Skip to content

v2.3.0
Compare
Choose a tag to compare
@mcollina mcollina released this 21 Apr 22:10
· 332 commits to main since this release
v2.3.0
30843bc
This commit was signed with the committer’s verified signature.
mcollina Matteo Collina
GPG key ID: 818674489FBC127E
Learn about vigilant mode.

⚠️ Security Release ⚠️

This release fixes two security vulnerabilities:

  • (CVE-2023-29020) - the CSRF protection enforced by the @fastify/csrf-protection library, when combined with @fastify/passport, can be bypassed by network and same-site attackers. More details at GHSA-2ccf-ffrj-m4qw.
  • (CVE-2023-29019) - Applications using @fastify/passport for user authentication, in combination with @fastify/session as the underlying session management mechanism, are vulnerable to session fixation attacks from network and same-site attackers.. More details at GHSA-4m3m-ppvx-xgw9.

What's Changed

  • chore(deps-dev): bump @typescript-eslint/parser from 5.31.0 to 5.32.0 by @dependabot in #631
  • chore(deps-dev): bump openid-client from 5.1.6 to 5.1.8 by @dependabot in #632
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.31.0 to 5.32.0 by @dependabot in #633
  • chore(deps-dev): bump @types/node from 18.6.3 to 18.6.4 by @dependabot in #634
  • chore(deps): bump fastify-plugin from 4.0.0 to 4.1.0 by @dependabot in #635
  • chore(deps-dev): bump @types/passport from 1.0.9 to 1.0.10 by @dependabot in #639
  • chore(deps-dev): bump @typescript-eslint/parser from 5.32.0 to 5.33.0 by @dependabot in #636
  • chore(deps-dev): bump @types/semver from 7.3.10 to 7.3.12 by @dependabot in #641
  • chore(deps-dev): bump eslint from 8.21.0 to 8.22.0 by @dependabot in #642
  • chore(deps): bump fastify-plugin from 4.1.0 to 4.2.0 by @dependabot in #643
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.32.0 to 5.33.0 by @dependabot in #644
  • chore(deps-dev): bump fastify from 4.3.0 to 4.4.0 by @dependabot in #640
  • chore(deps-dev): bump @fastify/cookie from 7.3.1 to 7.4.0 by @dependabot in #638
  • chore(deps-dev): bump @types/node from 18.6.4 to 18.7.3 by @dependabot in #637
  • activate linting in ci workflow, fix CI Button link in readme by @Uzlopak in #648
  • use FastifyPluginAsync instead of FastifyPlugin by @Uzlopak in #647
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.33.0 to 5.33.1 by @dependabot in #649
  • chore(deps-dev): bump @types/node from 18.7.3 to 18.7.9 by @dependabot in #651
  • chore(deps-dev): bump @typescript-eslint/parser from 5.33.0 to 5.33.1 by @dependabot in #653
  • chore(deps-dev): bump @fastify/cookie from 7.4.0 to 8.0.0 by @dependabot in #650
  • chore(deps-dev): bump fastify from 4.4.0 to 4.5.2 by @dependabot in #652
  • chore(deps): bump fastify-plugin from 4.2.0 to 4.2.1 by @dependabot in #654
  • chore(deps-dev): bump openid-client from 5.1.8 to 5.1.9 by @dependabot in #655
  • chore(deps-dev): bump @typescript-eslint/parser from 5.33.1 to 5.35.1 by @dependabot in #658
  • chore(deps-dev): bump @types/node from 18.7.9 to 18.7.13 by @dependabot in #659
  • chore(deps-dev): bump eslint from 8.22.0 to 8.23.0 by @dependabot in #660
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.33.1 to 5.35.1 by @dependabot in #661
  • chore(deps-dev): bump fastify from 4.5.2 to 4.5.3 by @dependabot in #656
  • chore(deps-dev): bump typescript from 4.7.4 to 4.8.2 by @dependabot in #657
  • fix authorize typings by @Uzlopak in #662
  • chore(deps-dev): bump @types/node from 18.7.13 to 18.7.15 by @dependabot in #663
  • chore(deps-dev): bump @typescript-eslint/parser from 5.35.1 to 5.36.1 by @dependabot in #664
  • chore(deps-dev): bump @fastify/cookie from 8.0.0 to 8.1.0 by @dependabot in #665
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.35.1 to 5.36.1 by @dependabot in #666
  • chore(deps-dev): bump @types/node from 18.7.15 to 18.7.16 by @dependabot in #667
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.36.1 to 5.36.2 by @dependabot in #669
  • chore(deps): bump @fastify/flash from 5.0.0 to 5.1.0 by @dependabot in #670
  • chore(deps-dev): bump @fastify/session from 9.0.0 to 10.0.0 by @dependabot in #671
  • chore(deps-dev): bump typescript from 4.8.2 to 4.8.3 by @dependabot in #672
  • chore(deps-dev): bump @typescript-eslint/parser from 5.36.1 to 5.36.2 by @dependabot in #668
  • chore(deps): bump jose from 4.8.1 to 4.9.3 by @dependabot in #673
  • chore(deps-dev): bump @typescript-eslint/parser from 5.36.2 to 5.37.0 by @dependabot in #674
  • chore(deps-dev): bump tsd from 0.23.0 to 0.24.1 by @dependabot in #677
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.36.2 to 5.37.0 by @dependabot in #676
  • chore(deps-dev): bump @types/passport from 1.0.10 to 1.0.11 by @dependabot in #680
  • chore(deps-dev): bump @types/node from 18.7.16 to 18.7.18 by @dependabot in #679
  • chore(deps-dev): bump eslint from 8.23.0 to 8.23.1 by @dependabot in #675
  • chore(deps-dev): bump fastify from 4.5.3 to 4.6.0 by @dependabot in #678
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.37.0 to 5.38.0 by @dependabot in #681
  • chore(deps-dev): bump @types/node from 18.7.18 to 18.7.21 by @dependabot in #683
  • chore(deps-dev): bump eslint from 8.23.1 to 8.24.0 by @dependabot in #684
  • chore(deps-dev): bump @fastify/cookie from 8.1.0 to 8.3.0 by @dependabot in #685
  • chore(deps-dev): bump @typescript-eslint/parser from 5.37.0 to 5.38.0 by @dependabot in #682
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.38.0 to 5.38.1 by @dependabot in #688
  • chore(deps-dev): bump @types/node from 18.7.21 to 18.8.0 by @dependabot in #689
  • chore(deps-dev): bump @typescript-eslint/parser from 5.38.0 to 5.38.1 by @dependabot in #690
  • chore(deps-dev): bump typescript from 4.8.3 to 4.8.4 by @dependabot in #691
  • chore(deps-dev): bump openid-client from 5.1.9 to 5.1.10 by @dependabot in #692
  • chore(deps-dev): bump fastify from 4.6.0 to 4.7.0 by @dependabot in #687
  • chore(deps-dev): bump semver from 7.3.7 to 7.3.8 by @dependabot in #693
  • chore(deps-dev): bump eslint from 8.24.0 to 8.25.0 by @dependabot in #695
  • chore(deps-dev): bump @typescript-eslint/parser from 5.38.1 to 5.39.0 by @dependabot in #694
  • chore(deps-dev): bump @types/node from 18.8.0 to 18.8.3 by @dependabot in #696
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.38.1 to 5.39.0 by @dependabot in #697
  • chore(deps-dev): bump fastify from 4.7.0 to 4.8.1 by @dependabot in #698
  • chore(deps-dev): bump @fastify/session from 10.0.0 to 10.0.1 by @dependabot in #700
  • chore(deps-dev): bump @types/node from 18.8.3 to 18.11.0 by @dependabot in #699
  • chore(deps-dev): bump @typescript-eslint/parser from 5.39.0 to 5.40.0 by @dependabot in #701
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.39.0 to 5.40.0 by @dependabot in #702
  • chore(deps): bump fastify-plugin from 4.2.1 to 4.3.0 by @dependabot in #703
  • chore(deps-dev): bump @fastify/session from 10.0.1 to 10.0.2 by @dependabot in #706
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.40.0 to 5.40.1 by @dependabot in #704
  • chore(deps-dev): bump openid-client from 5.1.10 to 5.2.1 by @dependabot in #708
  • chore(deps-dev): bump @typescript-eslint/parser from 5.40.0 to 5.40.1 by @dependabot in #710
  • chore(deps-dev): bump eslint from 8.25.0 to 8.26.0 by @dependabot in #707
  • chore(deps-dev): bump fastify from 4.8.1 to 4.9.2 by @dependabot in #709
  • chore(deps-dev): bump @types/node from 18.11.0 to 18.11.4 by @dependabot in #705
