Skip to content

fix(deps): update dependency http-proxy-middleware to v2 (main)#24

Open
mend-for-github-com[bot] wants to merge 1 commit into
mainfrom
whitesource-remediate/main-http-proxy-middleware-2.x
Open

fix(deps): update dependency http-proxy-middleware to v2 (main)#24
mend-for-github-com[bot] wants to merge 1 commit into
mainfrom
whitesource-remediate/main-http-proxy-middleware-2.x

Conversation

@mend-for-github-com
Copy link
Copy Markdown

@mend-for-github-com mend-for-github-com Bot commented Apr 23, 2026

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
http-proxy-middleware ^0.20.0^2.0.0 age adoption passing confidence

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity CVSS Score Vulnerability Reachability
High High 7.3 CVE-2023-26159

Reachable
Medium Medium 6.5 CVE-2024-28849

Reachable
Medium Medium 5.3 CVE-2024-4067

Reachable
Medium Medium 5.3 CVE-2026-40895
Medium Medium 4.0 CVE-2025-32996

Reachable
Medium Medium 4.0 CVE-2025-32997

Reachable

Release Notes

chimurai/http-proxy-middleware (http-proxy-middleware)

v2.0.9

Compare Source

What's Changed

Full Changelog: chimurai/http-proxy-middleware@v2.0.8...v2.0.9

v2.0.8

Compare Source

What's Changed

Full Changelog: chimurai/http-proxy-middleware@v2.0.7...v2.0.8

v2.0.7

Compare Source

Full Changelog: chimurai/http-proxy-middleware@v2.0.6...v2.0.7

v2.0.6

Compare Source

  • fix(proxyReqWs): catch socket errors (#​763)

v2.0.5

Compare Source

  • fix(error handler): add default handler to econnreset (#​759)

v2.0.4

Compare Source

  • fix(fix-request-body): improve content type check (#​725) (kevinxh)

v2.0.3

Compare Source

v2.0.2

Compare Source

v2.0.1

Compare Source

v2.0.0

Compare Source

  • chore(package): drop node 10 [BREAKING CHANGE] (#​577)

v1.3.1

Compare Source

  • fix(fix-request-body): make sure the content-type exists (#​578) (oufeng)

v1.3.0

Compare Source

  • docs(response interceptor): align with nodejs default utf8 (#​567)
  • feat: try to proxy body even after body-parser middleware (#​492) (midgleyc)

v1.2.1

Compare Source

  • fix(response interceptor): proxy original response headers (#​563)

v1.2.0

Compare Source

  • feat(handler): response interceptor (#​520)
  • fix(log error): handle undefined target when websocket errors (#​527)

v1.1.2

Compare Source

  • fix(log error): handle optional target (#​523)

v1.1.1

Compare Source

  • fix(error handler): re-throw http-proxy missing target error (#​517)
  • refactor(dependency): remove camelcase
  • fix(option): optional target when router is used (#​512)

v1.1.0

Compare Source

v1.0.6

Compare Source

  • chore(deps): lodash 4.17.20 (#​475)

v1.0.5

Compare Source

  • chore(deps): lodash 4.17.19 (#​454)

v1.0.4

Compare Source

  • chore(deps): http-proxy 1.18.1 (#​442)

v1.0.3

Compare Source

  • build(package): exclude build artifact tsconfig.tsbuildinfo (#​415)

v1.0.2

Compare Source

  • fix(router): handle rejected promise in custom router (#​410) (bforbis)

v1.0.1

Compare Source

  • fix(typescript): fix proxyRes and router types (#​410) (dylang)

v1.0.0

Compare Source

  • feat(createProxyMiddleware): explicit import http-proxy-middleware (BREAKING CHANGE)(#​400)
  • feat(typescript): export http-proxy-middleware types (#​400)
  • fix(typescript): ES6 target - TS1192 (#​400)

v0.21.0

Compare Source

  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com Bot added the security fix Security fix generated by Mend label Apr 23, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

security fix Security fix generated by Mend

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants