@hono/node-server is a Node.js adapter that lets you run a Hono application on Node.js by using web standard Request/Response APIs. It provides a `serve` function to start the app, optional WebSocket support (via `upgradeWebSocket`), and Node.js-friendly helpers like ConnInfo and static file serving.
Project status
- Actively maintained, with frequent recent updates in 2026 (for example, v2.0.4 on 2026-05-24, v2.0.5 on 2026-06-15, and v2.0.6 through v2.0.8 clustered between 2026-06-22 and 2026-07-02, and an upstream push on 2026-07-02).
- Apparent update cadence is steady and relatively fast, about weekly to every few weeks across late May through early July 2026 (the latest update was on 2026-07-02, which is about 1 week before today, 2026-07-09).
AI summary generated
Recent updates
v2.0.8
Release v2.0.8 makes a small change to the release workflow, adding the pnpm publish flag `--no-git-checks` for `pnpm stage publish`. It also bumps the package version in `package.json` from 2.0.7 to 2.0.8.
Featuresv2.0.7
v2.0.7 migrates the repo tooling from Bun to pnpm, updates CI/workflows accordingly, and bumps the test dependency supertest. It also changes serve-static behavior to serve precompressed assets for application/octet-stream responses when precompressed files are available.
v2.0.6
v2.0.6 updates CI publishing to npm using OIDC trusted publishing and npm staged publishing. It also fixes Response cloning when using live headers so that status and statusText are preserved. Additional unit tests were added to cover status and statusText preservation behavior.
v2.0.5
v2.0.5 is a targeted security release for Serve Static Middleware on Windows. It fixes a bypass condition involving prefix-mounted middleware, and adds additional path validation and test coverage to prevent maliciously crafted URLs from resolving static files.
Securityv2.0.4
v2.0.4 introduces a set of locally defined WebSocket interface stubs to avoid importing `ws` types into the package's public TypeScript surface. The runtime logic for websocket upgrade/handshakes remains effectively the same, but several exported TypeScript types used by `upgradeWebSocket` and the `websocket.server` option were retargeted to these new stubs.
Featuresv2.0.3
v2.0.3 primarily fixes a header-cloning regression in the Response implementation, ensuring that headers mutated after a raw Response is constructed are preserved when the response is later cloned. The release notes also mention CI action version updates and a documentation comment alignment for ServeStaticOptions.
v2.0.2
v2.0.2 contains fixes to the serve-static adapter, specifically around HTTP header values and stream fallback behavior. The code changes also refactor the stream fallback logic into a new utility module and adjust headers emitted for static responses.
Breakingv2.0.1
v2.0.1 improves WebSocket upgrade handling by forwarding response headers produced by Hono middleware/handlers. The change is implemented in the WebSocket adapter so headers are applied during both upgrade success and upgrade rejection scenarios (with filtering of hop-by-hop/WebSocket handshake headers).
v2.0.0
Release v2.0.0 claims a major performance upgrade and multiple behavioral changes for the Hono Node.js adapter. However, the provided code diff for this release shows only a package.json version bump from 2.0.0-rc.2 to 2.0.0, with no other source changes visible.
BreakingFeaturesv2.0.0-rc.2
Release v2.0.0-rc.2 introduces major internal refactors to the Node.js adapter, including new WebSocket support APIs and performance-oriented fast paths for response handling. The release notes section is empty, so the behavioral and packaging changes are not documented here, but they are visible in the code diff.
Featuresv1.19.14
v1.19.14 updates the Node.js adapter to add a custom util.inspect implementation for the lightweight Request and Response objects. This prevents errors when developers log these objects (for example, via console.log), and improves the inspected output before the underlying native Node request/response is created.
v1.19.13
v1.19.13 patches a security issue in the Serve Static middleware related to how repeated slashes can lead to bypassing middleware authorization. The code change strengthens path validation and the tests add coverage for a double-slash URL that previously could access protected content.
Securityv1.19.12
v1.19.12 includes a fix related to draining incoming request data when a response is generated early, specifically to avoid network errors (eg, ECONNRESET) during early 413 handling. It also contains a small non-functional housekeeping change.
v2.0.0-rc.1
The release notes provided for v2.0.0-rc.1 contain no documented changes. The only code diff is a modification to .gitignore, adding an entry to ignore a local Claude settings file.