[Snyk] Security upgrade fastify from 3.15.1 to 3.29.4

[nazarhussain]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • packages/beacon-node/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	496/1000 Why? Recently disclosed, Has a fix available, CVSS 4.2	Cross-site Request Forgery (CSRF) SNYK-JS-FASTIFY-3136527	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: fastify

The new version differs by 250 commits.

• 6053031 Bumped v3.29.4
• cdba37d Merge pull request from GHSA-3fjj-p79j-c9hh
• 5df7665 Bumped v3.29.3
• 9a55126 Merge pull request from GHSA-455w-c45v-86rg
• 596c8c3 Bumped v3.29.2
• c59d923 Merge branch '3.x' of github.com:fastify/fastify into 3.x
• 76c38d2 fix: backport reused connection fix (v0.39.0 #4217)
• a90a4c5 Bumped v3.29.1
• 5a79181 Bumped v3.29.1
• 743bc28 Handle aborted requests (Remove SSZ from params #3651) (Bump protobufjs from 6.11.2 to 6.11.3 #4103)
• 68a290d Child log level in bindings is deprecated (beacon.getBlockV2 in the new sszv2 can't seem to parse the response correctly #3896)
• e94cd92 docs: reference new `@ fastify/*` modules (Return peer count #3860)
• 8a2b226 Bumped v3.29.0
• 409952b Update fastify-error dependency (Cleanup test nodes on success and error #3859)
• 8e06ace Bumped v3.28.0
• de459d4 (v3.x) feat: reply trailers support (PeerManager dials same peer multiple times in a row #3807)
• e7d7e59 (v3.x) fix: handle invalid url (Minor range sync tweaks #3806)
• 9738edc add generic logger to route handler & FastifyRequest (Implement support for validator next-epoch proposer duties #3782)
• f00f2a2 (v3.x) Allow custom Context Config types for hooks' `request` properties (rename random to prevRandao as per the kiln v2 specs #3787)
• f66d2a8 Bumped v3.27.4
• 933502d Fixed Node.js v18/master support (Bump SSZ to v0.9.0 #3760) (DIsable libp2p nat #3761)
• 427fac4 Bumped v3.27.3
• 7dc025c Drop @ typescript-eslint/no-misused-promises (Cleanup amphora merge testnet scripts/configs #3741) (Fix getCanonicalBlockSummaryAtSlot at future slot #3757)
• 9ed25c5 Bumped v3.27.2

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Request Forgery (CSRF)

[CLAassistant]

All committers have signed the CLA.

[wemeetagain]

@nazarhussain can you disable snyk until it can be configured to also update yarn.lock file?

[wemeetagain]

superseded by #4793