Version Details and Security Vulnerabilities

http-proxy-middleware has undergone notable changes moving from version 2.0.9 to the latest 3.0.0. The core functionality as a lightweight solution for proxying requests in Node.js applications (Connect, Express, Next.js, BrowserSync) remains, but several dependency updates and additions introduce new features and improved compatibility.

Version 3.0.0 introduces debug as a dependency, enhancing logging and troubleshooting capabilities. Development dependencies saw a significant bump, upgrading to newer versions of tools like eslint, typescript, jest, and introducing @typescript-eslint, aiding in code quality and maintainability adhering to modern coding standards. The addition of husky and lint-staged automates code checks before commits, further solidifying code consistency.

Developers should note the updated type definitions (@types/*) which ensures seamless integration with TypeScript projects, providing improved type safety. Additionally, the shift to newer versions of testing frameworks like jest and supertest brings access to the latest testing features and performance improvements.

While http-proxy remains a core dependency, the other dependencies are upgraded to the latest versions. The update also increased the file count in distribution and the uncompressed library size due to increased tooling. The peerDependencies declaration for @types/express found in version 2.0.9 has been removed in version 3.0.0. Version 3.0.0 brings an improved development experience and enhanced code quality, making it an attractive upgrade for projects already using http-proxy-middleware.