  • chore(deps-dev): bump @typescript-eslint/parser from 5.40.1 to 5.41.0 by @dependabot in #711
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.40.1 to 5.41.0 by @dependabot in #713
  • chore(deps-dev): bump @types/semver from 7.3.12 to 7.3.13 by @dependabot in #714
  • chore(deps-dev): bump @types/node from 18.11.4 to 18.11.9 by @dependabot in #715
  • chore(deps-dev): bump @typescript-eslint/parser from 5.41.0 to 5.42.0 by @dependabot in #716
  • chore(deps-dev): bump eslint from 8.26.0 to 8.27.0 by @dependabot in #718
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.41.0 to 5.42.0 by @dependabot in #717
  • chore(deps-dev): bump openid-client from 5.2.1 to 5.3.0 by @dependabot in #719
  • chore(deps-dev): bump @typescript-eslint/parser from 5.42.0 to 5.42.1 by @dependabot in #720
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.42.0 to 5.42.1 by @dependabot in #721
  • Update README.md spelling error by @cloudsriseup in #723
  • Update Authenticator.ts spelling errors by @cloudsriseup in #722
  • chore(deps-dev): bump eslint from 8.27.0 to 8.28.0 by @dependabot in #725
  • chore(deps-dev): bump @typescript-eslint/parser from 5.42.1 to 5.43.0 by @dependabot in #728
  • chore(deps-dev): bump typescript from 4.8.4 to 4.9.3 by @dependabot in #727
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.42.1 to 5.43.0 by @dependabot in #726
  • chore(deps-dev): bump fastify from 4.9.2 to 4.10.0 by @dependabot in #724
  • chore(deps-dev): bump fastify from 4.10.0 to 4.10.2 by @dependabot in #729
  • chore(deps-dev): bump @typescript-eslint/parser from 5.43.0 to 5.44.0 by @dependabot in #730
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.43.0 to 5.44.0 by @dependabot in #731
  • chore(deps-dev): bump prettier from 2.7.1 to 2.8.0 by @dependabot in #732
  • chore(deps-dev): bump eslint from 8.28.0 to 8.29.0 by @dependabot in #733
  • chore(deps): bump fastify-plugin from 4.3.0 to 4.4.0 by @dependabot in #735
  • chore(deps-dev): bump openid-client from 5.3.0 to 5.3.1 by @dependabot in #736
  • chore(deps-dev): bump @types/node from 18.11.9 to 18.11.10 by @dependabot in #738
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.44.0 to 5.45.0 by @dependabot in #740
  • chore(deps-dev): bump @typescript-eslint/parser from 5.44.0 to 5.45.0 by @dependabot in #739
  • chore(deps-dev): bump tsd from 0.24.1 to 0.25.0 by @dependabot in #734
  • chore(deps-dev): bump @fastify/session from 10.0.2 to 10.1.0 by @dependabot in #737
  • chore(deps-dev): bump @typescript-eslint/parser from 5.45.0 to 5.46.0 by @dependabot in #744
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.45.0 to 5.46.0 by @dependabot in #745
  • chore(deps-dev): bump prettier from 2.8.0 to 2.8.1 by @dependabot in #746
  • chore(deps-dev): bump typescript from 4.9.3 to 4.9.4 by @dependabot in #747
  • chore(deps-dev): bump @types/node from 18.11.10 to 18.11.13 by @dependabot in #743
  • chore(deps-dev): bump @fastify/secure-session from 5.2.0 to 5.3.0 by @dependabot in #742
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.46.0 to 5.46.1 by @dependabot in #748
  • chore(deps-dev): bump @types/node from 18.11.13 to 18.11.17 by @dependabot in #750
  • chore(deps-dev): bump eslint from 8.29.0 to 8.30.0 by @dependabot in #751
  • chore(deps-dev): bump @typescript-eslint/parser from 5.46.0 to 5.46.1 by @dependabot in #749
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.46.1 to 5.47.0 by @dependabot in #752
  • chore(deps-dev): bump @typescript-eslint/parser from 5.46.1 to 5.47.0 by @dependabot in #753
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.47.0 to 5.47.1 by @dependabot in #756
  • chore(deps-dev): bump @typescript-eslint/parser from 5.47.0 to 5.47.1 by @dependabot in #755
  • chore(deps-dev): bump eslint from 8.30.0 to 8.31.0 by @dependabot in #757
  • chore(deps-dev): bump @fastify/session from 10.1.0 to 10.1.1 by @dependabot in #758
  • chore(deps-dev): bump @types/node from 18.11.17 to 18.11.18 by @dependabot in #759
  • chore(deps): bump json5 from 2.1.3 to 2.2.3 by @dependabot in #760
  • chore(deps-dev): bump fastify from 4.10.2 to 4.11.0 by @dependabot in #754
  • chore(.gitignore): add clinic by @Fdawgs in #761
  • chore(deps-dev): bump eslint-config-prettier from 8.5.0 to 8.6.0 by @dependabot in #762
  • chore(deps-dev): bump @typescript-eslint/parser from 5.47.1 to 5.48.0 by @dependabot in #763
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.47.1 to 5.48.0 by @dependabot in #764
  • chore(deps-dev): bump prettier from 2.8.1 to 2.8.2 by @dependabot in #765
  • chore(deps-dev): bump prettier from 2.8.2 to 2.8.3 by @dependabot in #766
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.48.0 to 5.48.1 by @dependabot in #767
  • chore(deps-dev): bump @typescript-eslint/parser from 5.48.0 to 5.48.1 by @dependabot in #768
  • chore(deps): bump fastify-plugin from 4.4.0 to 4.5.0 by @dependabot in #769
  • chore(deps-dev): bump rimraf from 3.0.2 to 4.0.7 by @dependabot in #770
  • chore(deps-dev): bump eslint from 8.31.0 to 8.32.0 by @dependabot in #771
  • chore(deps-dev): bump @fastify/secure-session from 5.3.0 to 6.0.0 by @dependabot in #772
  • chore(deps-dev): bump openid-client from 5.3.1 to 5.3.2 by @dependabot in #773
  • chore(deps-dev): bump rimraf from 4.0.7 to 4.1.1 by @dependabot in #777
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.48.1 to 5.48.2 by @dependabot in #776
  • chore(deps-dev): bump @typescript-eslint/parser from 5.48.1 to 5.48.2 by @dependabot in #774
  • chore(deps-dev): bump fastify from 4.11.0 to 4.12.0 by @dependabot in #775
  • chore(deps-dev): bump rimraf from 4.1.1 to 4.1.2 by @dependabot in #779
  • chore(deps-dev): bump eslint from 8.32.0 to 8.33.0 by @dependabot in #778
  • chore(deps-dev): bump @typescript-eslint/parser from 5.48.2 to 5.49.0 by @dependabot in #780
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.48.2 to 5.49.0 by @dependabot in #781
  • chore(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 by @dependabot in #782
  • chore(deps-dev): bump @typescript-eslint/parser from 5.49.0 to 5.50.0 by @dependabot in #783
  • chore(deps-dev): bump openid-client from 5.3.2 to 5.4.0 by @dependabot in #784
  • chore(deps-dev): bump @types/node from 18.11.18 to 18.11.19 by @dependabot in #785
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.49.0 to 5.50.0 by @dependabot in #787
  • chore(deps-dev): bump typescript from 4.9.4 to 4.9.5 by @dependabot in #786
  • chore(deps-dev): bump @types/node from 18.11.19 to 18.13.0 by @dependabot in #788
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.50.0 to 5.51.0 by @dependabot in #789
  • chore(deps-dev): bump prettier from 2.8.3 to 2.8.4 by @dependabot in #791
  • chore(deps-dev): bump eslint from 8.33.0 to 8.34.0 by @dependabot in #792
  • chore(deps-dev): bump @typescript-eslint/parser from 5.50.0 to 5.51.0 by @dependabot in #790
  • chore(deps-dev): bump fastify from 4.12.0 to 4.13.0 by @dependabot in #793
  • chore(deps-dev): bump @types/node from 18.13.0 to 18.14.0 by @dependabot in #794
  • chore(deps-dev): bump @typescript-eslint/parser from 5.51.0 to 5.52.0 by @dependabot in #796
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.51.0 to 5.52.0 by @dependabot in #797
  • chore(deps-dev): bump @types/passport from 1.0.11 to 1.0.12 by @dependabot in #795
  • chore(deps-dev): bump @types/node from 18.14.0 to 18.14.2 by @dependabot in #798
  • chore(deps-dev): bump eslint from 8.34.0 to 8.35.0 by @dependabot in #799
  • chore(deps-dev): bump @typescript-eslint/parser from 5.52.0 to 5.53.0 by @dependabot in #800
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.52.0 to 5.53.0 by @dependabot in #801
  • chore(.gitignore): add bun lockfile by @Fdawgs in #802
  • chore(deps-dev): bump rimraf from 4.1.2 to 4.3.0 by @dependabot in #803
  • chore(deps-dev): bump @typescript-eslint/parser from 5.53.0 to 5.54.0 by @dependabot in #806
  • chore(deps-dev): bump tsd from 0.25.0 to 0.26.0 by @dependabot in #805
  • chore(deps-dev): bump @types/node from 18.14.2 to 18.14.6 by @dependabot in #808
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.53.0 to 5.54.0 by @dependabot in #804
  • chore(deps-dev): bump fastify from 4.13.0 to 4.14.1 by @dependabot in #809
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.54.0 to 5.54.1 by @dependabot in #810
  • chore(deps-dev): bump @typescript-eslint/parser from 5.54.0 to 5.54.1 by @dependabot in #811
  • chore(deps-dev): bump @types/node from 18.14.6 to 18.15.1 by @dependabot in #813
  • chore(deps-dev): bump tsd from 0.26.0 to 0.27.0 by @dependabot in #815
  • chore(deps-dev): bump eslint from 8.35.0 to 8.36.0 by @dependabot in #814
  • chore(deps-dev): bump rimraf from 4.3.0 to 4.4.0 by @dependabot in #812
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.54.1 to 5.55.0 by @dependabot in #816
  • chore(deps-dev): bump tsd from 0.27.0 to 0.28.0 by @dependabot in #818
  • chore(deps-dev): bump @types/node from 18.15.1 to 18.15.3 by @dependabot in #819
  • chore(deps-dev): bump set-cookie-parser from 2.5.1 to 2.6.0 by @dependabot in #820
  • chore(deps-dev): bump @typescript-eslint/parser from 5.54.1 to 5.55.0 by @dependabot in #817
  • chore(deps-dev): bump eslint-config-prettier from 8.7.0 to 8.8.0 by @dependabot in #822
  • chore(deps-dev): bump rimraf from 4.4.0 to 4.4.1 by @dependabot in #823
  • chore(deps-dev): bump @types/node from 18.15.3 to 18.15.10 by @dependabot in #825
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.55.0 to 5.56.0 by @dependabot in #826
  • chore(deps-dev): bump @typescript-eslint/parser from 5.55.0 to 5.56.0 by @dependabot in #824
  • chore(deps-dev): bump prettier from 2.8.4 to 2.8.7 by @dependabot in #827
  • chore(deps-dev): bump fastify from 4.14.1 to 4.15.0 by @dependabot in #828
  • chore(deps-dev): bump @fastify/session from 10.1.1 to 10.2.0 by @dependabot in #829
  • chore(deps-dev): bump @typescript-eslint/parser from 5.56.0 to 5.57.0 by @dependabot in #832
  • chore(deps-dev): bump @types/node from 18.15.10 to 18.15.11 by @dependabot in #834
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.56.0 to 5.57.0 by @dependabot in #833
  • chore(deps-dev): bump eslint from 8.36.0 to 8.37.0 by @dependabot in #831
  • chore(deps-dev): bump tsd from 0.28.0 to 0.28.1 by @dependabot in #830
  • chore(deps-dev): bump rimraf from 4.4.1 to 5.0.0 by @dependabot in #835
  • chore(deps-dev): bump @typescript-eslint/parser from 5.57.0 to 5.57.1 by @dependabot in #837
  • chore(deps-dev): bump eslint from 8.37.0 to 8.38.0 by @dependabot in #838
  • chore(deps-dev): bump @fastify/session from 10.2.0 to 10.2.1 by @dependabot in #839
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.57.0 to 5.57.1 by @dependabot in #840
  • chore(deps-dev): bump @typescript-eslint/parser from 5.57.1 to 5.58.0 by @dependabot in #841
  • chore(deps-dev): bump @typescript-eslint/eslint-plugin from 5.57.1 to 5.58.0 by @dependabot in #843
  • chore(deps-dev): bump semver from 7.3.8 to 7.4.0 by @dependabot in #842

New Contributors

  • @cloudsriseup made their first contribution in #723

Full Changelog: v2.2.0...v2.3.0

Contributors

Uzlopak, w8mej, and 2 other contributors
Assets 2
Loading