Fastify version 4.15.0 brings a few notable changes compared to the previous stable release, 4.14.1, primarily affecting its internal dependencies. One significant update is within the dependencies, where find-my-way has been upgraded from version 7.3.0 to 7.6.0. This likely introduces improvements in route matching performance and potentially new features within the routing mechanism. Also, @fastify/fast-json-stringify-compiler sees an update from version 4.1.0 to version 4.2.0.
While the core developer experience remains largely consistent, these dependency upgrades contribute to the ongoing enhancements in performance, stability, and security. Developers relying on Fastify for building high-performance APIs and web applications can expect smoother routing experiences due to the find-my-way update. Small improvements and bug fixes included in the new version make your code work even better. These upgrades are beneficial for those seeking to optimize their Fastify applications further.
Both versions share a rich set of development dependencies that offer tools for testing, linting, and type checking, ensuring a robust development workflow with updated tools. Libraries include Ajv for JSON schema validation and Typescript for type checking and code quality improvements. These updates are part of the ongoing commitment to providing a fast, reliable, and developer-friendly Node.js web framework.
All the vulnerabilities related to the version 4.15.0 of the package
find-my-way has a ReDoS vulnerability in multiparametric routes
A bad regular expression is generated any time you have two parameters within a single segment, when adding a - at the end, like /:a-:b-.
Update to find-my-way v8.2.2 or v9.0.1. or subsequent versions.
No known workarounds.
