hono 4.11.7 → 4.12.0

package/dist/types/adapter/aws-lambda/index.d.ts

@@ -3,5 +3,6 @@
  * AWS Lambda Adapter for Hono.
  */
 export { handle, streamHandle, defaultIsContentTypeBinary } from './handler';
+export { getConnInfo } from './conninfo';
 export type { APIGatewayProxyResult, LambdaEvent } from './handler';
 export type { ApiGatewayRequestContext, ApiGatewayRequestContextV2, ALBRequestContext, LambdaContext, } from './types';

package/dist/types/adapter/cloudflare-pages/conninfo.d.ts

@@ -0,0 +1,21 @@
+import type { GetConnInfo } from '../../helper/conninfo';
+/**
+ * Get connection information from Cloudflare Pages
+ * @param c - Context
+ * @returns Connection information including remote address
+ * @example
+ * ```ts
+ * import { Hono } from 'hono'
+ * import { handle, getConnInfo } from 'hono/cloudflare-pages'
+ *
+ * const app = new Hono()
+ *
+ * app.get('/', (c) => {
+ *   const info = getConnInfo(c)
+ *   return c.text(`Your IP: ${info.remote.address}`)
+ * })
+ *
+ * export const onRequest = handle(app)
+ * ```
+ */
+export declare const getConnInfo: GetConnInfo;

package/dist/types/adapter/cloudflare-pages/index.d.ts

@@ -3,4 +3,5 @@
  * Cloudflare Pages Adapter for Hono.
  */
 export { handle, handleMiddleware, serveStatic } from './handler';
+export { getConnInfo } from './conninfo';
 export type { EventContext } from './handler';

package/dist/types/adapter/netlify/conninfo.d.ts

@@ -0,0 +1,21 @@
+import type { GetConnInfo } from '../../helper/conninfo';
+/**
+ * Get connection information from Netlify
+ * @param c - Context
+ * @returns Connection information including remote address
+ * @example
+ * ```ts
+ * import { Hono } from 'hono'
+ * import { handle, getConnInfo } from 'hono/netlify'
+ *
+ * const app = new Hono()
+ *
+ * app.get('/', (c) => {
+ *   const info = getConnInfo(c)
+ *   return c.text(`Your IP: ${info.remote.address}`)
+ * })
+ *
+ * export default handle(app)
+ * ```
+ */
+export declare const getConnInfo: GetConnInfo;

package/dist/types/adapter/netlify/mod.d.ts

@@ -1 +1,2 @@
 export { handle } from './handler';
+export { getConnInfo } from './conninfo';

package/dist/types/client/types.d.ts

@@ -1,7 +1,7 @@
 import type { Hono } from '../hono';
 import type { HonoBase } from '../hono-base';
 import type { METHODS, METHOD_NAME_ALL_LOWERCASE } from '../router';
-import type { Endpoint, ResponseFormat, Schema } from '../types';
+import type { Endpoint, KnownResponseFormat, ResponseFormat, Schema } from '../types';
 import type { StatusCode, SuccessStatusCode } from '../utils/http-status';
 import type { HasRequiredKeys } from '../utils/types';
 /**
@@ -74,6 +74,22 @@ export type ClientRequest<Prefix extends string, Path extends string, S extends
     } ? {
         query: Q;
     } : {} : {}) | undefined = undefined>(arg?: Arg) => HonoURL<Prefix, Path, Arg>;
+    $path: <const Arg extends (S[keyof S] extends {
+        input: infer R;
+    } ? R extends {
+        param: infer P;
+    } ? R extends {
+        query: infer Q;
+    } ? {
+        param: P;
+        query: Q;
+    } : {
+        param: P;
+    } : R extends {
+        query: infer Q;
+    } ? {
+        query: Q;
+    } : {} : {}) | undefined = undefined>(arg?: Arg) => BuildPath<Path, Arg>;
 } & (S['$get'] extends {
     outputFormat: 'ws';
 } ? S['$get'] extends {
@@ -108,6 +124,7 @@ type BuildSearch<Arg, Key extends 'query'> = Arg extends {
 type BuildPathname<P extends string, Arg> = Arg extends {
     param: infer Param;
 } ? `${ApplyParam<TrimStartSlash<P>, Param>}` : `/${TrimStartSlash<P>}`;
+type BuildPath<P extends string, Arg> = `${BuildPathname<P, Arg>}${BuildSearch<Arg, 'query'>}`;
 type BuildTypedURL<Protocol extends string, Host extends string, Port extends string, P extends string, Arg> = TypedURL<`${Protocol}:`, Host, Port, BuildPathname<P, Arg>, BuildSearch<Arg, 'query'>>;
 type HonoURL<Prefix extends string, Path extends string, Arg> = IsLiteral<Prefix> extends true ? TrimEndSlash<Prefix> extends `${infer Protocol}://${infer Rest}` ? Rest extends `${infer Hostname}/${infer P}` ? ParseHostName<Hostname> extends [infer Host extends string, infer Port extends string] ? BuildTypedURL<Protocol, Host, Port, P, Arg> : never : ParseHostName<Rest> extends [infer Host extends string, infer Port extends string] ? BuildTypedURL<Protocol, Host, Port, Path, Arg> : never : URL : URL;
 type ParseHostName<T extends string> = T extends `${infer Host}:${infer Port}` ? [Host, Port] : [T, ''];
@@ -165,4 +182,25 @@ interface CallbackOptions {
 export type ObjectType<T = unknown> = {
     [key: string]: T;
 };
+type GlobalResponseDefinition = {
+    [S in StatusCode]?: {
+        [F in KnownResponseFormat]?: unknown;
+    };
+};
+type ToEndpoints<Def extends GlobalResponseDefinition, R> = {
+    [S in keyof Def & StatusCode]: {
+        [F in keyof Def[S] & KnownResponseFormat]: Omit<R, 'output' | 'status' | 'outputFormat'> & {
+            output: Def[S][F];
+            status: S;
+            outputFormat: F;
+        };
+    }[keyof Def[S] & KnownResponseFormat];
+}[keyof Def & StatusCode];
+type ModRoute<R, Def extends GlobalResponseDefinition> = R extends Endpoint ? R | ToEndpoints<Def, R> : R;
+type ModSchema<D, Def extends GlobalResponseDefinition> = {
+    [K in keyof D]: {
+        [M in keyof D[K]]: ModRoute<D[K][M], Def>;
+    };
+};
+export type ApplyGlobalResponse<App, Def extends GlobalResponseDefinition> = App extends HonoBase<infer E, infer D extends Schema, infer B> ? Hono<E, ModSchema<D, Def> extends Schema ? ModSchema<D, Def> : never, B> : never;
 export {};

package/dist/types/context.d.ts

@@ -28,6 +28,10 @@ export interface ExecutionContext {
      * For compatibility with Wrangler 4.x.
      */
     props: any;
+    /**
+     * For compatibility with Wrangler 4.x.
+     */
+    exports?: any;
 }
 /**
  * Interface for context variable mapping.

package/dist/types/helper/ssg/index.d.ts

@@ -4,3 +4,4 @@
  */
 export * from './ssg';
 export { X_HONO_DISABLE_SSG_HEADER_KEY, ssgParams, isSSGContext, disableSSG, onlySSG, } from './middleware';
+export { defaultPlugin, redirectPlugin } from './plugins';

package/dist/types/helper/ssg/plugins.d.ts

@@ -0,0 +1,27 @@
+import type { SSGPlugin } from './ssg';
+/**
+ * The default plugin that defines the recommended behavior.
+ *
+ * @experimental
+ * `defaultPlugin` is an experimental feature.
+ * The API might be changed.
+ */
+export declare const defaultPlugin: () => SSGPlugin;
+/**
+ * The redirect plugin that generates HTML redirect pages for HTTP redirect responses for status codes 301, 302, 303, 307 and 308.
+ *
+ * When used with `defaultPlugin`, place `redirectPlugin` before it, because `defaultPlugin` skips non-200 responses.
+ *
+ * ```ts
+ * // ✅ Will work as expected
+ * toSSG(app, fs, { plugins: [redirectPlugin(), defaultPlugin()] })
+ *
+ * // ❌ Will not work as expected
+ * toSSG(app, fs, { plugins: [defaultPlugin(), redirectPlugin()] })
+ * ```
+ *
+ * @experimental
+ * `redirectPlugin` is an experimental feature.
+ * The API might be changed.
+ */
+export declare const redirectPlugin: () => SSGPlugin;

package/dist/types/helper/ssg/ssg.d.ts

@@ -83,14 +83,6 @@ export interface ToSSGInterface {
 export interface ToSSGAdaptorInterface<E extends Env = Env, S extends Schema = {}, BasePath extends string = '/'> {
     (app: Hono<E, S, BasePath>, options?: ToSSGOptions): Promise<ToSSGResult>;
 }
-/**
- * The default plugin that defines the recommended behavior.
- *
- * @experimental
- * `defaultPlugin` is an experimental feature.
- * The API might be changed.
- */
-export declare const defaultPlugin: SSGPlugin;
 /**
  * @experimental
  * `toSSG` is an experimental feature.

package/dist/types/middleware/basic-auth/index.d.ts

@@ -11,11 +11,13 @@ type BasicAuthOptions = {
     realm?: string;
     hashFunction?: Function;
     invalidUserMessage?: string | object | MessageFunction;
+    onAuthSuccess?: (c: Context, username: string) => void | Promise<void>;
 } | {
     verifyUser: (username: string, password: string, c: Context) => boolean | Promise<boolean>;
     realm?: string;
     hashFunction?: Function;
     invalidUserMessage?: string | object | MessageFunction;
+    onAuthSuccess?: (c: Context, username: string) => void | Promise<void>;
 };
 /**
  * Basic Auth Middleware for Hono.
@@ -29,6 +31,7 @@ type BasicAuthOptions = {
  * @param {Function} [options.hashFunction] - The hash function used for secure comparison.
  * @param {Function} [options.verifyUser] - The function to verify user credentials.
  * @param {string | object | MessageFunction} [options.invalidUserMessage="Unauthorized"] - The invalid user message.
+ * @param {Function} [options.onAuthSuccess] - Callback function called on successful authentication.
  * @returns {MiddlewareHandler} The middleware handler function.
  * @throws {HTTPException} If neither "username and password" nor "verifyUser" options are provided.
  *
@@ -48,6 +51,22 @@ type BasicAuthOptions = {
  *   return c.text('You are authorized')
  * })
  * ```
+ *
+ * @example
+ * ```ts
+ * // With onAuthSuccess callback
+ * app.use(
+ *   '/auth/*',
+ *   basicAuth({
+ *     username: 'hono',
+ *     password: 'ahotproject',
+ *     onAuthSuccess: (c, username) => {
+ *       c.set('user', { name: username, role: 'admin' })
+ *       console.log(`User ${username} authenticated`)
+ *     },
+ *   })
+ * )
+ * ```
  */
 export declare const basicAuth: (options: BasicAuthOptions, ...users: {
     username: string;

package/dist/types/middleware/jwt/jwt.d.ts

@@ -17,7 +17,7 @@ export type JwtVariables<T = any> = {
  * @see {@link https://hono.dev/docs/middleware/builtin/jwt}
  *
  * @param {object} options - The options for the JWT middleware.
- * @param {SignatureKey} [options.secret] - A value of your secret key.
+ * @param {SignatureKey} options.secret - A value of your secret key.
  * @param {string} [options.cookie] - If this value is set, then the value is retrieved from the cookie header using that value as a key, which is then validated as a token.
  * @param {SignatureAlgorithm} options.alg - An algorithm type that is used for verifying (required). Available types are `HS256` | `HS384` | `HS512` | `RS256` | `RS384` | `RS512` | `PS256` | `PS384` | `PS512` | `ES256` | `ES384` | `ES512` | `EdDSA`.
  * @param {string} [options.headerName='Authorization'] - The name of the header to look for the JWT token. Default is 'Authorization'.

package/dist/types/middleware/trailing-slash/index.d.ts

@@ -3,11 +3,22 @@
  * Trailing Slash Middleware for Hono.
  */
 import type { MiddlewareHandler } from '../../types';
+type TrimTrailingSlashOptions = {
+    /**
+     * If `true`, the middleware will always redirect requests with a trailing slash
+     * before executing handlers.
+     * This is useful for routes with wildcards (`*`).
+     * If `false` (default), it will only redirect when the route is not found (404).
+     * @default false
+     */
+    alwaysRedirect?: boolean;
+};
 /**
  * Trailing Slash Middleware for Hono.
  *
  * @see {@link https://hono.dev/docs/middleware/builtin/trailing-slash}
  *
+ * @param {TrimTrailingSlashOptions} options - The options for the middleware.
  * @returns {MiddlewareHandler} The middleware handler function.
  *
  * @example
@@ -17,14 +28,34 @@ import type { MiddlewareHandler } from '../../types';
  * app.use(trimTrailingSlash())
  * app.get('/about/me/', (c) => c.text('With Trailing Slash'))
  * ```
+ *
+ * @example
+ * ```ts
+ * // With alwaysRedirect option for wildcard routes
+ * const app = new Hono()
+ *
+ * app.use(trimTrailingSlash({ alwaysRedirect: true }))
+ * app.get('/my-path/*', (c) => c.text('Wildcard route'))
+ * ```
  */
-export declare const trimTrailingSlash: () => MiddlewareHandler;
+export declare const trimTrailingSlash: (options?: TrimTrailingSlashOptions) => MiddlewareHandler;
+type AppendTrailingSlashOptions = {
+    /**
+     * If `true`, the middleware will always redirect requests without a trailing slash
+     * before executing handlers.
+     * This is useful for routes with wildcards (`*`).
+     * If `false` (default), it will only redirect when the route is not found (404).
+     * @default false
+     */
+    alwaysRedirect?: boolean;
+};
 /**
  * Append trailing slash middleware for Hono.
  * Append a trailing slash to the URL if it doesn't have one. For example, `/path/to/page` will be redirected to `/path/to/page/`.
  *
  * @see {@link https://hono.dev/docs/middleware/builtin/trailing-slash}
  *
+ * @param {AppendTrailingSlashOptions} options - The options for the middleware.
  * @returns {MiddlewareHandler} The middleware handler function.
  *
  * @example
@@ -33,5 +64,15 @@ export declare const trimTrailingSlash: () => MiddlewareHandler;
  *
  * app.use(appendTrailingSlash())
  * ```
+ *
+ * @example
+ * ```ts
+ * // With alwaysRedirect option for wildcard routes
+ * const app = new Hono()
+ *
+ * app.use(appendTrailingSlash({ alwaysRedirect: true }))
+ * app.get('/my-path/*', (c) => c.text('Wildcard route'))
+ * ```
  */
-export declare const appendTrailingSlash: () => MiddlewareHandler;
+export declare const appendTrailingSlash: (options?: AppendTrailingSlashOptions) => MiddlewareHandler;
+export {};

package/dist/types/utils/buffer.d.ts

@@ -3,6 +3,15 @@
  * Buffer utility.
  */
 export declare const equal: (a: ArrayBuffer, b: ArrayBuffer) => boolean;
-export declare const timingSafeEqual: (a: string | object | boolean, b: string | object | boolean, hashFunction?: Function) => Promise<boolean>;
+type StringHashFunction = (input: string) => string | null | Promise<string | null>;
+type TimingSafeEqual = {
+    (a: string, b: string, hashFunction?: StringHashFunction): Promise<boolean>;
+    /**
+     * @deprecated object and boolean signatures that take boolean as first and second arguments, and functions with signatures that take non-string arguments have been deprecated
+     */
+    (a: string | object | boolean, b: string | object | boolean, hashFunction?: Function): Promise<boolean>;
+};
+export declare const timingSafeEqual: TimingSafeEqual;
 export declare const bufferToString: (buffer: ArrayBuffer) => string;
 export declare const bufferToFormData: (arrayBuffer: ArrayBuffer, contentType: string) => Promise<FormData>;
+export {};

package/dist/utils/buffer.js

@@ -17,15 +17,42 @@ var equal = (a, b) => {
   }
   return true;
 };
+var constantTimeEqualString = (a, b) => {
+  const aLen = a.length;
+  const bLen = b.length;
+  const maxLen = Math.max(aLen, bLen);
+  let out = aLen ^ bLen;
+  for (let i = 0; i < maxLen; i++) {
+    const aChar = i < aLen ? a.charCodeAt(i) : 0;
+    const bChar = i < bLen ? b.charCodeAt(i) : 0;
+    out |= aChar ^ bChar;
+  }
+  return out === 0;
+};
+var timingSafeEqualString = async (a, b, hashFunction) => {
+  if (!hashFunction) {
+    hashFunction = sha256;
+  }
+  const [sa, sb] = await Promise.all([hashFunction(a), hashFunction(b)]);
+  if (sa == null || sb == null || typeof sa !== "string" || typeof sb !== "string") {
+    return false;
+  }
+  const hashEqual = constantTimeEqualString(sa, sb);
+  const originalEqual = constantTimeEqualString(a, b);
+  return hashEqual && originalEqual;
+};
 var timingSafeEqual = async (a, b, hashFunction) => {
+  if (typeof a === "string" && typeof b === "string") {
+    return timingSafeEqualString(a, b, hashFunction);
+  }
   if (!hashFunction) {
     hashFunction = sha256;
   }
   const [sa, sb] = await Promise.all([hashFunction(a), hashFunction(b)]);
-  if (!sa || !sb) {
+  if (!sa || !sb || typeof sa !== "string" || typeof sb !== "string") {
     return false;
   }
-  return sa === sb && a === b;
+  return timingSafeEqualString(sa, sb);
 };
 var bufferToString = (buffer) => {
   if (buffer instanceof ArrayBuffer) {

package/dist/utils/url.js

@@ -73,9 +73,11 @@ var getPath = (request) => {
     const charCode = url.charCodeAt(i);
     if (charCode === 37) {
       const queryIndex = url.indexOf("?", i);
-      const path = url.slice(start, queryIndex === -1 ? void 0 : queryIndex);
+      const hashIndex = url.indexOf("#", i);
+      const end = queryIndex === -1 ? hashIndex === -1 ? void 0 : hashIndex : hashIndex === -1 ? queryIndex : Math.min(queryIndex, hashIndex);
+      const path = url.slice(start, end);
       return tryDecodeURI(path.includes("%25") ? path.replace(/%25/g, "%2525") : path);
-    } else if (charCode === 63) {
+    } else if (charCode === 63 || charCode === 35) {
       break;
     }
   }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "hono",
-  "version": "4.11.7",
+  "version": "4.12.0",
   "description": "Web framework built on Web Standards",
   "main": "dist/cjs/index.js",
   "type": "module",
@@ -661,7 +661,7 @@
     "@types/glob": "^9.0.0",
     "@types/jsdom": "^21.1.7",
     "@types/node": "^24.3.0",
-    "@typescript/native-preview": "7.0.0-dev.20251220.1",
+    "@typescript/native-preview": "7.0.0-dev.20260210.1",
     "@vitest/coverage-v8": "^3.2.4",
     "arg": "^5.0.2",
     "bun-types": "^1.2.20",