Skip to content

Bump h3 from 2.0.1-rc.22 to 2.0.1-rc.23#8496

Merged
cknitt merged 1 commit into
masterfrom
dependabot/npm_and_yarn/h3-2.0.1-rc.23
Jul 9, 2026
Merged

Bump h3 from 2.0.1-rc.22 to 2.0.1-rc.23#8496
cknitt merged 1 commit into
masterfrom
dependabot/npm_and_yarn/h3-2.0.1-rc.23

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Contributor

Bumps h3 from 2.0.1-rc.22 to 2.0.1-rc.23.

Release notes

Sourced from h3's releases.

v2.0.1-rc.23

compare changes

🚀 Enhancements

  • proxy: Support client aborts (#1417)
  • ws: Allow optional HTTP handling in defineWebSocketHandler (#1425)
  • Export resolveDotSegments as a public path utility (#1428, #1430)
  • readBody: Support formdata type (#1164)

🩹 Fixes

  • sanitizeStatusCode: Return default for non-numeric input instead of NaN (#1420)
  • auth: Reject Basic credentials with no colon separator (#1393)
  • sse: Ignore pushes after stream close (#1411)
  • proxy: Ignore incoming accept-encoding header (#1423)
  • cache: handleCacheHeaders ignores multi-value If-None-Match header (#1395)
  • serve-static: Compare if-modified-since at whole-second precision (#1394)
  • request: Parse first entry of comma-list x-forwarded-proto header (#1413)
  • serve-static: Check the response (not request) for an existing content-length (#1391)
  • cors: Merge Vary headers when both origin and allow-headers emit vary (#1396)
  • writeEarlyHints: Normalize Link key to prevent hanging with Node.js (#1385)
  • event: Return 400 for malformed percent-encoded request URLs (#1424)
  • mount: Restore pathname on error with try/finally (#1319)
  • serve-static: Decode the resolved id before lookup (#1431)
  • request: Shadow parsed _url in requestWithURL proxy (d21d93c)
  • event: Clone URL for pathname normalization instead of mutating shared _url (a1cf066)
  • adapters: Sync raw node req.url with event.url in fromNodeHandler (#1433)

💅 Refactors

  • validate: Drop always-true if (validate.body) guard in body proxy (#1392)

📖 Documentation

  • proxy: Add note about reading body (7eb018e)
  • Fix decode function name in router param helpers (#1419)
  • session: Note secure cookie limitation over local HTTP (#1409)
  • Document the session name option for multiple sessions (#1405)
  • Add arkstack framework to community section (#1382)
  • ws: Use zero-config crossws server plugin (#1427)

🌊 Types

  • Expose .crossws on defineWebSocketHandler return type (#1435)

✅ Tests

  • Cover zod schema query validation types (#1404)
  • Cover cloned pipeable node responses (#1414)

... (truncated)

Changelog

Sourced from h3's changelog.

v2.0.1-rc.23

compare changes

🚀 Enhancements

  • proxy: Support client aborts (#1417)
  • ws: Allow optional HTTP handling in defineWebSocketHandler (#1425)
  • Export resolveDotSegments as a public path utility (#1428)
  • readBody: Support formdata type (#1164)

🩹 Fixes

  • sanitizeStatusCode: Return default for non-numeric input instead of NaN (#1420)
  • auth: Reject Basic credentials with no colon separator (#1393)
  • sse: Ignore pushes after stream close (#1411)
  • proxy: Ignore incoming accept-encoding header (#1423)
  • cache: HandleCacheHeaders ignores multi-value If-None-Match header (#1395)
  • serve-static: Compare if-modified-since at whole-second precision (#1394)
  • request: Parse first entry of comma-list x-forwarded-proto header (#1413)
  • serve-static: Check the response (not request) for an existing content-length (#1391)
  • cors: Merge Vary headers when both origin and allow-headers emit vary (#1396)
  • writeEarlyHints: Normalize Link key to prevent hanging with Node.js (#1385)
  • event: Return 400 for malformed percent-encoded request URLs (#1424)
  • mount: Restore pathname on error with try/finally (#1319)
  • serve-static: Decode the resolved id before lookup (#1431)
  • request: Shadow parsed _url in requestWithURL proxy (d21d93c)
  • event: Clone URL for pathname normalization instead of mutating shared _url (a1cf066)
  • adapters: Sync raw node req.url with event.url in fromNodeHandler (#1433)

💅 Refactors

  • validate: Drop always-true if (validate.body) guard in body proxy (#1392)
  • Leftover changes from #1428 (#1430, #1428)

📖 Documentation

  • proxy: Add note about reading body (7eb018e)
  • Fix decode function name in router param helpers (#1419)
  • session: Note secure cookie limitation over local HTTP (#1409)
  • Document the session name option for multiple sessions (#1405)
  • Add arkstack framework to community section (#1382)
  • ws: Use zero-config crossws server plugin (#1427)

🌊 Types

  • Expose .crossws on defineWebSocketHandler return type (#1435)

🏡 Chore

... (truncated)

Commits
  • 1371ad8 chore(release): v2.0.1-rc.23
  • 78e7152 chore: update deps
  • e12c0e8 feat(readBody): support formdata type (#1164)
  • 1ff4999 types: expose .crossws on defineWebSocketHandler return type (#1435)
  • 8786f23 fix(adapters): sync raw node req.url with event.url in fromNodeHandler (#1433)
  • a1cf066 fix(event): clone URL for pathname normalization instead of mutating shared _url
  • 8410ec9 test(event): assert req.url reflects normalization per runtime
  • 4a218a8 test(event): cover shared _url normalization semantics
  • d21d93c fix(request): shadow parsed _url in requestWithURL proxy
  • 8a380f1 fix(serve-static): decode the resolved id before lookup (#1431)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [h3](https://github.com/h3js/h3) from 2.0.1-rc.22 to 2.0.1-rc.23.
- [Release notes](https://github.com/h3js/h3/releases)
- [Changelog](https://github.com/h3js/h3/blob/main/CHANGELOG.md)
- [Commits](h3js/h3@v2.0.1-rc.22...v2.0.1-rc.23)

---
updated-dependencies:
- dependency-name: h3
  dependency-version: 2.0.1-rc.23
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 8, 2026
@pkg-pr-new

pkg-pr-new Bot commented Jul 9, 2026

Copy link
Copy Markdown

Open in StackBlitz

rescript

npm i https://pkg.pr.new/rescript@8496

@rescript/darwin-arm64

npm i https://pkg.pr.new/@rescript/darwin-arm64@8496

@rescript/darwin-x64

npm i https://pkg.pr.new/@rescript/darwin-x64@8496

@rescript/linux-arm64

npm i https://pkg.pr.new/@rescript/linux-arm64@8496

@rescript/linux-x64

npm i https://pkg.pr.new/@rescript/linux-x64@8496

@rescript/runtime

npm i https://pkg.pr.new/@rescript/runtime@8496

@rescript/win32-x64

npm i https://pkg.pr.new/@rescript/win32-x64@8496

commit: d3ff48d

@github-actions

github-actions Bot commented Jul 9, 2026

Copy link
Copy Markdown

@cknitt cknitt merged commit f882bba into master Jul 9, 2026
56 of 58 checks passed
@cknitt cknitt deleted the dependabot/npm_and_yarn/h3-2.0.1-rc.23 branch July 9, 2026 11:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant