chore(deps): bump elysia from 1.3.5 to 1.4.28

[dependabot]

Bumps elysia from 1.3.5 to 1.4.28.

Release notes

Sourced from elysia's releases.

1.4.28

What's new

Feature:

• #1803 stream response with pull based backpressure
• #1802 handle range header for file/blob response
• #1722, #1741 direct ReadableStream perf blow-up

Bug fix:

• #1805 dynamic imports inside .guard not registering routes
• #1771 breaks Bun HTML imports
• #1797 await mapped error response promise
• #1794 merge app cookie config into route cookie validator config
• #1796 check custom parser by full name
• #1795 write transformed cookie value to cookie entry directly
• #1793 use cookie schema for cookie noValidate check
• #1792 throw ValidationError instead of boolean in response encode path
• detect HTML bundle when inline response is Promise

Change:

• #1613 export ElysiaTypeCustomErrors
• remove Bun specific built
• export AnySchema, UnwrapSchema, ModelsToTypes from root
• conditional set headers of String and Object when no set.headers is set

New Contributors

• @​MegaManSec made their first contribution in elysiajs/elysia#1797
• @​ap0nia made their first contribution in elysiajs/elysia#1613

Full Changelog: elysiajs/elysia@1.4.27...1.4.28

1.4.27

What's changed

Bug fix:

• getSchemaValidator: handle TypeBox as sub type
• handle cookie prototype pollution when parsing cookie

Improvement:

• conditional async on getSchemaValidator when schema is Standard Schema
• use Response.json on Bun
• export AnySchema, UnwrapSchema, ModelsToTypes from root

Full Changelog: elysiajs/elysia@1.4.26...1.4.27

1.4.26

What's changed

Bug fix:

• #1755 deduplicate local handler from global event

... (truncated)

Changelog

Sourced from elysia's changelog.

1.4.28 - 17 Mar 2025

Feature:

• #1803 stream response with pull based backpressure
• #1802 handle range header for file/blob response
• #1722, #1741 direct ReadableStream perf blow-up

Bug fix:

• #1805 dynamic imports inside .guard not registering routes
• #1771 breaks Bun HTML imports
• #1797 await mapped error response promise
• #1794 merge app cookie config into route cookie validator config
• #1796 check custom parser by full name
• #1795 write transformed cookie value to cookie entry directly
• #1793 use cookie schema for cookie noValidate check
• #1792 throw ValidationError instead of boolean in response encode path
• detect HTML bundle when inline response is Promise

Change:

• #1613 export ElysiaTypeCustomErrors
• remove Bun specific built
• export AnySchema, UnwrapSchema, ModelsToTypes from root
• conditional set headers of String and Object when no set.headers is set

1.4.27 - 1 Mar 2026

Bug fix:

• getSchemaValidator: handle TypeBox as sub type
• handle cookie prototype pollution when parsing cookie

Improvement:

• conditional async on getSchemaValidator when schema is Standard Schema
• use Response.json on Bun

1.4.26 - 25 Feb 2026

Bug fix:

• #1755 deduplicate local handler from global event
• #1752 system router with trailing path doesn't match with non-trailing
• url format redos
• #1747 parsing request from mount hang

1.4.25 - 12 Feb 2026

Feature:

• export ElysiaStatus

Bug fix:

• macro with conflict literal value per status
• recursive macro with conflict value per status

1.4.24 - 11 Feb 2026

Feature:

• graceful unsigned cookie transition

... (truncated)

Commits

• 56310be 📘 doc: document changelog
• 708f8c6 📘 doc: document changelog
• 7acc183 Merge pull request #1613 from ap0nia/feat/extend-errors
• c00b9e3 Merge branch 'main' of https://github.com/elysiajs/elysia
• ccbd9e4 📘 fix: #1772 resolve merge conflict
• 01340b7 Merge pull request #1792 from MegaManSec/j1
• 0956af9 Merge pull request #1793 from MegaManSec/j2
• b48ade6 📘 doc: update changelog
• b329314 Merge branch 'main' of https://github.com/elysiajs/elysia
• 32b531a 📘 doc: update changelog
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for elysia since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[cubic-dev-ai]

No issues found across 2 files