fix(deps): update hono, @hono/node-server, path-to-regexp and vite for security patches

- hono 4.12.8 → 4.12.12 (cookie bypass, middleware bypass, path traversal, IP matching) - @hono/node-server 1.19.11 → 1.19.13 (middleware bypass) - path-to-regexp 8.3.0 → 8.4.2 (ReDoS) - vite ^7.3.1 → ^7.3.2 (arbitrary file read, fs.deny bypass, path traversal)
2026-04-08 17:20:14 +08:00
parent 950767c1bf
commit c48dd538a0
2 changed files with 14 additions and 14 deletions
--- a/package-lock.json
+++ b/package-lock.json
@@ -43,7 +43,7 @@
                "typescript": "^5.9.3",
                "typescript-eslint": "^8.58.0",
                "unplugin-dts": "^1.0.0-beta.6",
-                "vite": "^7.3.1",
+                "vite": "^7.3.2",
                "vite-bundle-analyzer": "^1.3.7",
                "vite-plugin-css-injected-by-js": "^4.0.1"
            },
@@ -1611,9 +1611,9 @@
            "license": "MIT"
        },
        "node_modules/@hono/node-server": {
-            "version": "1.19.11",
-            "resolved": "https://registry.npmjs.org/@hono/node-server/-/node-server-1.19.11.tgz",
-            "integrity": "sha512-dr8/3zEaB+p0D2n/IUrlPF1HZm586qgJNXK1a9fhg/PzdtkK7Ksd5l312tJX2yBuALqDYBlG20QEbayqPyxn+g==",
+            "version": "1.19.13",
+            "resolved": "https://registry.npmjs.org/@hono/node-server/-/node-server-1.19.13.tgz",
+            "integrity": "sha512-TsQLe4i2gvoTtrHje625ngThGBySOgSK3Xo2XRYOdqGN1teR8+I7vchQC46uLJi8OF62YTYA3AhSpumtkhsaKQ==",
            "license": "MIT",
            "engines": {
                "node": ">=18.14.1"
@@ -7056,9 +7056,9 @@
            }
        },
        "node_modules/hono": {
-            "version": "4.12.8",
-            "resolved": "https://registry.npmjs.org/hono/-/hono-4.12.8.tgz",
-            "integrity": "sha512-VJCEvtrezO1IAR+kqEYnxUOoStaQPGrCmX3j4wDTNOcD1uRPFpGlwQUIW8niPuvHXaTUxeOUl5MMDGrl+tmO9A==",
+            "version": "4.12.12",
+            "resolved": "https://registry.npmjs.org/hono/-/hono-4.12.12.tgz",
+            "integrity": "sha512-p1JfQMKaceuCbpJKAPKVqyqviZdS0eUxH9v82oWo1kb9xjQ5wA6iP3FNVAPDFlz5/p7d45lO+BpSk1tuSZMF4Q==",
            "license": "MIT",
            "engines": {
                "node": ">=16.9.0"
@@ -9087,9 +9087,9 @@
            "license": "MIT"
        },
        "node_modules/path-to-regexp": {
-            "version": "8.3.0",
-            "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-8.3.0.tgz",
-            "integrity": "sha512-7jdwVIRtsP8MYpdXSwOS0YdD0Du+qOoF/AEPIt88PcCFrZCzx41oxku1jD88hZBwbNUIEfpqvuhjFaMAqMTWnA==",
+            "version": "8.4.2",
+            "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-8.4.2.tgz",
+            "integrity": "sha512-qRcuIdP69NPm4qbACK+aDogI5CBDMi1jKe0ry5rSQJz8JVLsC7jV8XpiJjGRLLol3N+R5ihGYcrPLTno6pAdBA==",
            "license": "MIT",
            "funding": {
                "type": "opencollective",
@@ -11024,9 +11024,9 @@
            }
        },
        "node_modules/vite": {
-            "version": "7.3.1",
-            "resolved": "https://registry.npmjs.org/vite/-/vite-7.3.1.tgz",
-            "integrity": "sha512-w+N7Hifpc3gRjZ63vYBXA56dvvRlNWRczTdmCBBa+CotUzAPf5b7YMdMR/8CQoeYE5LX3W4wj6RYTgonm1b9DA==",
+            "version": "7.3.2",
+            "resolved": "https://registry.npmjs.org/vite/-/vite-7.3.2.tgz",
+            "integrity": "sha512-Bby3NOsna2jsjfLVOHKes8sGwgl4TT0E6vvpYgnAYDIF/tie7MRaFthmKuHx1NSXjiTueXH3do80FMQgvEktRg==",
            "dev": true,
            "license": "MIT",
            "dependencies": {
--- a/package.json
+++ b/package.json
@@ -62,7 +62,7 @@
        "typescript": "^5.9.3",
        "typescript-eslint": "^8.58.0",
        "unplugin-dts": "^1.0.0-beta.6",
-        "vite": "^7.3.1",
+        "vite": "^7.3.2",
        "vite-plugin-css-injected-by-js": "^4.0.1",
        "vite-bundle-analyzer": "^1.3.7"
    },