Skip to content
This repository was archived by the owner on Jun 4, 2025. It is now read-only.

Bump fastify from 4.28.1 to 5.3.3 #874

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump fastify from 4.28.1 to 5.3.3 #874

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 13, 2025

Bumps fastify from 4.28.1 to 5.3.3.

Release notes

Sourced from fastify's releases.

v5.3.3

What's Changed

New Contributors

Full Changelog: fastify/fastify@v5.3.2...v5.3.3

v5.3.2

⚠️ Security Release ⚠️

Unfortunately, v5.3.1 did not include a complete fix for "Invalid content-type parsing could lead to validation bypass" and CVE-2025-32442. This is a follow-up patch to cover an edge case.

What's Changed

... (truncated)

Commits
  • 220b532 Bumped v5.3.3
  • 8537e82 ci: add support to test release candidates (#6103)
  • 0c18914 test: updated promises.test.js re-added the plan() method (#6057)
  • 2635e25 test: mv reply from tap (#6089)
  • 51933de test: replace removed request properties and update docs (#6111)
  • 8ddd4fa fix: internal function _addHook failure should be turned into the rejection t...
  • 850ebf6 docs(ecosystem): remove fastify-diagnostics-channel (#6117)
  • 59f21ed docs: add a warning about setErrorHandler overriding a previously defined e...
  • 8318d01 ci: ignore scripts (#6108)
  • 66db429 test: mv hooks.on-listen from tap (#6086)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump fastify from 4.28.1 to 5.3.3
78b953a 
Bumps [fastify](https://github.com/fastify/fastify) from 4.28.1 to 5.3.3.
- [Release notes](https://github.com/fastify/fastify/releases)
- [Commits](fastify/fastify@v4.28.1...v5.3.3)

---
updated-dependencies:
- dependency-name: fastify
  dependency-version: 5.3.3
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file ignore-for-release Exclude from Release Notes. labels May 13, 2025
@dependabot dependabot bot mentioned this pull request May 13, 2025
Closed
@coderabbitai coderabbitai
Copy link

coderabbitai bot commented May 13, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Join our Discord community for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
@apps/backend dependencies Pull requests that update a dependency file ignore-for-release Exclude from Release Notes.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants