Skip to content

Bump http-proxy-middleware from 2.0.10 to 4.2.0#5957

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/http-proxy-middleware-4.2.0
Open

Bump http-proxy-middleware from 2.0.10 to 4.2.0#5957
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/http-proxy-middleware-4.2.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 14, 2026

Copy link
Copy Markdown
Contributor

Bumps http-proxy-middleware from 2.0.10 to 4.2.0.

Release notes

Sourced from http-proxy-middleware's releases.

v4.2.0

What's Changed

New Contributors

Full Changelog: chimurai/http-proxy-middleware@v4.1.1...v4.2.0

v4.1.1

What's Changed

Full Changelog: chimurai/http-proxy-middleware@v4.1.0...v4.1.1

v4.1.0

What's Changed

... (truncated)

Changelog

Sourced from http-proxy-middleware's changelog.

v4.2.0

  • feat(types): export OnProxyEvent type
  • feat(debug-proxy-errors-plugin): diagnostic message for POST + bodyParser + ECONNRESET error
  • chore(package.json): update to httpxy v0.5.4

v4.1.1

  • fix(fixRequestBody): harden form-data stringification

v4.1.0

  • feat(definePlugin): helper function to create plugins
  • chore(package.json): update to httpxy@0.5.3
  • fix(ipv6): preserve credentials when normalizing bracketed IPv6 target string
  • fix(ipv6): unspecified IPv6 target hostname (::)
  • fix(response-interceptor): reduce responseInterceptor buffer churn
  • fix(ws): handle multi-server upgrade subscription and safe proxy shutdown
  • feat(router): add 'res' and 'options' to router function
  • feat(pathRewrite): add 'res' and 'options' to custom pathRewrite function
  • fix(responseInterceptor): prevent trailer/content-length conflict
  • feat(zstd): support zstd compression in responseInterceptor and fixRequestBody
  • fix(responseInterceptor): handle bodyless responses (HEAD/1xx/204/304) with content-encoding
  • fix(router): harden proxy-table matching

v4.0.0

  • fix(types): fix Logger type
  • fix(error-response-plugin): sanitize input
  • feat: drop node v14/v16/v18 [BREAKING CHANGE]
  • refactor: replace http-proxy w/ httpxy
  • chore: remove legacyCreateProxyMiddleware() [BREAKING CHANGE]
  • ci: migrate from jest to vitest
  • chore(package.json): esm only [BREAKING CHANGE]
  • chore(package.json): bump to httpxy 0.5.0 (#1183)
  • chore(package.json): drop node20 [BREAKING CHANGE] (#1179)
  • refactor: remove deprecated url.parse() (#1176)
  • fix(fixRequestBody): support content-encoding on request body (#1142)
  • fix: prevent TypeError when ws enabled but server is undefined (#1163)
  • fix: applyPathRewrite logs old req.url instead of rewritten path (#1157)
  • feat(hono): support for hono with createHonoProxyMiddleware
  • feat(ipv6): support literal IPv6 addresses in target and forward options (ie. "http://[::1]:8000")
  • chore(package.json): bump httpxy to ^0.5.1
  • fix(logger-plugin): support ipv6 host and handle undefined protocol/host
  • ci(publish.yml): pin github.triggering_actor
  • chore(package.json): node ^22.15.0 (#1218)
  • refactor(package): subpath 'http-proxy-middleware/hono' (#1220)
  • chore: node 26 support

v3.0.5

... (truncated)

Commits
  • 4abb1ba chore(package.json): v4.2.0 (#1276)
  • d40ae3e chore(package.json): update dependencies (#1275)
  • 89a78d0 chore(debug-proxy-errors-plugin): fix BODY_PARSER_ERROR_MESSAGE formatting (#...
  • 7ba87a9 feat(debug-proxy-errors-plugin): debug message for bodyParser + ECONNRESET er...
  • 006f1a4 test(e2e): assert invalid multipart error log (#1272)
  • 22281bf test(e2e): add HttpAgent keepAlive test (#472) (#1267)
  • 5b37301 chore(package.json): bump dev deps (#1265)
  • 3695b93 refactor(errors): use HttpProxyMiddlewareError class (#1264)
  • b9242af feat(types): export OnProxyEvent type (#1263)
  • b3b98d2 chore(package.json): v4.1.1 (#1262)
  • Additional commits viewable in compare view
Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
http-proxy-middleware [>= 3.a, < 4]

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 14, 2026

@tdonohue tdonohue left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👎 Tested locally & similar to prior version (#5860), this update breaks our Sitemaps. They no longer redirect properly from the frontend to the backend.

E.g. with Sitemaps enabled/generated, http://localhost:4000/sitemap_index.html should redirect to http://localhost:8080/server/sitemaps/sitemap_index.html. However, that redirect doesn't work with this PR in place...instead it appears to redirect to http://localhost:8080/server/sitemaps, which returns a 404.

This update may require additional code fixes/changes...so it likely needs to be done manually.

@github-actions

Copy link
Copy Markdown

Hi @dependabot,
Conflicts have been detected against the base branch.
Please resolve these conflicts as soon as you can. Thanks!

Bumps [http-proxy-middleware](https://github.com/chimurai/http-proxy-middleware) from 2.0.10 to 4.2.0.
- [Release notes](https://github.com/chimurai/http-proxy-middleware/releases)
- [Changelog](https://github.com/chimurai/http-proxy-middleware/blob/master/CHANGELOG.md)
- [Commits](chimurai/http-proxy-middleware@v2.0.10...v4.2.0)

---
updated-dependencies:
- dependency-name: http-proxy-middleware
  dependency-version: 4.2.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/http-proxy-middleware-4.2.0 branch from abe86b1 to 5b39192 Compare July 14, 2026 21:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant