjiahan wants to merge 1 commit into
base: main
Choose a base branch
from
+20 −25
Open

feat(deps): upgrade http-proxy-middleware to v4.0.0-beta.2 #189

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions docs/migrate-v1-to-v2.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,9 @@ The minimum supported Node.js version is now `^20.19.0 || >=22.12.0`.

`@rspack/dev-server` is now published as **pure ESM** package.

### Upgraded `http-proxy-middleware` to v3
### Upgraded `http-proxy-middleware` to v4

`http-proxy-middleware` has been updated to v3, which has some breaking changes:
`http-proxy-middleware` has been updated to v4, which has some breaking changes:

- `proxy[].path` is removed. Use `pathFilter` (or `context`) instead.

Expand Down Expand Up @@ -55,7 +55,7 @@ The minimum supported Node.js version is now `^20.19.0 || >=22.12.0`.
- When `bypass` was used and that function returned a boolean, it would automatically result in a 404 request. This can’t be achieved in a similar way now, or, if it returned a string, you can do what was done in the example above.
- `bypass` also allowed sending data; this can no longer be done. If you really need to do it, you’d have to create a new route in the proxy that sends the same data, or alternatively create a new route on the main server and, following the example above, send the data you wanted.

> Refer to the [http-proxy-middleware v3 migration guide](https://github.com/chimurai/http-proxy-middleware/blob/master/MIGRATION.md) for details.
> Refer to the [http-proxy-middleware v3 breaking changes](https://github.com/chimurai/http-proxy-middleware/blob/master/MIGRATION.md#v3-breaking-changes) for details.
Copy link

Copilot AI Apr 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This section is labeled as an upgrade to v4, but the reference link text and anchor still point to “v3 breaking changes”. Please update the link (and/or wording) to a v4-specific migration reference (e.g., the v4 beta release notes or a v4 migration section) so readers aren’t sent to the wrong version’s guidance.

Suggested change
> Refer to the [http-proxy-middleware v3 breaking changes](https://github.com/chimurai/http-proxy-middleware/blob/master/MIGRATION.md#v3-breaking-changes) for details.
> Refer to the [http-proxy-middleware v4 breaking changes](https://github.com/chimurai/http-proxy-middleware/blob/master/MIGRATION.md#v4-breaking-changes) for details.

Copilot uses AI. Check for mistakes.

### Default app now uses `connect-next`

Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@
"hono": "^4.12.9",
"http-compression": "^1.1.2",
"http-proxy": "^1.18.1",
"http-proxy-middleware": "^3.0.5",
"http-proxy-middleware": "^4.0.0-beta.2",
Copy link

Copilot AI Apr 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

http-proxy-middleware@4.0.0-beta.2 declares engines.node: ^22.12.0 || >=24.0.0 (see pnpm-lock.yaml entry), which effectively drops Node 20 support at runtime. This conflicts with this package’s declared engines.node: ^20.19.0 || >=22.12.0; please either keep using a Node-20-compatible http-proxy-middleware release, or bump this package’s engine range + migration docs to match the new minimum Node requirement.

Suggested change
"http-proxy-middleware": "^4.0.0-beta.2",
"http-proxy-middleware": "^3.0.0",

Copilot uses AI. Check for mistakes.
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector bot Apr 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Keep Node 20 support aligned with proxy dependency

Bumping http-proxy-middleware to ^4.0.0-beta.2 introduces a transitive engine requirement of ^22.12.0 || >=24.0.0 (as reflected in pnpm-lock.yaml), which conflicts with this package’s advertised Node support (^20.19.0 || >=22.12.0 in package.json). In Node 20 environments that enforce engines (common in CI or strict package manager configs), installs will fail, and even non-strict installs put proxy behavior on an upstream-unsupported runtime; either keep v3 until Node 20 is dropped, or update this package’s engine/support policy at the same time.

Useful? React with 👍 / 👎.

"ipaddr.js": "^2.3.0",
Comment on lines 71 to 74
Copy link

Copilot AI Apr 5, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR title/summary references upgrading http-proxy-middleware in @rsbuild/core, but the actual change here updates @rspack/dev-server’s devDependency. Please align the PR description/title with the package being changed to avoid confusion for reviewers and release notes.

Copilot uses AI. Check for mistakes.
"launch-editor": "^2.13.2",
"nano-staged": "^0.9.0",
Expand Down
37 changes: 16 additions & 21 deletions pnpm-lock.yaml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading