Update dependency http-proxy-middleware to v3.0.4 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
http-proxy-middleware	3.0.0 -> 3.0.4

GitHub Vulnerability Alerts

CVE-2025-32996

In http-proxy-middleware before 2.0.8 and 3.x before 3.0.4, writeBody can be called twice because "else if" is not used.

---

Release Notes

chimurai/http-proxy-middleware (http-proxy-middleware)

v3.0.4

Compare Source

• fix(fixRequestBody): handle invalid request (#​1092)
• fix(fixRequestBody): prevent multiple .write() calls (#​1089)
• fix(websocket): handle errors in handleUpgrade (#​823)
• ci(package): patch http-proxy (#​1084)
• fix(fixRequestBody): support multipart/form-data (#​896)
• feat(types): export Plugin type (#​1071)

v3.0.3

Compare Source

• fix(pathFilter): handle errors

v3.0.2

Compare Source

• refactor(dependency): replace is-plain-obj with is-plain-object (#​1031)
• chore(package): upgrade to eslint v9 (#​1032)
• fix(logger-plugin): handle undefined protocol and hostname (#​1036)

v3.0.1

Compare Source

• fix(type): fix RequestHandler return type (#​980)
• refactor(errors): improve pathFilter error message (#​987)
• fix(logger-plugin): fix missing target port (#​989)
• ci(package): npm package provenance (#​991)
• fix(logger-plugin): log target port when router option is used (#​1001)
• refactor: fix circular dependencies (#​1010)
• fix(fix-request-body): support '+json' content-type suffix (#​1015)

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.