fix(hono-supabase): bump hono to >=4.11.4 for CVE-2026-22817/22818

[tobyhede]

Addresses JWT/JWK/JWKS algorithm confusion vulnerabilities (CVSS 8.2). While the JWT middleware is not used in this example, the version constraint is updated to satisfy security SLA requirements.

Summary by CodeRabbit

• Chores
  • Updated the hono dependency in the example project to the latest stable version, providing access to recent improvements and bug fixes.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 933a94b

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

---

📝 Walkthrough

Walkthrough

The hono package dependency in the Hono-Supabase example was updated from version ^4.6.15 to ^4.11.4 in the package.json file.

Changes

Cohort / File(s)	Summary
Dependency Version Update examples/hono-supabase/package.json	Hono package version bumped from ^4.6.15 to ^4.11.4.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 A hop and a bound, the version does climb,
From 4.6 to 4.11, keeping pace with the time,
In Hono's swift flight, we ride the new breeze,
Dependencies dancing with such graceful ease!

🚥 Pre-merge checks | ✅ 4

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: a dependency version bump for the hono package in the hono-supabase example to address specific CVE vulnerabilities.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Merge Conflict Detection	✅ Passed	✅ No merge conflicts detected when merging into main

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch patch/hono-to-4114

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}