[Snyk] Upgrade fastify from 4.9.2 to 5.0.0

[WontonSam]

Snyk has created this PR to upgrade fastify from 4.9.2 to 5.0.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 44 versions ahead of your current version.

• The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	386	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-COOKIE-8163060	386	No Known Exploit
	Cross-site Request Forgery (CSRF) SNYK-JS-FASTIFY-3136527	386	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-FINDMYWAY-8055229	386	No Known Exploit

Release notes

Package name: fastify

• 5.0.0 - 2024-09-17
  

  What's Changed

  • add missing route shorthands by @ Uzlopak in #4409
  • lib: drop setDefaultRoute and getDefaultRoute methods by @ RafaelGSS in #4485
  • Sync next-branch by @ github-actions in #4815
  • Next: Disallow decorate('name', null) in the types by @ voxpelli in #4878
  • feat!: Add req.hostname and req.port by @ aarontravass in #4766
  • Change request id header default value to false by @ philippviereck in #4194
  • Remove deprecated variadic listen by @ jsumners in #4900
  • Sync next-branch by @ github-actions in #4894
  • fix: requestIdHeader docs by @ philippviereck in #4916
  • Sync next-branch by @ github-actions in #4930
  • Sync next-branch by @ github-actions in #4941
  • types: Remove variadic listen types by @ Uzlopak in #4966
  • fix: remove http version check by @ beyazit in #4962
  • feat: new logger api by @ aarontravass in #5020
  • fix(plugins): mixing async and callback style now returns an error by @ giuliowaitforitdavide in #5141
  • feat: align fastify.hasRoute to fmw.hasRoute by @ dancastillo in #5102
  • feat: set useSemicolonDefault default option to false by @ dancastillo in #5320
  • feat: make contentTypeParser's existingParser check more strict by @ gurgunday in #5329
  • feat: loosen content-type checking by @ climba03003 in #4450
  • feat: rework contentTypeParser methods by @ gurgunday in #5372
  • perf: limit search space for contentType by @ gurgunday in #5400
  • perf: update method matching by @ gurgunday in #5419
  • chore: updated dependencies to latest versions by @ puskin94 in #5422
  • chore: merge next into main for v5 release by @ jsumners in #5446
  • docs(ref/typescript): support Docusaurus v3 by @ james-kaguru in #5450
  • chore: remove unused dependency and fix ci by @ gurgunday in #5454
  • feat: (types) add shorthand types for MKCALENDAR and REPORT by @ gurgunday in #5455
  • fix: ci labeler by @ Eomm in #5463
  • docs(guides/database): correct typo by @ monish001 in #5461
  • test: add tests for error handling by @ domdomegg in #5451
  • docs(reference/routes): fix example on constraints by @ Cadienvan in #5468
  • perf: Optimize resolving X-Forwarded-For addresses by @ dmkng in #5458
  • fix: config type in RouteShorthandOptions by @ BrianValente in #5355
  • feat: request and reply decorators can not be a reference type by @ Eomm in #5462
  • docs: update indentation on type providers section by @ Tony133 in #5474
  • feat: log all available addresses if listening host is 0.0.0.0 by @ mcollina in #5476
  • chore: remove node 18 from CI by @ gurgunday in #5481
  • feat: writeEarlyHints by @ gurgunday in #5480
  • docs: update indentation and code snippet in the routes section by @ Tony133 in #5482
  • refactor: change reply.redirect() signature by @ gurgunday in #5483
  • docs: update indentation and code snippet in the type providers section by @ Tony133 in #5485
  • feat: emit diagnostics_channel events upon routing request by @ tlhunter in #5252
  • chore: Bump pnpm/action-setup from 3 to 4 by @ dependabot in #5492
  • chore: remove unnecessary eslint override by @ Cangit in #5493
  • docs(ecosystem): Add fastify-kysely plugin by @ alenap93 in #5475
  • chore: update tap@19 by @ climba03003 in #5471
  • chore: Remove reply.getReponseTime() in #5490
  • chore: remove unused test by @ Cangit in #5496
