[Snyk] Upgrade fastify from 4.24.2 to 4.26.1

[PlainDevelopment]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade fastify from 4.24.2 to 4.26.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 6 versions ahead of your current version.
• The recommended version was released a month ago, on 2024-02-12.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ZOD-5925617	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-AXIOS-6144788	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Improper Input Validation SNYK-JS-FOLLOWREDIRECTS-6141137	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Prototype Pollution SNYK-JS-MONGOOSE-5777721	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-6124857	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Information Exposure SNYK-JS-MONGODB-5871303	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit
	Resource Exhaustion SNYK-JS-NEXT-6032387	482/1000 Why? Proof of Concept exploit, CVSS 7.5	Proof of Concept
	Improper Input Validation SNYK-JS-POSTCSS-5926692	482/1000 Why? Proof of Concept exploit, CVSS 7.5	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: fastify

• 4.26.1 - 2024-02-12
  

  What's Changed

  • docs(ecosystem): adds fastify-hana to the community plugins list by @ yoav0gal in #5289
  • docs: fix misattributed property parent in deprecation warning: request.elapsedTime by @ mscottnelson in #5299
  • chore: Bump lycheeverse/lychee-action from 1.8.0 to 1.9.3 by @ dependabot in #5300
  • chore: Bump actions/dependency-review-action from 3 to 4 by @ dependabot in #5301
  • chore(.gitignore): add .tap/ dir by @ Fdawgs in #5303
  • fix: amend error codes for latest avvio v8.3.0 by @ mcollina in #5309
  • fix(types): Request route options url add undefined by @ rozzilla in #5307
  • chore: add docs for tracing warnings by @ jsumners in #5310

  New Contributors

  • @ mscottnelson made their first contribution in #5299

  Full Changelog: v4.26.0...v4.26.1

• 4.26.0 - 2024-01-29
  Read more
• 4.25.2 - 2023-12-24
  

  What's Changed

  • fix: npm run test:watch by @ domdomegg in #5221
  • fix: always consume stream payloads when responding to 204 with no body by @ mcollina in #5231
  • docs: update setErrorHandler to explain not found behaviour by @ domdomegg in #5218

  New Contributors

  • @ domdomegg made their first contribution in #5221

  Full Changelog: v4.25.1...v4.25.2

• 4.25.1 - 2023-12-15
  

  What's Changed

  • fix: route constraints by @ climba03003 in #5207
  • fix: Better plugin name detection for FSTWRN002 by @ mcollina in #5209
  • chore: at-large project by @ Eomm in #5211

  Full Changelog: v4.25.0...v4.25.1

• 4.25.0 - 2023-12-13
  Read more
• 4.24.3 - 2023-10-19
  

  What's Changed

  • fix: timeout on citgm tests by @ simone-sanfratello in #5101
  • chore: add missing use strict directives by @ Fdawgs in #5106

  Full Changelog: v4.24.2...v4.24.3

• 4.24.2 - 2023-10-15
  

  What's Changed

  • fix: build problems when Symbol.asyncDispose type is not available. by @ arthurfiorette in #5096

  Full Changelog: v4.24.1...v4.24.2

from fastify GitHub release notes

Commit messages

Package name: fastify

• ffbc92c Bumped v4.26.1
• 3a646b8 Add docs for tracing warnings (#5310)
• 2f4f5f5 fix(types): Request route options url add undefined (#5307)
• f26de5d fix: amend error codes for latest avvio v8.3.0 (#5309)
• 42cf27c chore(.gitignore): add .tap/ dir (#5303)
• eb4ae3c chore: Bump actions/dependency-review-action from 3 to 4 (#5301)
• 37b9b3d chore: Bump lycheeverse/lychee-action from 1.8.0 to 1.9.3 (#5300)
• 5fe74e5 fix misattributed property parent in deprecation warning: request.elapsedTime -> reply.elapsedTime (#5299)
• 9c03896 docs(ecosystem): adds fastify-hana to the community plugins list (#5289)
• e10ae40 Bumped v4.26.0
• 1211962 chore: sync generated code (#5295)
• 101ba57 feat: Web Stream API (#5286)
• bdd647d docs: repoint readers to shared `.github` files (#5268)
• 62f564d docs: add ESM usage example in Getting Started (#5294)
• d214201 docs(ecosystem): adds fastify-sqlite-typed to the community plugins list (#5288)
• 4415c2f chore: add github sponsor (#5293)
• e68e849 docs: Fix Pino docs link (#5284)
• ac26d7b docs(ecosystem): remove unspported package (#5278)
• cf6a87b docs: re-word clarification about `setErrorHandler()` (#5269)
• 79042e6 fix: ensure `onListen` hooks are called when they should be (#5273)
• 7dc69db feat: expose method for setGenReqId on FastifyInstance (#5259)
• 305c89d chore: remove `www.` from `fastify.dev` urls (#5270)
• 9c47812 refactor: deprecate `Reply#getResponseTime()` in favour of `Reply#elapsedTime` (#5263)
• eca6312 chore(docs): Add clarification about `fastify.setErrorHandler()` (#5265)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs