New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade fastify from 4.28.1 to 5.0.0 #17

Open

lholmquist wants to merge 1 commit into main from snyk-upgrade-cd412573a88fdab8f6d7f7fd61d98118

Member

lholmquist commented Oct 14, 2024

Snyk has created this PR to upgrade fastify from 4.28.1 to 5.0.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

The recommended version is 5 versions ahead of your current version.
The recommended version was released a month ago, on 2024-09-17.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Cross-site Scripting (XSS) SNYK-JS-COOKIE-8163060	386/1000 Why? Recently disclosed, CVSS 6.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-FINDMYWAY-8055229	386/1000 Why? Recently disclosed, CVSS 6.3	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: fastify

5.0.0 - 2024-09-17
Read more
5.0.0-aplha.1 - 2024-05-07
5.0.0-alpha.4 - 2024-09-03
Read more
5.0.0-alpha.3 - 2024-06-28
5.0.0-alpha.2 - 2024-06-21
Read more
4.28.1 - 2024-06-29
What's Changed
- [Backport 4.x] fix: server.listen listener is not cleanup properly by @ github-actions in #5523
- [Backport 4.x] test: fix test finished earlier than expected by @ github-actions in #5541
- fix(v4): update .npmignore by @ Eomm in #5538
Full Changelog: v4.28.0...v4.28.1

from fastify GitHub release notes

Commit messages

Package name: fastify

6bde7d7 Bumped v5.0.0
7239d78 docs: Add required .js extension to relative ESM imports (#5685)
9a1be75 docs: update v4 codemods (#5666)
d623d47 chore: bind this to instance in onclose (#5670)
455ff7f docs: add v5 guide (#5674)
694cf43 types: remove nonexistant done parameter from onRegister (#5678)
b493fce chore: list the next deprecation code (#5673)
07bc7cf docs: join plugin team (#5677)
501be89 doc: add dancastillo to Fastify Plugins team (#5668)
6b1b8a7 chore: bump fast-json-stringify-compiler to v5.0.0 (#5660)
985b3c3 Bumped v5.0.0-alpha.4
bd66380 Bumped avvio to v9.0.0 (#5656)
1bcfb4a Bumped light-my-request to v6.0.0 (#5655)
a6a4b21 Bump ajv-compiler to v4.0.0 (#5653)
4def191 Bump find-my-way to v9 (#5652)
f29b5f4 feat: add fastify v4 codemods (#5642)
1528257 docs(type-providers): fix typos (#5651)
347e3f8 docs: move RafaelGSS to past collaborators (#5645)
1a64b44 chore: fix sponsor link (#5640)
5365a47 chore: simplify `neostandard` setup (#5635)
e3ec5e2 docs/Reference/Server: Show default maxParamLength value (#5630)
a89efa3 ci(.github): use latest node lts version (#5577)
3ececdd refactor: reorder handling of Response replies (#5612)
b6c828e chore: Bump @ sinclair/typebox in the dev-dependencies group (#5625)

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs


          feat: upgrade fastify from 4.28.1 to 5.0.0

336061b

Snyk has created this PR to upgrade fastify from 4.28.1 to 5.0.0.

See this package in npm:
https://www.npmjs.com/package/fastify

See this project in Snyk:
https://app.snyk.io/org/nodeshift-agg/project/dc81053e-a261-4a5b-bee8-eee6cfbecbff?utm_source=github&utm_medium=referral&page=upgrade-pr

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet