search

oapi-codegen / fiber-middleware

Apache License 2.0
4 stars 1 forks source link

fix(deps): update module github.com/gofiber/fiber/v2 to v2.52.4 #5

Closed renovate[bot] closed 5 months ago

renovate[bot] commented 1 year ago

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
github.com/gofiber/fiber/v2 v2.49.1 -> v2.52.4 age adoption passing confidence

Release Notes

gofiber/fiber (github.com/gofiber/fiber/v2) ### [`v2.52.4`](https://togithub.com/gofiber/fiber/releases/tag/v2.52.4) [Compare Source](https://togithub.com/gofiber/fiber/compare/v2.52.3...v2.52.4) ### ๐Ÿ› Fixes - Middleware/cors: CORS handling by [@​sixcolors](https://togithub.com/sixcolors) in [https://github.com/gofiber/fiber/pull/2937](https://togithub.com/gofiber/fiber/pull/2937) - Middleware/cors: Vary header handling non-cors OPTIONS requests by [@​sixcolors](https://togithub.com/sixcolors) in [https://github.com/gofiber/fiber/pull/2939](https://togithub.com/gofiber/fiber/pull/2939) **Full Changelog**: https://github.com/gofiber/fiber/compare/v2.52.3...v2.52.4 ### [`v2.52.3`](https://togithub.com/gofiber/fiber/releases/tag/v2.52.3) [Compare Source](https://togithub.com/gofiber/fiber/compare/v2.52.2...v2.52.3) #### ๐Ÿ› Fixes - Middleware/cors: Handling and wildcard subdomain matching by [@​sixcolors](https://togithub.com/sixcolors) in [https://github.com/gofiber/fiber/pull/2915](https://togithub.com/gofiber/fiber/pull/2915) - Middleware/cors: Categorize requests correctly by [@​sixcolors](https://togithub.com/sixcolors) in [https://github.com/gofiber/fiber/pull/2921](https://togithub.com/gofiber/fiber/pull/2921) - Middleware/csrf: Fix Benchmark Tests by [@​sixcolors](https://togithub.com/sixcolors) in [https://github.com/gofiber/fiber/pull/2932](https://togithub.com/gofiber/fiber/pull/2932) **Full Changelog**: https://github.com/gofiber/fiber/compare/v2.52.2...v2.52.3 ### [`v2.52.2`](https://togithub.com/gofiber/fiber/releases/tag/v2.52.2) [Compare Source](https://togithub.com/gofiber/fiber/compare/v2.52.1...v2.52.2) #### ๐Ÿ› Fixes - Middleware/cors: Validation of multiple Origins ([https://github.com/gofiber/fiber/pull/2883](https://togithub.com/gofiber/fiber/pull/2883)) **Full Changelog**: https://github.com/gofiber/fiber/compare/v2.52.1...v2.52.2 ### [`v2.52.1`](https://togithub.com/gofiber/fiber/releases/tag/v2.52.1) [Compare Source](https://togithub.com/gofiber/fiber/compare/v2.52.0...v2.52.1) #### ๐Ÿ‘ฎ Security
Middleware/cors: Insecure CORS Configuration Allowing Wildcard Origin with Credentials - GHSA-fmg4-x8pw-hjhg https://docs.gofiber.io/api/middleware/cors
#### ๐Ÿ› Fixes - Middleware/healthcheck: Not working with route group([#​2863](https://togithub.com/gofiber/fiber/issues/2863)) #### ๐Ÿ“š Documentation - Fix default value to false in docs of QueryBool ([#​2811](https://togithub.com/gofiber/fiber/issues/2811)) - Fix code snippet indentation in /docs/api/middleware/keyauth.md ([#​2867](https://togithub.com/gofiber/fiber/issues/2867)) **Full Changelog**: https://github.com/gofiber/fiber/compare/v2.52.0...v2.52.1 Thank you [@​luk3skyw4lker](https://togithub.com/luk3skyw4lker), [@​CAEL0](https://togithub.com/CAEL0), [@​grivera64](https://togithub.com/grivera64), [@​gaby](https://togithub.com/gaby) and [@​sixcolors](https://togithub.com/sixcolors) for making this update possible. ### [`v2.52.0`](https://togithub.com/gofiber/fiber/releases/tag/v2.52.0) [Compare Source](https://togithub.com/gofiber/fiber/compare/v2.51.0...v2.52.0) #### ๐Ÿš€ New - Middleware/healthcheck: Add liveness and readiness checks ([#​2509](https://togithub.com/gofiber/fiber/issues/2509)) https://docs.gofiber.io/api/middleware/healthcheck ```go // Direct usage with default config app.Use(healthcheck.New()) // Or extend your config for customization app.Use(healthcheck.New(healthcheck.Config{ LivenessEndpoint: "/live", LivenessProbe: func(c *fiber.Ctx) bool { return true }, ReadinessEndpoint: "/ready", ReadinessProbe: func(c *fiber.Ctx) bool { return serviceA.Ready() && serviceB.Ready() && ... }, })) ``` #### ๐Ÿงน Updates - Middlewares: don't constrain middlewares context-keys to strings ([#​2751](https://togithub.com/gofiber/fiber/issues/2751)) - Middleware/logger: colorize logger error message [#​2593](https://togithub.com/gofiber/fiber/issues/2593) ([#​2773](https://togithub.com/gofiber/fiber/issues/2773)) - Middleware/logger: changing default log output ([#​2730](https://togithub.com/gofiber/fiber/issues/2730)) - Middleware/logger: log client IP address by default ([#​2755](https://togithub.com/gofiber/fiber/issues/2755)) - Middleware/encryptcookie: update default config ([#​2753](https://togithub.com/gofiber/fiber/issues/2753)) - Improve benchmarks for getOffer ([#​2739](https://togithub.com/gofiber/fiber/issues/2739)) #### ๐Ÿ› ๏ธ Maintenance - Bump github/codeql-action from 2 to 3 ([#​2763](https://togithub.com/gofiber/fiber/issues/2763)) - Bump github.com/google/uuid from 1.4.0 to 1.5.0 ([#​2762](https://togithub.com/gofiber/fiber/issues/2762)) - Bump actions/setup-go from 4 to 5 ([#​2754](https://togithub.com/gofiber/fiber/issues/2754)) - Bump golang.org/x/sys from 0.14.0 to 0.15.0 ([#​2744](https://togithub.com/gofiber/fiber/issues/2744)) - Bump github.com/valyala/fasthttp from 1.50.0 to 1.51.0 ([#​2721](https://togithub.com/gofiber/fiber/issues/2721)) #### ๐Ÿ› Fixes - Middleware/redirect : fix for redirect with query params ([#​2748](https://togithub.com/gofiber/fiber/issues/2748)) - Middleware/adaptor: Adaptor + otelfiber issue [#​2641](https://togithub.com/gofiber/fiber/issues/2641) ([#​2772](https://togithub.com/gofiber/fiber/issues/2772)) - Middleware/cors: Should use the defined AllowedOriginsFunc config when AllowedOrigins is empty ([#​2771](https://togithub.com/gofiber/fiber/issues/2771)) - Middleware/session: Race in session middleware tests ([#​2740](https://togithub.com/gofiber/fiber/issues/2740)) - Middleware/csrf: Fix failing CSRF tests ([#​2720](https://togithub.com/gofiber/fiber/issues/2720)) - Fix race condition in parallel tests ([#​2734](https://togithub.com/gofiber/fiber/issues/2734)) - utils.IsIPv4 and net.ParseIP have inconsistent results [#​2735](https://togithub.com/gofiber/fiber/issues/2735) ([#​2736](https://togithub.com/gofiber/fiber/issues/2736)) #### ๐Ÿ“š Documentation - Middleware/csrf: Improve csrf docs ([#​2726](https://togithub.com/gofiber/fiber/issues/2726)) - Update app.md for indentation ([#​2761](https://togithub.com/gofiber/fiber/issues/2761)) - Update default config ([#​2753](https://togithub.com/gofiber/fiber/issues/2753)) - Update CONTRIBUTING.md ([#​2752](https://togithub.com/gofiber/fiber/issues/2752)) **Full Changelog**: https://github.com/gofiber/fiber/compare/v2.51.0...v2.52.0 Thank you [@​MehmetFiratKomurcu](https://togithub.com/MehmetFiratKomurcu), [@​benjajaja](https://togithub.com/benjajaja), [@​brunodmartins](https://togithub.com/brunodmartins), [@​gilwo](https://togithub.com/gilwo), [@​iredmail](https://togithub.com/iredmail), [@​itswcg](https://togithub.com/itswcg), [@​luk3skyw4lker](https://togithub.com/luk3skyw4lker), [@​muhammadkholidb](https://togithub.com/muhammadkholidb), [@​nickajacks1](https://togithub.com/nickajacks1), [@​sixcolors](https://togithub.com/sixcolors) and [@​tokelo-12](https://togithub.com/tokelo-12) for making this update possible. ### [`v2.51.0`](https://togithub.com/gofiber/fiber/releases/tag/v2.51.0) [Compare Source](https://togithub.com/gofiber/fiber/compare/v2.50.0...v2.51.0) #### ๐Ÿš€ New - Add support for parameters in content negotiation ([#​2678](https://togithub.com/gofiber/fiber/issues/2678)) [RFC](https://www.rfc-editor.org/rfc/rfc9110#name-parameters) https://docs.gofiber.io/api/ctx#accepts ```go // Consideration of parameters in the accepted headers // Accept: text/plain, application/json; version=1; foo=bar app.Get("/", func(c *fiber.Ctx) error { // Extra parameters in the accept are ignored c.Accepts("text/plain;format=flowed") // "text/plain;format=flowed" // An offer must contain all parameters present in the Accept type c.Accepts("application/json") // "" // Parameter order and capitalization does not matter. Quotes on values are stripped. c.Accepts(`application/json;foo="bar";VERSION=1`) // "application/json;foo="bar";VERSION=1" }) ``` - Add support for application/problem+json ([#​2704](https://togithub.com/gofiber/fiber/issues/2704)) https://docs.gofiber.io/api/ctx#json https://docs.gofiber.io/api/client#json ```go // Passing a custom json type ctx.JSON(fiber.Map{ "type": "https://example.com/probs/out-of-credit", "title": "You do not have enough credit.", "status": 403, "detail": "Your current balance is 30, but that costs 50.", "instance": "/account/12345/msgs/abc", }, fiber.) ``` #### ๐Ÿงน Updates - Ctx.Range: reduce allocations ([#​2705](https://togithub.com/gofiber/fiber/issues/2705)) - Middleware/pprof: improve performance ([#​2709](https://togithub.com/gofiber/fiber/issues/2709)) #### ๐Ÿ› ๏ธ Maintenance - Bump golang.org/x/sys from 0.13.0 to 0.14.0 ([#​2707](https://togithub.com/gofiber/fiber/issues/2707)) - Bump github.com/google/uuid from 1.3.1 to 1.4.0 ([#​2693](https://togithub.com/gofiber/fiber/issues/2693)) - Bump actions/setup-node from 3 to 4 ([#​2690](https://togithub.com/gofiber/fiber/issues/2690)) - Bump github.com/mattn/go-isatty from 0.0.19 to 0.0.20 ([#​2679](https://togithub.com/gofiber/fiber/issues/2679)) #### ๐Ÿ› Fixes - Middleware/limiter: fix intermittent failures ([#​2716](https://togithub.com/gofiber/fiber/issues/2716)) - Naming of routes works wrong after mount [#​2688](https://togithub.com/gofiber/fiber/issues/2688) ([#​2689](https://togithub.com/gofiber/fiber/issues/2689)) - Fix method validation on route naming ([#​2686](https://togithub.com/gofiber/fiber/issues/2686)) #### ๐Ÿ“š Documentation - Changed "Twitter" to "X (Twitter)" in README.md Contribute Section ([#​2696](https://togithub.com/gofiber/fiber/issues/2696)) - Add additional information as to why GetReqHeaders returns a map where the values are slices of strings ([#​2698](https://togithub.com/gofiber/fiber/issues/2698)) - Enhance csrf.md ([#​2692](https://togithub.com/gofiber/fiber/issues/2692)) **Full Changelog**: https://github.com/gofiber/fiber/compare/v2.50.0...v2.51.0 Thank you [@​BandhiyaHardik](https://togithub.com/BandhiyaHardik), [@​database64128](https://togithub.com/database64128), [@​efectn](https://togithub.com/efectn), [@​moritz157](https://togithub.com/moritz157), [@​nickajacks1](https://togithub.com/nickajacks1), [@​rhburt](https://togithub.com/rhburt) and [@​sixcolors](https://togithub.com/sixcolors) for making this update possible. ### [`v2.50.0`](https://togithub.com/gofiber/fiber/releases/tag/v2.50.0) [Compare Source](https://togithub.com/gofiber/fiber/compare/v2.49.2...v2.50.0) #### โ— Breaking Changes - Change signatures of GetReqHeaders and GetRespHeaders ([#​2650](https://togithub.com/gofiber/fiber/issues/2650)) > To allow single and list values under headers according to the [rfc standard](https://datatracker.ietf.org/doc/html/rfc9110#section-5.2) ```diff - func (c *Ctx) GetReqHeaders() map[string]string + func (c *Ctx) GetReqHeaders() map[string][]string ``` ```diff - func (c *Ctx) GetRespHeaders() map[string]string + func (c *Ctx) GetRespHeaders() map[string][]string ``` #### ๐Ÿ‘ฎ Security
Middleware/csrf: Token Vulnerability (GHSA-mv73-f69x-444p, GHSA-94w9-97p3-p368) https://docs.gofiber.io/api/middleware/csrf ๐Ÿš€ Improvements to the CSRF middleware: - Added support for single-use tokens through the `SingleUseToken` configuration option. - Optional integration with GoFiber session middleware through the `Session` and `SessionKey` configuration options. - Introduction of origin checks for HTTPS connections to verify referer headers. - Implementation of a Double Submit Cookie approach for CSRF token generation and validation when used without `Session`. - Enhancement of error handling with more descriptive error messages. - The documentation for the CSRF middleware has been enhanced with the addition of the new options and best practices to improve security. Thank you [@​sixcolors](https://togithub.com/sixcolors)
#### ๐Ÿš€ New - Cookie parser ([#​2656](https://togithub.com/gofiber/fiber/issues/2656)) https://docs.gofiber.io/api/ctx#cookieparser ```go // Field names should start with an uppercase letter type Person struct { Name string `cookie:"name"` Age int `cookie:"age"` Job bool `cookie:"job"` } // Example route app.Get("/", func(c *fiber.Ctx) error { p := new(Person) // This method is similar to BodyParser, but for cookie parameters if err := c.CookieParser(p); err != nil { return err } log.Println(p.Name) // Joseph log.Println(p.Age) // 23 log.Println(p.Job) // true }) ``` - Middleware/cors: Allow disabling caching in preflight requests ([#​2649](https://togithub.com/gofiber/fiber/issues/2649)) https://docs.gofiber.io/api/middleware/cors#config ```go // To disable caching completely, pass MaxAge value negative. It will set the Access-Control-Max-Age header 0. app.Use(cors.New(cors.Config{MaxAge: -1})) ``` - Middleware/session: Add Reset method to Session struct in session middleware ([#​2654](https://togithub.com/gofiber/fiber/issues/2654)) https://docs.gofiber.io/api/middleware/session#signatures ```go // Provide more flexibility in session management, especially in scenarios like repeated user logins func (s *Session) Reset() error ``` Example usage: ```go // Initialize default config // This stores all of your app's sessions store := session.New() app.Post("/login", func(c *fiber.Ctx) error { // Get session from storage sess, err := store.Get(c) if err != nil { panic(err) } // ... validate login ... // Check if the session is fresh if !sess.Fresh() { // If the session is not fresh, reset it if err := sess.Reset(); err != nil { panic(err) } } // Set new session data sess.Set("user_id", user.ID) // Save session if err := sess.Save(); err != nil { panic(err) } return c.SendString(fmt.Sprintf("Welcome %v", user.ID)) }) ``` - Middleware/session: Add Delete method to Store struct in session middleware ([#​2655](https://togithub.com/gofiber/fiber/issues/2655)) https://docs.gofiber.io/api/middleware/session#signatures ```go // Provide more control over individual session management, especially in scenarios // like administrator-enforced user logout or user-initiated logout from a specific device session func (s *Store) Delete(id string) error ``` Example usage: ```go app.Post("/admin/session/:id/logout", func(c *fiber.Ctx) error { // Get session id from request sessionID := c.Params("id") // Delete the session if err := store.Delete(sessionID); err != nil { return c.Status(500).SendString(err.Error()) } return c.SendString("Logout successful") }) ``` #### ๐Ÿงน Updates - Middleware/filesystem: Improve status for SendFile ([#​2664](https://togithub.com/gofiber/fiber/issues/2664)) - Middleware/filesystem: Set response code ([#​2632](https://togithub.com/gofiber/fiber/issues/2632)) - Refactor Ctx.Method func to improve code readability ([#​2647](https://togithub.com/gofiber/fiber/issues/2647)) #### ๐Ÿ› ๏ธ Maintenance - Fix loop variable captured by func literal ([#​2660](https://togithub.com/gofiber/fiber/issues/2660)) - Run gofumpt and goimports ([#​2662](https://togithub.com/gofiber/fiber/issues/2662)) - Use utils.AssertEqual instead of t.Fatal on some tests ([#​2653](https://togithub.com/gofiber/fiber/issues/2653)) - Apply go fix ./... with latest version of go in repository ([#​2661](https://togithub.com/gofiber/fiber/issues/2661)) - Bump github.com/valyala/fasthttp from 1.49.0 to 1.50.0 ([#​2634](https://togithub.com/gofiber/fiber/issues/2634)) - Bump golang.org/x/sys from 0.12.0 to 0.13.0 ([#​2665](https://togithub.com/gofiber/fiber/issues/2665)) #### ๐Ÿ› Fixes - Path checking on route naming ([#​2676](https://togithub.com/gofiber/fiber/issues/2676)) - Incorrect log depth when use log.WithContext ([#​2666](https://togithub.com/gofiber/fiber/issues/2666)) - Jsonp ignoring custom json encoder ([#​2658](https://togithub.com/gofiber/fiber/issues/2658)) - PassLocalsToView when bind parameter is nil ([#​2651](https://togithub.com/gofiber/fiber/issues/2651)) - Parse ips return invalid in abnormal case ([#​2642](https://togithub.com/gofiber/fiber/issues/2642)) - Bug parse custom header ([#​2638](https://togithub.com/gofiber/fiber/issues/2638)) - Middleware/adaptor: Reduce memory usage by replacing io.ReadAll() with io.Copy() ([#​2637](https://togithub.com/gofiber/fiber/issues/2637)) - Middleware/idempotency: Nil pointer dereference issue on idempotency middleware ([#​2668](https://togithub.com/gofiber/fiber/issues/2668)) #### ๐Ÿ“š Documentation - Incorrect status code source ([#​2667](https://togithub.com/gofiber/fiber/issues/2667)) - Middleware/requestid: Typo in requestid.md ([#​2675](https://togithub.com/gofiber/fiber/issues/2675)) - Middleware/cors: Update docs to better explain AllowOriginsFunc ([#​2652](https://togithub.com/gofiber/fiber/issues/2652)) **Full Changelog**: https://github.com/gofiber/fiber/compare/v2.49.2...v2.50.0 Thank you [@​KaptinLin](https://togithub.com/KaptinLin), [@​Skyenought](https://togithub.com/Skyenought), [@​cuipeiyu](https://togithub.com/cuipeiyu), [@​dairlair](https://togithub.com/dairlair), [@​efectn](https://togithub.com/efectn), [@​gaby](https://togithub.com/gaby), [@​geerew](https://togithub.com/geerew), [@​huykn](https://togithub.com/huykn), [@​jimmyl02](https://togithub.com/jimmyl02), [@​joey1123455](https://togithub.com/joey1123455), [@​joshlarsen](https://togithub.com/joshlarsen), [@​jscappini](https://togithub.com/jscappini), [@​peczenyj](https://togithub.com/peczenyj) and [@​sixcolors](https://togithub.com/sixcolors) for making this update possible. ### [`v2.49.2`](https://togithub.com/gofiber/fiber/releases/tag/v2.49.2) [Compare Source](https://togithub.com/gofiber/fiber/compare/v2.49.1...v2.49.2) #### ๐Ÿงน Updates - Middleware/logger: Enabling color changes padding for some fields [#​2604](https://togithub.com/gofiber/fiber/issues/2604) ([#​2616](https://togithub.com/gofiber/fiber/issues/2616)) - Bump actions/checkout from 3 to 4 ([#​2618](https://togithub.com/gofiber/fiber/issues/2618)) - Bump golang.org/x/sys from 0.11.0 to 0.12.0 ([#​2617](https://togithub.com/gofiber/fiber/issues/2617)) #### ๐Ÿ› Fixes - Vulnerability in Ctx.IsFromLocal(https://github.com/gofiber/fiber/security/advisories/GHSA-3q5p-3558-364f) #### ๐Ÿ“š Documentation - Replaced double quotes with backticks in all route parameter strings ([#​2591](https://togithub.com/gofiber/fiber/issues/2591)) **Full Changelog**: https://github.com/gofiber/fiber/compare/v2.49.1...v2.49.2 Thank you [@​11-aryan](https://togithub.com/11-aryan) and [@​AKARSHITJOSHI](https://togithub.com/AKARSHITJOSHI) for making this update possible.

Configuration

๐Ÿ“… Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

๐Ÿšฆ Automerge: Disabled by config. Please merge this manually once you are satisfied.

โ™ป Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

๐Ÿ”• Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.