hono 4.3.6 → 4.3.8

package/dist/adapter/aws-lambda/handler.js

@@ -64,23 +64,7 @@ var EventProcessor = class {
     const path = this.getPath(event);
     const urlPath = `https://${domainName}${path}`;
     const url = queryString ? `${urlPath}?${queryString}` : urlPath;
-    const headers = new Headers();
-    this.getCookies(event, headers);
-    if (event.headers) {
-      for (const [k, v] of Object.entries(event.headers)) {
-        if (v) {
-          headers.set(k, v);
-        }
-      }
-    }
-    if (event.multiValueHeaders) {
-      for (const [k, values] of Object.entries(event.multiValueHeaders)) {
-        if (values) {
-          const foundK = headers.get(k);
-          values.forEach((v) => (!foundK || !foundK.includes(v)) && headers.append(k, v));
-        }
-      }
-    }
+    const headers = this.getHeaders(event);
     const method = this.getMethod(event);
     const requestInit = {
       headers,
@@ -102,24 +86,28 @@ var EventProcessor = class {
     const result = {
       body,
       headers: {},
+      multiValueHeaders: event.multiValueHeaders ? {} : void 0,
       statusCode: res.status,
       isBase64Encoded
     };
     this.setCookies(event, res, result);
     res.headers.forEach((value, key) => {
       result.headers[key] = value;
+      if (event.multiValueHeaders && result.multiValueHeaders) {
+        result.multiValueHeaders[key] = [value];
+      }
     });
     return result;
   }
-  setCookies = (event, res, result) => {
+  setCookies(event, res, result) {
     if (res.headers.has("set-cookie")) {
       const cookies = res.headers.get("set-cookie")?.split(", ");
       if (Array.isArray(cookies)) {
-        this.setCookiesToResult(result, cookies);
+        this.setCookiesToResult(event, result, cookies);
         res.headers.delete("set-cookie");
       }
     }
-  };
+  }
 };
 var v2Processor = new class EventV2Processor extends EventProcessor {
   getPath(event) {
@@ -136,9 +124,21 @@ var v2Processor = new class EventV2Processor extends EventProcessor {
       headers.set("Cookie", event.cookies.join("; "));
     }
   }
-  setCookiesToResult(result, cookies) {
+  setCookiesToResult(_, result, cookies) {
     result.cookies = cookies;
   }
+  getHeaders(event) {
+    const headers = new Headers();
+    this.getCookies(event, headers);
+    if (event.headers) {
+      for (const [k, v] of Object.entries(event.headers)) {
+        if (v) {
+          headers.set(k, v);
+        }
+      }
+    }
+    return headers;
+  }
 }();
 var v1Processor = new class EventV1Processor extends EventProcessor {
   getPath(event) {
@@ -152,18 +152,104 @@ var v1Processor = new class EventV1Processor extends EventProcessor {
   }
   getCookies(event, headers) {
   }
-  setCookiesToResult(result, cookies) {
+  getHeaders(event) {
+    const headers = new Headers();
+    this.getCookies(event, headers);
+    if (event.headers) {
+      for (const [k, v] of Object.entries(event.headers)) {
+        if (v) {
+          headers.set(k, v);
+        }
+      }
+    }
+    if (event.multiValueHeaders) {
+      for (const [k, values] of Object.entries(event.multiValueHeaders)) {
+        if (values) {
+          const foundK = headers.get(k);
+          values.forEach((v) => (!foundK || !foundK.includes(v)) && headers.append(k, v));
+        }
+      }
+    }
+    return headers;
+  }
+  setCookiesToResult(_, result, cookies) {
     result.multiValueHeaders = {
       "set-cookie": cookies
     };
   }
 }();
+var albProcessor = new class ALBProcessor extends EventProcessor {
+  getHeaders(event) {
+    const headers = new Headers();
+    if (event.multiValueHeaders) {
+      for (const [key, values] of Object.entries(event.multiValueHeaders)) {
+        if (values && Array.isArray(values)) {
+          headers.set(key, values.join("; "));
+        }
+      }
+    } else {
+      for (const [key, value] of Object.entries(event.headers ?? {})) {
+        if (value) {
+          headers.set(key, value);
+        }
+      }
+    }
+    return headers;
+  }
+  setHeadersToResult(event, result, headers) {
+    if (event.multiValueHeaders) {
+      const multiValueHeaders = {};
+      for (const [key, value] of headers.entries()) {
+        multiValueHeaders[key] = [value];
+      }
+      result.multiValueHeaders = multiValueHeaders;
+    } else {
+      const singleValueHeaders = {};
+      for (const [key, value] of headers.entries()) {
+        singleValueHeaders[key] = value;
+      }
+      result.headers = singleValueHeaders;
+    }
+  }
+  getPath(event) {
+    return event.path;
+  }
+  getMethod(event) {
+    return event.httpMethod;
+  }
+  getQueryString(event) {
+    return Object.entries(event.queryStringParameters || {}).filter(([, value]) => value).map(([key, value]) => `${key}=${value}`).join("&");
+  }
+  getCookies(event, headers) {
+    let cookie;
+    if (event.multiValueHeaders) {
+      cookie = event.multiValueHeaders["cookie"]?.join("; ");
+    } else {
+      cookie = event.headers ? event.headers["cookie"] : void 0;
+    }
+    if (cookie) {
+      headers.append("Cookie", cookie);
+    }
+  }
+  setCookiesToResult(event, result, cookies) {
+    if (event.multiValueHeaders && result.multiValueHeaders) {
+      result.multiValueHeaders["set-cookie"] = cookies;
+    } else {
+      result.headers["set-cookie"] = cookies.join(", ");
+    }
+  }
+}();
 var getProcessor = (event) => {
+  if (isProxyEventALB(event)) {
+    return albProcessor;
+  }
   if (isProxyEventV2(event)) {
     return v2Processor;
-  } else {
-    return v1Processor;
   }
+  return v1Processor;
+};
+var isProxyEventALB = (event) => {
+  return Object.prototype.hasOwnProperty.call(event.requestContext, "elb");
 };
 var isProxyEventV2 = (event) => {
   return Object.prototype.hasOwnProperty.call(event, "rawPath");

package/dist/cjs/adapter/aws-lambda/handler.js

@@ -96,23 +96,7 @@ class EventProcessor {
     const path = this.getPath(event);
     const urlPath = `https://${domainName}${path}`;
     const url = queryString ? `${urlPath}?${queryString}` : urlPath;
-    const headers = new Headers();
-    this.getCookies(event, headers);
-    if (event.headers) {
-      for (const [k, v] of Object.entries(event.headers)) {
-        if (v) {
-          headers.set(k, v);
-        }
-      }
-    }
-    if (event.multiValueHeaders) {
-      for (const [k, values] of Object.entries(event.multiValueHeaders)) {
-        if (values) {
-          const foundK = headers.get(k);
-          values.forEach((v) => (!foundK || !foundK.includes(v)) && headers.append(k, v));
-        }
-      }
-    }
+    const headers = this.getHeaders(event);
     const method = this.getMethod(event);
     const requestInit = {
       headers,
@@ -134,24 +118,28 @@ class EventProcessor {
     const result = {
       body,
       headers: {},
+      multiValueHeaders: event.multiValueHeaders ? {} : void 0,
       statusCode: res.status,
       isBase64Encoded
     };
     this.setCookies(event, res, result);
     res.headers.forEach((value, key) => {
       result.headers[key] = value;
+      if (event.multiValueHeaders && result.multiValueHeaders) {
+        result.multiValueHeaders[key] = [value];
+      }
     });
     return result;
   }
-  setCookies = (event, res, result) => {
+  setCookies(event, res, result) {
     if (res.headers.has("set-cookie")) {
       const cookies = res.headers.get("set-cookie")?.split(", ");
       if (Array.isArray(cookies)) {
-        this.setCookiesToResult(result, cookies);
+        this.setCookiesToResult(event, result, cookies);
         res.headers.delete("set-cookie");
       }
     }
-  };
+  }
 }
 const v2Processor = new class EventV2Processor extends EventProcessor {
   getPath(event) {
@@ -168,9 +156,21 @@ const v2Processor = new class EventV2Processor extends EventProcessor {
       headers.set("Cookie", event.cookies.join("; "));
     }
   }
-  setCookiesToResult(result, cookies) {
+  setCookiesToResult(_, result, cookies) {
     result.cookies = cookies;
   }
+  getHeaders(event) {
+    const headers = new Headers();
+    this.getCookies(event, headers);
+    if (event.headers) {
+      for (const [k, v] of Object.entries(event.headers)) {
+        if (v) {
+          headers.set(k, v);
+        }
+      }
+    }
+    return headers;
+  }
 }();
 const v1Processor = new class EventV1Processor extends EventProcessor {
   getPath(event) {
@@ -184,18 +184,104 @@ const v1Processor = new class EventV1Processor extends EventProcessor {
   }
   getCookies(event, headers) {
   }
-  setCookiesToResult(result, cookies) {
+  getHeaders(event) {
+    const headers = new Headers();
+    this.getCookies(event, headers);
+    if (event.headers) {
+      for (const [k, v] of Object.entries(event.headers)) {
+        if (v) {
+          headers.set(k, v);
+        }
+      }
+    }
+    if (event.multiValueHeaders) {
+      for (const [k, values] of Object.entries(event.multiValueHeaders)) {
+        if (values) {
+          const foundK = headers.get(k);
+          values.forEach((v) => (!foundK || !foundK.includes(v)) && headers.append(k, v));
+        }
+      }
+    }
+    return headers;
+  }
+  setCookiesToResult(_, result, cookies) {
     result.multiValueHeaders = {
       "set-cookie": cookies
     };
   }
 }();
+const albProcessor = new class ALBProcessor extends EventProcessor {
+  getHeaders(event) {
+    const headers = new Headers();
+    if (event.multiValueHeaders) {
+      for (const [key, values] of Object.entries(event.multiValueHeaders)) {
+        if (values && Array.isArray(values)) {
+          headers.set(key, values.join("; "));
+        }
+      }
+    } else {
+      for (const [key, value] of Object.entries(event.headers ?? {})) {
+        if (value) {
+          headers.set(key, value);
+        }
+      }
+    }
+    return headers;
+  }
+  setHeadersToResult(event, result, headers) {
+    if (event.multiValueHeaders) {
+      const multiValueHeaders = {};
+      for (const [key, value] of headers.entries()) {
+        multiValueHeaders[key] = [value];
+      }
+      result.multiValueHeaders = multiValueHeaders;
+    } else {
+      const singleValueHeaders = {};
+      for (const [key, value] of headers.entries()) {
+        singleValueHeaders[key] = value;
+      }
+      result.headers = singleValueHeaders;
+    }
+  }
+  getPath(event) {
+    return event.path;
+  }
+  getMethod(event) {
+    return event.httpMethod;
+  }
+  getQueryString(event) {
+    return Object.entries(event.queryStringParameters || {}).filter(([, value]) => value).map(([key, value]) => `${key}=${value}`).join("&");
+  }
+  getCookies(event, headers) {
+    let cookie;
+    if (event.multiValueHeaders) {
+      cookie = event.multiValueHeaders["cookie"]?.join("; ");
+    } else {
+      cookie = event.headers ? event.headers["cookie"] : void 0;
+    }
+    if (cookie) {
+      headers.append("Cookie", cookie);
+    }
+  }
+  setCookiesToResult(event, result, cookies) {
+    if (event.multiValueHeaders && result.multiValueHeaders) {
+      result.multiValueHeaders["set-cookie"] = cookies;
+    } else {
+      result.headers["set-cookie"] = cookies.join(", ");
+    }
+  }
+}();
 const getProcessor = (event) => {
+  if (isProxyEventALB(event)) {
+    return albProcessor;
+  }
   if (isProxyEventV2(event)) {
     return v2Processor;
-  } else {
-    return v1Processor;
   }
+  return v1Processor;
+};
+const isProxyEventALB = (event) => {
+  return Object.prototype.hasOwnProperty.call(event.requestContext, "elb");
 };
 const isProxyEventV2 = (event) => {
   return Object.prototype.hasOwnProperty.call(event, "rawPath");

package/dist/cjs/context.js

@@ -155,7 +155,11 @@ class Context {
       const header = new Headers(arg.headers);
       if (this.#headers) {
         this.#headers.forEach((v, k) => {
-          header.set(k, v);
+          if (k === "set-cookie") {
+            header.append(k, v);
+          } else {
+            header.set(k, v);
+          }
         });
       }
       const headers2 = setHeaders(header, this.#preparedHeaders);

package/dist/cjs/helper/ssg/ssg.js

@@ -30,6 +30,7 @@ var import_mime = require("../../utils/mime");
 var import_middleware = require("./middleware");
 var import_utils2 = require("./utils");
 const DEFAULT_CONCURRENCY = 2;
+const DEFAULT_CONTENT_TYPE = "text/plain";
 const generateFilePath = (routePath, outDir, mimeType, extensionMap) => {
   const extension = determineExtension(mimeType, extensionMap);
   if (routePath.endsWith(`.${extension}`)) {
@@ -121,7 +122,7 @@ const fetchRoutesContent = function* (app, beforeRequestHook, afterResponseHook,
                     }
                     response = maybeResponse;
                   }
-                  const mimeType = response.headers.get("Content-Type")?.split(";")[0] || "text/plain";
+                  const mimeType = response.headers.get("Content-Type")?.split(";")[0] || DEFAULT_CONTENT_TYPE;
                   const content = await parseResponseContent(response);
                   resolveReq({
                     routePath: replacedUrlParam,

package/dist/cjs/middleware/method-override/index.js

@@ -21,7 +21,6 @@ __export(method_override_exports, {
   methodOverride: () => methodOverride
 });
 module.exports = __toCommonJS(method_override_exports);
-var import_url = require("url");
 var import_body = require("../../utils/body");
 const DEFAULT_METHOD_FORM_NAME = "_method";
 const methodOverride = (options) => async function methodOverride2(c, next) {
@@ -56,7 +55,7 @@ const methodOverride = (options) => async function methodOverride2(c, next) {
       const method = params[methodFormName];
       if (method) {
         delete params[methodFormName];
-        const newParams = new import_url.URLSearchParams(params);
+        const newParams = new URLSearchParams(params);
         const request = new Request(newRequest, {
           body: newParams,
           method

package/dist/cjs/utils/cookie.js

@@ -134,7 +134,7 @@ const _serialize = (name, value, opt = {}) => {
     cookie += "; Secure";
   }
   if (opt.sameSite) {
-    cookie += `; SameSite=${opt.sameSite}`;
+    cookie += `; SameSite=${opt.sameSite.charAt(0).toUpperCase() + opt.sameSite.slice(1)}`;
   }
   if (opt.partitioned) {
     if (!opt.secure) {

package/dist/cjs/utils/jwt/jwt.js

@@ -34,7 +34,11 @@ const encodeJwtPart = (part) => (0, import_encode.encodeBase64Url)(import_utf8.u
 const encodeSignaturePart = (buf) => (0, import_encode.encodeBase64Url)(buf).replace(/=/g, "");
 const decodeJwtPart = (part) => JSON.parse(import_utf8.utf8Decoder.decode((0, import_encode.decodeBase64Url)(part)));
 function isTokenHeader(obj) {
-  return typeof obj === "object" && obj !== null && "alg" in obj && Object.values(import_jwa.AlgorithmTypes).includes(obj.alg) && (!("typ" in obj) || obj.typ === "JWT");
+  if (typeof obj === "object" && obj !== null) {
+    const objWithAlg = obj;
+    return "alg" in objWithAlg && Object.values(import_jwa.AlgorithmTypes).includes(objWithAlg.alg) && (!("typ" in objWithAlg) || objWithAlg.typ === "JWT");
+  }
+  return false;
 }
 const sign = async (payload, privateKey, alg = "HS256") => {
   const encodedPayload = encodeJwtPart(payload);

package/dist/context.js

@@ -132,7 +132,11 @@ var Context = class {
       const header = new Headers(arg.headers);
       if (this.#headers) {
         this.#headers.forEach((v, k) => {
-          header.set(k, v);
+          if (k === "set-cookie") {
+            header.append(k, v);
+          } else {
+            header.set(k, v);
+          }
         });
       }
       const headers2 = setHeaders(header, this.#preparedHeaders);

package/dist/helper/ssg/ssg.js

@@ -5,6 +5,7 @@ import { getExtension } from "../../utils/mime.js";
 import { X_HONO_DISABLE_SSG_HEADER_KEY, SSG_CONTEXT } from "./middleware.js";
 import { joinPaths, dirname, filterStaticGenerateRoutes } from "./utils.js";
 var DEFAULT_CONCURRENCY = 2;
+var DEFAULT_CONTENT_TYPE = "text/plain";
 var generateFilePath = (routePath, outDir, mimeType, extensionMap) => {
   const extension = determineExtension(mimeType, extensionMap);
   if (routePath.endsWith(`.${extension}`)) {
@@ -96,7 +97,7 @@ var fetchRoutesContent = function* (app, beforeRequestHook, afterResponseHook, c
                     }
                     response = maybeResponse;
                   }
-                  const mimeType = response.headers.get("Content-Type")?.split(";")[0] || "text/plain";
+                  const mimeType = response.headers.get("Content-Type")?.split(";")[0] || DEFAULT_CONTENT_TYPE;
                   const content = await parseResponseContent(response);
                   resolveReq({
                     routePath: replacedUrlParam,

package/dist/middleware/method-override/index.js

@@ -1,5 +1,4 @@
 // src/middleware/method-override/index.ts
-import { URLSearchParams } from "url";
 import { parseBody } from "../../utils/body.js";
 var DEFAULT_METHOD_FORM_NAME = "_method";
 var methodOverride = (options) => async function methodOverride2(c, next) {

package/dist/types/adapter/aws-lambda/handler.d.ts

@@ -73,11 +73,12 @@ declare abstract class EventProcessor<E extends LambdaEvent> {
     protected abstract getPath(event: E): string;
     protected abstract getMethod(event: E): string;
     protected abstract getQueryString(event: E): string;
+    protected abstract getHeaders(event: E): Headers;
     protected abstract getCookies(event: E, headers: Headers): void;
-    protected abstract setCookiesToResult(result: APIGatewayProxyResult, cookies: string[]): void;
+    protected abstract setCookiesToResult(event: E, result: APIGatewayProxyResult, cookies: string[]): void;
     createRequest(event: E): Request;
     createResult(event: E, res: Response): Promise<APIGatewayProxyResult>;
-    setCookies: (event: LambdaEvent, res: Response, result: APIGatewayProxyResult) => void;
+    setCookies(event: E, res: Response, result: APIGatewayProxyResult): void;
 }
 export declare const getProcessor: (event: LambdaEvent) => EventProcessor<LambdaEvent>;
 export declare const isContentTypeBinary: (contentType: string) => boolean;

package/dist/types/context.d.ts

@@ -1,7 +1,7 @@
 import type { HonoRequest } from './request';
 import type { Env, FetchEventLike, Input, NotFoundHandler, TypedResponse } from './types';
 import type { RedirectStatusCode, StatusCode } from './utils/http-status';
-import type { JSONValue, JSONParsed, IsAny, Simplify } from './utils/types';
+import type { IsAny, JSONParsed, JSONValue, Simplify } from './utils/types';
 type HeaderRecord = Record<string, string | string[]>;
 export type Data = string | ArrayBuffer | ReadableStream;
 export interface ExecutionContext {

package/dist/types/jsx/dom/index.d.ts

@@ -31,8 +31,8 @@ declare const _default: {
     useId: () => string;
     useDebugValue: (_value: unknown, _formatter?: ((value: unknown) => string) | undefined) => void;
     createRef: <T_8>() => import("../hooks").RefObject<T_8>;
-    forwardRef: <T_9, P = {}>(Component: (props: P, ref: import("../hooks").RefObject<T_9>) => JSX.Element) => (props: P & {
-        ref: import("../hooks").RefObject<T_9>;
+    forwardRef: <T_9, P = {}>(Component: (props: P, ref?: import("../hooks").RefObject<T_9> | undefined) => JSX.Element) => (props: P & {
+        ref?: import("../hooks").RefObject<T_9> | undefined;
     }) => JSX.Element;
     useImperativeHandle: <T_10>(ref: import("../hooks").RefObject<T_10>, createHandle: () => T_10, deps: readonly unknown[]) => void;
     useSyncExternalStore: <T_11>(subscribe: (callback: (value: T_11) => void) => () => void, getSnapshot: () => T_11, getServerSnapshot?: (() => T_11) | undefined) => T_11;

package/dist/types/jsx/hooks/index.d.ts

@@ -32,8 +32,8 @@ export declare const useMemo: <T>(factory: () => T, deps: readonly unknown[]) =>
 export declare const useId: () => string;
 export declare const useDebugValue: (_value: unknown, _formatter?: ((value: unknown) => string) | undefined) => void;
 export declare const createRef: <T>() => RefObject<T>;
-export declare const forwardRef: <T, P = {}>(Component: (props: P, ref: RefObject<T>) => JSX.Element) => (props: P & {
-    ref: RefObject<T>;
+export declare const forwardRef: <T, P = {}>(Component: (props: P, ref?: RefObject<T> | undefined) => JSX.Element) => (props: P & {
+    ref?: RefObject<T> | undefined;
 }) => JSX.Element;
 export declare const useImperativeHandle: <T>(ref: RefObject<T>, createHandle: () => T, deps: readonly unknown[]) => void;
 export declare const useSyncExternalStore: <T>(subscribe: (callback: (value: T) => void) => () => void, getSnapshot: () => T, getServerSnapshot?: (() => T) | undefined) => T;

package/dist/types/jsx/index.d.ts

@@ -41,8 +41,8 @@ declare const _default: {
     useMemo: <T_11>(factory: () => T_11, deps: readonly unknown[]) => T_11;
     useLayoutEffect: (effect: () => void | (() => void), deps?: readonly unknown[] | undefined) => void;
     createRef: <T_12>() => import("./hooks").RefObject<T_12>;
-    forwardRef: <T_13, P = {}>(Component: (props: P, ref: import("./hooks").RefObject<T_13>) => JSX.Element) => (props: P & {
-        ref: import("./hooks").RefObject<T_13>;
+    forwardRef: <T_13, P = {}>(Component: (props: P, ref?: import("./hooks").RefObject<T_13> | undefined) => JSX.Element) => (props: P & {
+        ref?: import("./hooks").RefObject<T_13> | undefined;
     }) => JSX.Element;
     useImperativeHandle: <T_14>(ref: import("./hooks").RefObject<T_14>, createHandle: () => T_14, deps: readonly unknown[]) => void;
     useSyncExternalStore: <T_15>(subscribe: (callback: (value: T_15) => void) => () => void, getSnapshot: () => T_15, getServerSnapshot?: (() => T_15) | undefined) => T_15;

package/dist/types/middleware/jwt/index.d.ts

@@ -11,9 +11,9 @@ export declare const jwt: (options: {
     cookie?: string;
     alg?: SignatureAlgorithm;
 }) => MiddlewareHandler;
-export declare const verify: (token: string, publicKey: import("../../utils/jwt/jws").SignatureKey, alg?: "HS256" | "HS384" | "HS512" | "RS256" | "RS384" | "RS512" | "PS256" | "PS384" | "PS512" | "ES256" | "ES384" | "ES512" | "EdDSA") => Promise<any>;
+export declare const verify: (token: string, publicKey: import("../../utils/jwt/jws").SignatureKey, alg?: "HS256" | "HS384" | "HS512" | "RS256" | "RS384" | "RS512" | "PS256" | "PS384" | "PS512" | "ES256" | "ES384" | "ES512" | "EdDSA") => Promise<import("../../utils/jwt/types").JWTPayload>;
 export declare const decode: (token: string) => {
-    header: any;
-    payload: any;
+    header: import("../../utils/jwt/jwt").TokenHeader;
+    payload: import("../../utils/jwt/types").JWTPayload;
 };
 export declare const sign: (payload: import("../../utils/jwt/types").JWTPayload, privateKey: import("../../utils/jwt/jws").SignatureKey, alg?: "HS256" | "HS384" | "HS512" | "RS256" | "RS384" | "RS512" | "PS256" | "PS384" | "PS512" | "ES256" | "ES384" | "ES512" | "EdDSA") => Promise<string>;

package/dist/types/middleware/secure-headers/index.d.ts

@@ -49,7 +49,7 @@ interface SecureHeadersOptions {
     crossOriginEmbedderPolicy?: overridableHeader;
     crossOriginResourcePolicy?: overridableHeader;
     crossOriginOpenerPolicy?: overridableHeader;
-    originAgentCluster: overridableHeader;
+    originAgentCluster?: overridableHeader;
     referrerPolicy?: overridableHeader;
     reportingEndpoints?: ReportingEndpointOptions[];
     reportTo?: ReportToOptions[];
@@ -62,5 +62,5 @@ interface SecureHeadersOptions {
     xXssProtection?: overridableHeader;
 }
 export declare const NONCE: ContentSecurityPolicyOptionHandler;
-export declare const secureHeaders: (customOptions?: Partial<SecureHeadersOptions>) => MiddlewareHandler;
+export declare const secureHeaders: (customOptions?: SecureHeadersOptions) => MiddlewareHandler;
 export {};

package/dist/types/middleware/timing/index.d.ts

@@ -14,13 +14,13 @@ interface Timer {
     start: number;
 }
 interface TimingOptions {
-    total: boolean;
-    enabled: boolean | ((c: Context) => boolean);
-    totalDescription: string;
-    autoEnd: boolean;
-    crossOrigin: boolean | string | ((c: Context) => boolean | string);
+    total?: boolean;
+    enabled?: boolean | ((c: Context) => boolean);
+    totalDescription?: string;
+    autoEnd?: boolean;
+    crossOrigin?: boolean | string | ((c: Context) => boolean | string);
 }
-export declare const timing: (config?: Partial<TimingOptions>) => MiddlewareHandler;
+export declare const timing: (config?: TimingOptions) => MiddlewareHandler;
 interface SetMetric {
     (c: Context, name: string, value: number, description?: string, precision?: number): void;
     (c: Context, name: string, description?: string): void;

package/dist/types/utils/cookie.d.ts

@@ -23,7 +23,7 @@ export type CookieOptions = {
     path?: string;
     secure?: boolean;
     signingSecret?: string;
-    sameSite?: 'Strict' | 'Lax' | 'None';
+    sameSite?: 'Strict' | 'Lax' | 'None' | 'strict' | 'lax' | 'none';
     partitioned?: boolean;
     prefix?: CookiePrefixOptions;
 } & PartitionCookieConstraint;

package/dist/types/utils/jwt/index.d.ts

@@ -1,8 +1,8 @@
 export declare const Jwt: {
     sign: (payload: import("./types").JWTPayload, privateKey: import("./jws").SignatureKey, alg?: "HS256" | "HS384" | "HS512" | "RS256" | "RS384" | "RS512" | "PS256" | "PS384" | "PS512" | "ES256" | "ES384" | "ES512" | "EdDSA") => Promise<string>;
-    verify: (token: string, publicKey: import("./jws").SignatureKey, alg?: "HS256" | "HS384" | "HS512" | "RS256" | "RS384" | "RS512" | "PS256" | "PS384" | "PS512" | "ES256" | "ES384" | "ES512" | "EdDSA") => Promise<any>;
+    verify: (token: string, publicKey: import("./jws").SignatureKey, alg?: "HS256" | "HS384" | "HS512" | "RS256" | "RS384" | "RS512" | "PS256" | "PS384" | "PS512" | "ES256" | "ES384" | "ES512" | "EdDSA") => Promise<import("./types").JWTPayload>;
     decode: (token: string) => {
-        header: any;
-        payload: any;
+        header: import("./jwt").TokenHeader;
+        payload: import("./types").JWTPayload;
     };
 };

package/dist/types/utils/jwt/jwt.d.ts

@@ -1,14 +1,14 @@
-import type { SignatureAlgorithm } from './jwa';
-import type { SignatureKey } from './jws';
+import { type SignatureAlgorithm } from './jwa';
+import { type SignatureKey } from './jws';
 import { type JWTPayload } from './types';
 export interface TokenHeader {
     alg: SignatureAlgorithm;
     typ?: 'JWT';
 }
-export declare function isTokenHeader(obj: any): obj is TokenHeader;
+export declare function isTokenHeader(obj: unknown): obj is TokenHeader;
 export declare const sign: (payload: JWTPayload, privateKey: SignatureKey, alg?: SignatureAlgorithm) => Promise<string>;
-export declare const verify: (token: string, publicKey: SignatureKey, alg?: SignatureAlgorithm) => Promise<any>;
+export declare const verify: (token: string, publicKey: SignatureKey, alg?: SignatureAlgorithm) => Promise<JWTPayload>;
 export declare const decode: (token: string) => {
-    header: any;
-    payload: any;
+    header: TokenHeader;
+    payload: JWTPayload;
 };

package/dist/types/utils/jwt/types.d.ts

@@ -32,7 +32,7 @@ export declare enum CryptoKeyUsage {
 /**
  * JWT Payload
  */
-export type JWTPayload = (unknown & {}) | {
+export type JWTPayload = {
     [key: string]: unknown;
     /**
      * The token is checked to ensure it has not expired.

package/dist/utils/cookie.js

@@ -109,7 +109,7 @@ var _serialize = (name, value, opt = {}) => {
     cookie += "; Secure";
   }
   if (opt.sameSite) {
-    cookie += `; SameSite=${opt.sameSite}`;
+    cookie += `; SameSite=${opt.sameSite.charAt(0).toUpperCase() + opt.sameSite.slice(1)}`;
   }
   if (opt.partitioned) {
     if (!opt.secure) {

package/dist/utils/jwt/jwt.js

@@ -15,7 +15,11 @@ var encodeJwtPart = (part) => encodeBase64Url(utf8Encoder.encode(JSON.stringify(
 var encodeSignaturePart = (buf) => encodeBase64Url(buf).replace(/=/g, "");
 var decodeJwtPart = (part) => JSON.parse(utf8Decoder.decode(decodeBase64Url(part)));
 function isTokenHeader(obj) {
-  return typeof obj === "object" && obj !== null && "alg" in obj && Object.values(AlgorithmTypes).includes(obj.alg) && (!("typ" in obj) || obj.typ === "JWT");
+  if (typeof obj === "object" && obj !== null) {
+    const objWithAlg = obj;
+    return "alg" in objWithAlg && Object.values(AlgorithmTypes).includes(objWithAlg.alg) && (!("typ" in objWithAlg) || objWithAlg.typ === "JWT");
+  }
+  return false;
 }
 var sign = async (payload, privateKey, alg = "HS256") => {
   const encodedPayload = encodeJwtPart(payload);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "hono",
-  "version": "4.3.6",
+  "version": "4.3.8",
   "description": "Ultrafast web framework for the Edges",
   "main": "dist/cjs/index.js",
   "type": "module",