  • chore: readyListener can be async on server.ready() by @ remidewitte in #5501
  • chore: test deprecation cleanup by @ Cangit in #5510
  • chore: Migrate to neostandard by @ mcollina in #5509
  • fix: hasRoute method comparison with case insensitive by @ SMNBLMRR in #5508
  • feat(types): Introduce SafePromiseLike by @ rozzilla in #5506
  • fix: Type inferrence with auxilliary hook handlers by @ aadito123 in #5517
  • docs: addContentTypeParser with fastify.register by @ moradebianchetti81 in #5499
  • docs: remove navigation for empty content by @ liuhanqu in #5521
  • fix: server.listen listener is not cleanup properly by @ climba03003 in #5522
  • feat: type definitions and documentation for separated type provider. by @ Bram-dc in #5427
  • chore: support pre and alpha tags by @ jsumners in #5528
  • chore: Bump the dependencies-major group with 2 updates by @ dependabot in #5530
  • chore: Bump neostandard from 0.7.2 to 0.8.0 in the dev-dependencies group by @ dependabot in #5531
  • fix(v5): update .npmignore by @ Eomm in #5537
  • test: fix test finished earlier than expected by @ climba03003 in #5540
  • chore: rm < node19 support from secondaryServer.close() by @ Cangit in #5542
  • chore(sponsor): add valtown by @ Eomm in #5543
  • chore: Bump the dev-dependencies group with 2 updates by @ dependabot in #5546
  • docs: use http2 directive in nginx config by @ LiviaMedeiros in #5548
  • chore: Bump neostandard from 0.10.0 to 0.11.0 in the dev-dependencies group by @ dependabot in #5554
  • chore: fix lint by @ climba03003 in #5558
  • ci: remove automerge from ci alternative runtimes by @ climba03003 in #5557
  • feat: support different body schema per content type by @ nflaig in #5545
  • chore: remove dc-polyfill by @ Cangit in #5560
  • fix: res serializer not given reply (#5556) by @ mch-dsk in #5561
  • chore: Bump process-warning from 3.0.0 to 4.0.0 in the dependencies-major group by @ dependabot in #5568
  • chore: Bump the dev-dependencies group with 2 updates by @ dependabot in #5569
  • chore: allow ! in PR title by @ climba03003 in #5571
  • docs: add @ pybot/fastify-autoload to comm plugins by @ kunal097 in #5579
  • feat: customize http methods by @ Eomm in #5567
  • refactor(typescript): re-order FastifyReply generic parameters by @ climba03003 in #5570
  • docs: Adding crudify-mongo plugin to community list by @ aaroncadillac in #5581
  • docs(reference/typescript): remove type provider from typebox example by @ jscheffner in #5576
  • refactor!: remove json shorthand by @ climba03003 in #5586
  • chore: remove deprecation 005 by @ jsumners in #5589
  • fix: nullish host by @ sourcecodeit in #5590
  • chore(sponsor): add handsontable by @ Eomm in #5592
  • fix: removed warning listener from tests by @ sourcecodeit in #5598
  • fix: test suite import.js emitting errors by @ dancastillo in #5599
  • chore: Bump @ types/node from 20.14.13 to 22.0.0 in the dev-dependencies group by @ dependabot in #5600
  • docs(reply): standardize import style in examples by @ Tony133 in #5580
  • docs(typescript): update example fastify version by @ Fdawgs in #5602
  • refactor: remove FSTDEP007 by @ climba03003 in #5604
  • refactor: remove FSTDEP008 and FSTDEP009 by @ climba03003 in #5609
  • refactor: remove FSTDEP010 by @ climba03003 in #5611
  • refactor: remove FSTDEP021 by @ gurgunday in #5613
  • refactor: use Object.hasOwn by @ gurgunday in #5614
  • refactor: remove FSTDEP012, FSTDEP015, FSTDEP016, FSTDEP017, FSTDEP018, FSTDEP019 by @ climba03003 in #5616
  • refactor: remove FSTDEP013 by @ climba03003 in #5618
  • fix: throwing "FST_ERR_DUPLICATED_ROUTE" error instead of raw error by @ Rantoledo in #5621
  • chore: Bump @ sinclair/typebox from 0.32.35 to 0.33.4 in the dev-dependencies group by @ dependabot in

[google-cla]

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud