fastify 3.14.0 → 3.14.1

package/README.md

@@ -1,5 +1,5 @@
 <div align="center">
-<img src="https://github.com/fastify/graphics/raw/master/full-logo.png" width="650" height="auto"/>
+<img src="https://github.com/fastify/graphics/raw/HEAD/full-logo.png" width="650" height="auto"/>
 </div>
 
 <div align="center">
@@ -8,7 +8,7 @@
 [![Package Manager CI](https://github.com/fastify/fastify/workflows/package-manager-ci/badge.svg)](https://github.com/fastify/fastify/actions/workflows/package-manager-ci.yml)
 [![Web SIte](https://github.com/fastify/fastify/workflows/website/badge.svg)](https://github.com/fastify/fastify/actions/workflows/website.yml)
 [![Known Vulnerabilities](https://snyk.io/test/github/fastify/fastify/badge.svg)](https://snyk.io/test/github/fastify/fastify)
-[![Coverage Status](https://coveralls.io/repos/github/fastify/fastify/badge.svg?branch=master)](https://coveralls.io/github/fastify/fastify?branch=master)
+[![Coverage Status](https://coveralls.io/repos/github/fastify/fastify/badge.svg?branch=main)](https://coveralls.io/github/fastify/fastify?branch=main)
 [![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat)](https://standardjs.com/)
 
 </div>
@@ -18,7 +18,7 @@
 [![NPM version](https://img.shields.io/npm/v/fastify.svg?style=flat)](https://www.npmjs.com/package/fastify)
 [![NPM downloads](https://img.shields.io/npm/dm/fastify.svg?style=flat)](https://www.npmjs.com/package/fastify)
 [![Security Responsible
-Disclosure](https://img.shields.io/badge/Security-Responsible%20Disclosure-yellow.svg)](https://github.com/nodejs/security-wg/blob/master/processes/responsible_disclosure_template.md)
+Disclosure](https://img.shields.io/badge/Security-Responsible%20Disclosure-yellow.svg)](https://github.com/nodejs/security-wg/blob/HEAD/processes/responsible_disclosure_template.md)
 [![Discord](https://img.shields.io/discord/725613461949906985)](https://discord.gg/fastify)
 
 </div>
@@ -191,7 +191,7 @@ matters to you.
 * <a href="./docs/Serverless.md"><code><b>Serverless</b></code></a>
 * <a href="./docs/Recommendations.md"><code><b>Recommendations</b></code></a>
 
-中文文档[地址](https://github.com/fastify/docs-chinese/blob/master/README.md)
+中文文档[地址](https://github.com/fastify/docs-chinese/blob/HEAD/README.md)
 
 ## Ecosystem
 
@@ -238,6 +238,7 @@ Team members are listed in alphabetical order.
 * [__Vincent Le Goff__](https://github.com/zekth)
 * [__Salman Mitha__](https://github.com/salmanm), <https://www.npmjs.com/~salmanm>
 * [__Maksim Sinik__](https://github.com/fox1t), <https://twitter.com/maksimsinik>, <https://www.npmjs.com/~fox1t>
+* [__Frazer Smith__](https://github.com/Fdawgs), <https://www.npmjs.com/~fdawgs>
 * [__Manuel Spigolon__](https://github.com/eomm), <https://twitter.com/manueomm>, <https://www.npmjs.com/~eomm>
 
 ### Great Contributors
@@ -255,9 +256,9 @@ Great contributors on a specific area in the Fastify ecosystem will be invited t
 
 ## Hosted by
 
-[<img src="https://github.com/openjs-foundation/cross-project-council/blob/master/logos/openjsf-color.png?raw=true" width="250px;"/>](https://openjsf.org/projects/#growth)
+[<img src="https://github.com/openjs-foundation/cross-project-council/blob/HEAD/logos/openjsf-color.png?raw=true" width="250px;"/>](https://openjsf.org/projects/#growth)
 
-We are a [Growth Project](https://github.com/openjs-foundation/cross-project-council/blob/master/PROJECT_PROGRESSION.md#growth-stage) in the [OpenJS Foundation](https://openjsf.org/).
+We are a [Growth Project](https://github.com/openjs-foundation/cross-project-council/blob/HEAD/PROJECT_PROGRESSION.md#growth-stage) in the [OpenJS Foundation](https://openjsf.org/).
 
 ## Acknowledgements
 

package/SECURITY.md

@@ -9,7 +9,7 @@ Individuals who find potential vulnerabilities in Fastify are invited to complet
 
 ### How to report a vulnerability
 
-It is of the utmost importance that you read carefully [**HOW TO REPORT A VULNERABILITY**](https://github.com/nodejs/security-wg/blob/master/processes/third_party_vuln_process.md) written by the Security Working Group of Node.js.
+It is of the utmost importance that you read carefully [**HOW TO REPORT A VULNERABILITY**](https://github.com/nodejs/security-wg/blob/HEAD/processes/third_party_vuln_process.md) written by the Security Working Group of Node.js.
 
 
 ## Handling vulnerability reports
@@ -24,7 +24,7 @@ When a potential vulnerability is reported and confirmed the Fastify Core Team w
 
 ## The Fastify Core team
 
-The core team is responsible for the management of [this](https://github.com/nodejs/security-wg/blob/master/processes/third_party_vuln_process.md#handling-vulnerability-reports) process.
+The core team is responsible for the management of [this](https://github.com/nodejs/security-wg/blob/HEAD/processes/third_party_vuln_process.md#handling-vulnerability-reports) process.
 
 Members of this team are expected to keep all information that they have privileged access to by being
 on the team completely private to the team. This includes agreeing to not notify anyone outside the

package/docs/Benchmarking.md

@@ -33,7 +33,7 @@ branchcmp --rounds 2 --script "npm run benchmark"
 branchcmp --rounds 2 --script "npm run benchmark"
 ```
 
-### Compare current branch with master (Gitflow)
+### Compare current branch with main (Gitflow)
 ```sh
 branchcmp --rounds 2 --gitflow --script "npm run benchmark"
 ```

package/docs/Ecosystem.md

@@ -57,12 +57,19 @@ Plugins maintained by the Fastify team are listed under [Core](#core) while plug
 - [`@dnlup/fastify-doc`](https://github.com/dnlup/fastify-doc) A plugin for sampling process metrics.
 - [`@dnlup/fastify-traps`](https://github.com/dnlup/fastify-traps) A plugin to close the server gracefully on `SIGINT` and `SIGTERM` signals.
 - [`@gquittet/graceful-server`](https://github.com/gquittet/graceful-server) Tiny (~5k), Fast, KISS and dependency-free Node.JS library to make your Fastify API graceful.
+- [`@mgcrea/fastify-graceful-exit`](https://github.com/mgcrea/fastify-graceful-exit) A plugin to close the server gracefully
+- [`@mgcrea/fastify-request-logger`](https://github.com/mgcrea/fastify-request-logger) A plugin to enable compact request logging for fastify
+- [`@mgcrea/fastify-session-redis-store`](https://github.com/mgcrea/fastify-session-redis-store) Redis store for @mgcrea/fastify-session using ioredis
+- [`@mgcrea/fastify-session-sodium-crypto`](https://github.com/mgcrea/fastify-session-sodium-crypto) Fast sodium-based crypto for @mgcrea/fastify-session
+- [`@mgcrea/fastify-session`](https://github.com/mgcrea/fastify-session) Session plugin for fastify that supports both stateless and sateful sessions
+- [`@mgcrea/pino-pretty-compact`](https://github.com/mgcrea/pino-pretty-compact) A custom compact pino-base prettifier
 - [`apollo-server-fastify`](https://github.com/apollographql/apollo-server/tree/master/packages/apollo-server-fastify) Run an [Apollo Server](https://github.com/apollographql/apollo-server) to serve GraphQL with Fastify.
 - [`arecibo`](https://github.com/nucleode/arecibo) Fastify ping responder for Kubernetes Liveness and Readiness Probes.
 - [`cls-rtracer`](https://github.com/puzpuzpuz/cls-rtracer) Fastify middleware for CLS-based request id generation. An out-of-the-box solution for adding request ids into your logs.
 - [`fastify-405`](https://github.com/Eomm/fastify-405) Fastify plugin that adds 405 HTTP status to your routes
 - [`fastify-amqp`](https://github.com/RafaelGSS/fastify-amqp) Fastify AMQP connection plugin, to use with RabbitMQ or another connector. Just a wrapper to [`amqplib`](https://github.com/squaremo/amqp.node).
 - [`fastify-angular-universal`](https://github.com/exequiel09/fastify-angular-universal) Angular server-side rendering support using [`@angular/platform-server`](https://github.com/angular/angular/tree/master/packages/platform-server) for Fastify
+- [`fastify-api-key`](https://github.com/arkerone/fastify-api-key) Fastify plugin to authenticate HTTP requests based on api key and signature
 - [`fastify-auth0-verify`](https://github.com/nearform/fastify-auth0-verify): Auth0 verification plugin for Fastify, internally uses [fastify-jwt](https://npm.im/fastify-jwt) and [jsonwebtoken](https://npm.im/jsonwebtoken).
 - [`fastify-autocrud`](https://github.com/paranoiasystem/fastify-autocrud) Plugin to autogenerate CRUD routes as fast as possible.
 - [`fastify-autoroutes`](https://github.com/GiovanniCardamone/fastify-autoroutes) Plugin to scan and load routes based on filesystem path from custom directory.
@@ -169,6 +176,7 @@ Plugins maintained by the Fastify team are listed under [Core](#core) while plug
 - [`fastify-twitch-ebs-tools`](https://github.com/lukemnet/fastify-twitch-ebs-tools) Useful functions for Twitch Extension Backend Services (EBS).
 - [`fastify-typeorm-plugin`](https://github.com/inthepocket/fastify-typeorm-plugin) Fastify plugin to work with TypeORM.
 - [`fastify-vhost`](https://github.com/patrickpissurno/fastify-vhost) Proxy subdomain http requests to another server (useful if you want to point multiple subdomains to the same IP address, while running different servers on the same machine).
+- [`fastify-vite`](https://github.com/galvez/fastify-vite) [Vite](https://vitejs.dev/) plugin for Fastify with SSR data support.
 - [`fastify-vue-plugin`](https://github.com/TheNoim/fastify-vue) [Nuxt.js](https://nuxtjs.org) plugin for Fastify. Control the routes nuxt should use.
 - [`fastify-wamp-router`](https://github.com/lependu/fastify-wamp-router) Web Application Messaging Protocol router for Fastify.
 - [`fast-water`](https://github.com/tswayne/fast-water) A Fastify plugin for waterline. Decorates Fastify with waterline models.

package/docs/Hooks.md

@@ -85,19 +85,23 @@ fastify.addHook('preParsing', async (request, reply, payload) => {
 **Notice**: The old syntaxes `function(request, reply, done)` and `async function(request, reply)` for the parser are still supported but they are deprecated.
 
 ### preValidation
+
+If you are using the `preValidation` hook, you can change the payload before it is validated. For example:
+
 ```js
 fastify.addHook('preValidation', (request, reply, done) => {
-  // Some code
+  req.body = { ...req.body, importantKey: 'randomString' }
   done()
 })
 ```
 Or `async/await`:
 ```js
 fastify.addHook('preValidation', async (request, reply) => {
-  // Some code
-  await asyncMethod()
+  const importantKey = await generateRandomString()
+  req.body = { ...req.body, importantKey }
 })
 ```
+
 ### preHandler
 ```js
 fastify.addHook('preHandler', (request, reply, done) => {

package/docs/Logging.md

@@ -59,7 +59,7 @@ const fastify = require('fastify')({
 
 By default, fastify adds an id to every request for easier tracking. If the "request-id" header is present its value is used, otherwise a new incremental id is generated. See Fastify Factory [`requestIdHeader`](Server.md#factory-request-id-header) and Fastify Factory [`genReqId`](Server.md#gen-request-id) for customization options.
 
-The default logger is configured with a set of standard serializers that serialize objects with `req`, `res`, and `err` properties. The object received by `req` is the Fastify [`Request`](Request.md) object, while the object received by `res` is the Fastify [`Reply`](Reply.md) object.  
+The default logger is configured with a set of standard serializers that serialize objects with `req`, `res`, and `err` properties. The object received by `req` is the Fastify [`Request`](Request.md) object, while the object received by `res` is the Fastify [`Reply`](Reply.md) object.
 This behaviour can be customized by specifying custom serializers.
 ```js
 const fastify = require('fastify')({

package/docs/Migration-Guide-V3.md

@@ -267,7 +267,7 @@ fastify.get('/', (request, reply) => {
 
 ## Further additions and improvements
 
-- Hooks now have consistent context irregardless of how they are registered
+- Hooks now have consistent context regardless of how they are registered
 ([#2005](https://github.com/fastify/fastify/pull/2005))
 - Deprecated `request.req` and `reply.res` for [`request.raw`](Request.md) and
 [`reply.raw`](Reply.md) ([#2008](https://github.com/fastify/fastify/pull/2008))

package/docs/Routes.md

@@ -416,7 +416,7 @@ Fastify supports constraining routes to match only certain requests based on som
 #### Version Constraints
 
 You can provide a `version` key in the `constraints` option to a route. Versioned routes allows you to declare multiple handlers for the same HTTP route path which will then be matched according to each request's `Accept-Version` header. The `Accept-Version` header value should follow the [semver](http://semver.org/) specification, and routes should be declared with exact semver versions for matching.<br/>
-Fastify will require a request `Accept-Version` header to be set if the route has a version set, and will prefer a versioned route to a non-versioned route for the same path. Advanced version ranges ranges and pre-releases currently are not supported.<br/>
+Fastify will require a request `Accept-Version` header to be set if the route has a version set, and will prefer a versioned route to a non-versioned route for the same path. Advanced version ranges and pre-releases currently are not supported.<br/>
 *Be aware that using this feature will cause a degradation of the overall performances of the router.*
 
 ```js

package/docs/Server.md

@@ -4,10 +4,9 @@
 ## Factory
 
 The Fastify module exports a factory function that is used to create new
-<a href="./Server.md"><code><b>Fastify server</b></code></a>
-instances. This factory function accepts an options object which is used to
-customize the resulting instance. This document describes the properties
-available in that options object.
+<code><b>Fastify server</b></code> instances. This factory function accepts
+an options object which is used to customize the resulting instance. This
+document describes the properties available in that options object.
 
 <a name="factory-http2"></a>
 ### `http2`
@@ -192,7 +191,7 @@ fastify.addHook('onResponse', (req, reply, done) => {
 })
 ```
 
-Please note that this setting will also disable an error log written by the the default `onResponse` hook on reply callback errors.
+Please note that this setting will also disable an error log written by the default `onResponse` hook on reply callback errors.
 
 <a name="custom-http-server"></a>
 ### `serverFactory`
@@ -986,7 +985,7 @@ fastify.ready(() => {
 <a name="addContentTypeParser"></a>
 #### addContentTypeParser
 
-`fastify.addContentTypeParser(content-type, options, parser)` is used to pass custom parser for a given content type. Useful for adding parsers for custom content types, e.g. `text/json, application/vnd.oasis.opendocument.text`. `content-type` can be a string or string array.
+`fastify.addContentTypeParser(content-type, options, parser)` is used to pass custom parser for a given content type. Useful for adding parsers for custom content types, e.g. `text/json, application/vnd.oasis.opendocument.text`. `content-type` can be a string, string array or RegExp.
 
 ```js
 // The two arguments passed to getDefaultJsonParser are for ProtoType poisoning and Constructor Poisoning configuration respectively. The possible values are 'ignore', 'remove', 'error'. ignore  skips all validations and it is similar to calling JSON.parse() directly. See the <a href="https://github.com/fastify/secure-json-parse#api">`secure-json-parse` documentation</a> for more information.

package/docs/Serverless.md

@@ -269,7 +269,7 @@ module.exports = {
 
 ### Scripts
 
-Add this command to your `package.json` *scripts* 
+Add this command to your `package.json` *scripts*
 
 ```json
 "scripts": {
@@ -291,9 +291,9 @@ configuring your `vercel.json` file like the following:
 ```json
 {
     "rewrites": [
-        { 
-            "source": "/(.*)", 
-            "destination": "/api/serverless.js" 
+        {
+            "source": "/(.*)",
+            "destination": "/api/serverless.js"
         }
     ]
 }

package/docs/Style-Guide.md

@@ -163,7 +163,7 @@ Here is how your hyperlink should look:
 ```MD
 <!-- More like this -->
 
-// Add clear & breif description
+// Add clear & brief description
 [Fastify Plugins] (https://www.fastify.io/docs/latest/Plugins/)
 
 <!--Less like this -->

package/docs/TypeScript.md

@@ -98,6 +98,7 @@ The type system heavily relies on generic properties to provide the most accurat
      return `logged in!`
    })
    ```
+
 4. Build and run the server code with `npm run build` and `npm run start`
 5. Query the api
    ```bash
@@ -126,14 +127,80 @@ The type system heavily relies on generic properties to provide the most accurat
 
 ### JSON Schema
 
+To validate your requests and responses you can use JSON Schema files. If you didn't know already, defining schemas for your Fastify routes can increase their throughput! Check out the [Validation and Serialization](Validation-and-Serialization.md) documentation for more info.
+
+Also it has the advantage to use the defined type within your handlers (including pre-validation, etc.).
+
+Here are some options how to achieve this.
+
+
+#### typebox
+
+A useful library for building types and a schema at once is [typebox](https://www.npmjs.com/package/@sinclair/typebox).
+With typebox you define your schema within your code and use them directly as types or schemas as you need them.
+
+When you want to use it for validation of some payload in a fastify route you can do it as follows:
+
+1. Install `typebox` in your project.
+
+    ```bash
+    npm i @sinclair/typebox
+    ```
+
+2. Define the schema you need with `Type` and create the respective type  with `Static`.
+  
+    ```typescript
+    import { Static, Type } from '@sinclair/typebox'
+
+    const User = Type.Object({
+      name: Type.String(),
+      mail: Type.Optional(Type.String({ format: "email" })),
+    });
+    type UserType = Static<typeof User>;
+    ```
+
+3. Use the defined type and schema during the definition of your route
+
+    ```typescript
+    const app = fastify();
+
+    app.post<{ Body: UserType; Response: UserType }>(
+      "/",
+      {
+        schema: {
+          body: User,
+          response: {
+            200: User,
+          },
+        },
+      },
+      (req, rep) => {
+        const { body: user } = req;
+        /* user has type
+        * const user: StaticProperties<{
+        *  name: TString;
+        *  mail: TOptional<TString>;
+        * }>
+        */
+        //...
+        rep.status(200).send(user);
+      }
+    );
+    ```
+
+#### Schemas in JSON Files
+
 In the last example we used interfaces to define the types for the request querystring and headers. Many users will already be using JSON Schemas to define these properties, and luckily there is a way to transform existing JSON Schemas into TypeScript interfaces!
 
 1. If you did not complete the 'Getting Started' example, go back and follow steps 1-4 first.
 2. Install the `json-schema-to-typescript` module:
-   ```
+
+   ```bash
    npm i -D json-schema-to-typescript
    ```
+
 3. Create a new folder called `schemas` and add two files `headers.json` and `querystring.json`. Copy and paste the following schema definitions into the respective files:
+
    ```json
    {
      "title": "Headers Schema",
@@ -145,6 +212,7 @@ In the last example we used interfaces to define the types for the request query
      "required": ["h-Custom"]
    }
    ```
+
    ```json
    {
      "title": "Querystring Schema",
@@ -157,18 +225,22 @@ In the last example we used interfaces to define the types for the request query
      "required": ["username", "password"]
    }
    ```
+
 4. Add a `compile-schemas` script to the package.json:
-   ```json
+
+```json
    {
      "scripts": {
        "compile-schemas": "json2ts -i schemas -o types"
      }
    }
-   ```
+```
+
    `json2ts` is a CLI utility included in `json-schema-to-typescript`. `schemas` is the input path, and `types` is the output path.
 5. Run `npm run compile-schemas`. Two new files should have been created in the `types` directory.
 6. Update `index.ts` to have the following code:
-   ```typescript
+
+```typescript
    import fastify from 'fastify'
 
    // import json schemas as normal
@@ -229,10 +301,67 @@ In the last example we used interfaces to define the types for the request query
    ```
    Pay special attention to the imports at the top of this file. It might seem redundant, but you need to import both the schema files and the generated interfaces.
 
-Great work! Now you can make use of both JSON Schemas and TypeScript definitions. If you didn't know already, defining schemas for your Fastify routes can increase their throughput! Check out the [Validation and Serialization](Validation-and-Serialization.md) documentation for more info.
+Great work! Now you can make use of both JSON Schemas and TypeScript definitions.
+
+#### json-schema-to-ts
 
-Some additional notes:
-- Currently, there is no type definition support for inline JSON schemas. If you can come up with a solution please open a PR!
+If you do not want to generate types from your schemas, but want to use them diretly from your code, you can use the package
+[json-schema-to-ts](https://www.npmjs.com/package/json-schema-to-ts).
+
+You can install it as dev-dependency.
+
+```bash
+npm install -D json-schema-to-ts
+```
+
+In your code you can define your schema like a normal object. But be aware of making it *const* like explained in the docs of the module.
+
+```typescript
+const todo = {
+  type: 'object',
+  properties: {
+    name: { type: 'string' },
+    description: { type: 'string' },
+    done: { type: 'boolean' },
+  },
+  required: ['name'],
+} as const;
+```
+
+With the provided type `FromSchema` you can build a type from your schema and use it in your handler.
+
+```typescript
+fastify.post<{ Body: FromSchema<typeof todo> }>(
+  '/todo',
+  {
+    schema: {
+      body: todo,
+      response: {
+        201: {
+          type: 'string',
+        },
+      },
+    }
+  },
+  async (request, reply): Promise<void> => {
+
+    /*
+    request.body has type 
+    {
+      [x: string]: unknown;
+      description?: string;
+      done?: boolean;
+      name: string;
+    }
+    */
+
+    request.body.name // will not throw type error
+    request.body.notthere // will throw type error
+    
+    reply.status(201).send();
+  },
+);
+```
 
 ### Plugins
 

package/docs/Validation-and-Serialization.md

@@ -101,7 +101,7 @@ As usual, the function `getSchemas` is encapsulated and returns the shared schem
 ```js
 fastify.addSchema({ $id: 'one', my: 'hello' })
 // will return only `one` schema
-fastify.get('/', (request, reply) => { reply.send(fastify.getSchemas()) }) 
+fastify.get('/', (request, reply) => { reply.send(fastify.getSchemas()) })
 
 fastify.register((instance, opts, done) => {
   instance.addSchema({ $id: 'two', my: 'ciao' })
@@ -544,10 +544,10 @@ const schema = {
 and fail to satisfy it, the route will immediately return a response with the following payload
 
 ```js
-{ 
+{
   "statusCode": 400,
   "error": "Bad Request",
-  "message": "body should have required property 'name'" 
+  "message": "body should have required property 'name'"
 }
 ```
 
@@ -575,7 +575,7 @@ The context function will be the Fastify server instance.
 ```js
 const fastify = Fastify({
   schemaErrorFormatter: (errors, dataVar) => {
-    // ... my formatting logic 
+    // ... my formatting logic
     return new Error(myErrorMessage)
   }
 })
@@ -583,7 +583,7 @@ const fastify = Fastify({
 // or
 fastify.setSchemaErrorFormatter(function (errors, dataVar) {
   this.log.error({ err: errors }, 'Validation failed')
-  // ... my formatting logic 
+  // ... my formatting logic
   return new Error(myErrorMessage)
 })
 ```
@@ -598,7 +598,7 @@ fastify.setErrorHandler(function (error, request, reply) {
 })
 ```
 
-If you want custom error response in schema without headaches and quickly, you can take a look at [`ajv-errors`](https://github.com/epoberezkin/ajv-errors). Checkout the [example](https://github.com/fastify/example/blob/master/validation-messages/custom-errors-messages.js) usage.
+If you want custom error response in schema without headaches and quickly, you can take a look at [`ajv-errors`](https://github.com/epoberezkin/ajv-errors). Checkout the [example](https://github.com/fastify/example/blob/HEAD/validation-messages/custom-errors-messages.js) usage.
 
 Below is an example showing how to add **custom error messages for each property** of a schema by supplying custom AJV options.
 Inline comments in the schema below describe how to configure it to show a different error message for each case:

package/fastify.d.ts

@@ -13,6 +13,7 @@ import * as ajv from 'ajv'
 import { FastifyError } from 'fastify-error'
 import { FastifyReply } from './types/reply'
 import { FastifySchemaValidationError } from './types/schema'
+import { ConstructorAction, ProtoAction } from "./types/content-type-parser";
 
 /**
  * Fastify factory function for the standard fastify http, https, or http2 server instance.
@@ -88,8 +89,8 @@ export type FastifyServerOptions<
   maxParamLength?: number,
   disableRequestLogging?: boolean,
   exposeHeadRoutes?: boolean,
-  onProtoPoisoning?: 'error' | 'remove' | 'ignore',
-  onConstructorPoisoning?: 'error' | 'remove' | 'ignore',
+  onProtoPoisoning?: ProtoAction,
+  onConstructorPoisoning?: ConstructorAction,
   logger?: boolean | FastifyLoggerOptions<RawServer> | Logger,
   serverFactory?: FastifyServerFactory<RawServer>,
   caseSensitive?: boolean,
@@ -152,7 +153,7 @@ export { FastifyLoggerOptions, FastifyLoggerInstance, FastifyLogFn, LogLevel } f
 export { FastifyContext } from './types/context'
 export { RouteHandler, RouteHandlerMethod, RouteOptions, RouteShorthandMethod, RouteShorthandOptions, RouteShorthandOptionsWithHandler } from './types/route'
 export * from './types/register'
-export { FastifyBodyParser, FastifyContentTypeParser, AddContentTypeParser, hasContentTypeParser } from './types/content-type-parser'
+export { FastifyBodyParser, FastifyContentTypeParser, AddContentTypeParser, hasContentTypeParser, getDefaultJsonParser, ProtoAction, ConstructorAction } from './types/content-type-parser'
 export { FastifyError } from 'fastify-error'
 export { FastifySchema, FastifySchemaCompiler } from './types/schema'
 export { HTTPMethods, RawServerBase, RawRequestDefaultExpression, RawReplyDefaultExpression, RawServerDefault, ContextConfigDefault, RequestBodyDefault, RequestQuerystringDefault, RequestParamsDefault, RequestHeadersDefault } from './types/utils'

package/fastify.js

@@ -540,7 +540,7 @@ function fastify (options) {
 
     // Most devs do not know what to do with this error.
     // In the vast majority of cases, it's a network error and/or some
-    // config issue on the the load balancer side.
+    // config issue on the load balancer side.
     this.log.trace({ err }, 'client error')
 
     // If the socket is not writable, there is no reason to try to send data.

package/lib/reply.js

@@ -539,19 +539,30 @@ function handleError (reply, error, cb) {
     return
   }
 
-  const serializerFn = getSchemaSerializer(reply.context, statusCode)
-  const payload = (serializerFn === false)
-    ? serializeError({
-        error: statusCodes[statusCode + ''],
-        code: error.code,
-        message: error.message || '',
-        statusCode: statusCode
-      })
-    : serializerFn(Object.create(error, {
-      error: { value: statusCodes[statusCode + ''] },
-      message: { value: error.message || '' },
-      statusCode: { value: statusCode }
-    }))
+  let payload
+  try {
+    const serializerFn = getSchemaSerializer(reply.context, statusCode)
+    payload = (serializerFn === false)
+      ? serializeError({
+          error: statusCodes[statusCode + ''],
+          code: error.code,
+          message: error.message || '',
+          statusCode: statusCode
+        })
+      : serializerFn(Object.create(error, {
+        error: { value: statusCodes[statusCode + ''] },
+        message: { value: error.message || '' },
+        statusCode: { value: statusCode }
+      }))
+  } catch (err) {
+    reply.log.error({ err, statusCode: res.statusCode }, 'The serializer for the given status code failed')
+    res.statusCode = 500
+    payload = serializeError({
+      error: statusCodes['500'],
+      message: err.message || '',
+      statusCode: 500
+    })
+  }
 
   flatstr(payload)
   reply[kReplyHeaders]['content-type'] = CONTENT_TYPE.JSON

package/lib/route.js

@@ -298,7 +298,7 @@ function buildRouting (options) {
           context.schema = normalizeSchema(context.schema)
 
           const schemaController = this[kSchemaController]
-          if (!opts.validatorCompiler) {
+          if (!opts.validatorCompiler && (opts.schema.body || opts.schema.headers || opts.schema.querystring || opts.schema.params)) {
             schemaController.setupValidator(this[kOptions])
           }
           try {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "fastify",
-  "version": "3.14.0",
+  "version": "3.14.1",
   "description": "Fast and low overhead web framework, for Node.js",
   "main": "fastify.js",
   "type": "commonjs",
@@ -177,7 +177,7 @@
     "abstract-logging": "^2.0.0",
     "ajv": "^6.12.2",
     "avvio": "^7.1.2",
-    "fast-json-stringify": "^2.5.0",
+    "fast-json-stringify": "^2.5.2",
     "fastify-error": "^0.3.0",
     "fastify-warning": "^0.2.0",
     "find-my-way": "^4.0.0",

package/test/hooks-async.test.js

@@ -318,6 +318,52 @@ test('preValidation hooks should be able to block a request', t => {
   })
 })
 
+test('preValidation hooks should be able to change request body before validation', t => {
+  t.plan(4)
+  const fastify = Fastify()
+
+  fastify.addHook('preValidation', async (req, _reply) => {
+    const buff = Buffer.from(req.body.message, 'base64')
+    req.body = JSON.parse(buff.toString('utf-8'))
+  })
+
+  fastify.post(
+    '/',
+    {
+      schema: {
+        body: {
+          type: 'object',
+          properties: {
+            foo: {
+              type: 'string'
+            },
+            bar: {
+              type: 'number'
+            }
+          },
+          required: ['foo', 'bar']
+        }
+      }
+    },
+    (req, reply) => {
+      t.pass()
+      reply.status(200).send('hello')
+    }
+  )
+
+  fastify.inject({
+    url: '/',
+    method: 'POST',
+    payload: {
+      message: Buffer.from(JSON.stringify({ foo: 'example', bar: 1 })).toString('base64')
+    }
+  }, (err, res) => {
+    t.error(err)
+    t.is(res.statusCode, 200)
+    t.is(res.payload, 'hello')
+  })
+})
+
 test('preSerialization hooks should be able to modify the payload', t => {
   t.plan(3)
   const fastify = Fastify()

package/test/hooks.test.js

@@ -1437,6 +1437,53 @@ test('preValidation hooks should be able to block a request', t => {
   })
 })
 
+test('preValidation hooks should be able to change request body before validation', t => {
+  t.plan(4)
+  const fastify = Fastify()
+
+  fastify.addHook('preValidation', (req, _reply, done) => {
+    const buff = Buffer.from(req.body.message, 'base64')
+    req.body = JSON.parse(buff.toString('utf-8'))
+    done()
+  })
+
+  fastify.post(
+    '/',
+    {
+      schema: {
+        body: {
+          type: 'object',
+          properties: {
+            foo: {
+              type: 'string'
+            },
+            bar: {
+              type: 'number'
+            }
+          },
+          required: ['foo', 'bar']
+        }
+      }
+    },
+    (req, reply) => {
+      t.pass()
+      reply.status(200).send('hello')
+    }
+  )
+
+  fastify.inject({
+    url: '/',
+    method: 'POST',
+    payload: {
+      message: Buffer.from(JSON.stringify({ foo: 'example', bar: 1 })).toString('base64')
+    }
+  }, (err, res) => {
+    t.error(err)
+    t.is(res.statusCode, 200)
+    t.is(res.payload, 'hello')
+  })
+})
+
 test('preParsing hooks should be able to block a request', t => {
   t.plan(5)
   const fastify = Fastify()

package/test/schema-serialization.test.js

@@ -498,3 +498,45 @@ test('The schema changes the default error handler output', async t => {
   t.equals(res.statusCode, 500)
   t.deepEquals(res.json(), { error: 'Internal Server Error', message: '500 message', customId: 42 })
 })
+
+test('do not crash if status code serializer errors', async t => {
+  const fastify = Fastify()
+
+  const requiresFoo = {
+    properties: { foo: { type: 'string' } },
+    required: ['foo']
+  }
+
+  const someUserErrorType2 = {
+    properties: {
+      code: { type: 'number' }
+    },
+    required: ['code']
+  }
+
+  fastify.get(
+    '/',
+    {
+      schema: {
+        query: requiresFoo,
+        response: { 400: someUserErrorType2 }
+      }
+    },
+    (request, reply) => {
+      t.fail('handler, should not be called')
+    }
+  )
+
+  const res = await fastify.inject({
+    path: '/',
+    query: {
+      notfoo: true
+    }
+  })
+  t.equals(res.statusCode, 500)
+  t.deepEquals(res.json(), {
+    statusCode: 500,
+    error: 'Internal Server Error',
+    message: '"code" is required!'
+  })
+})

package/test/schema-special-usage.test.js

@@ -2,6 +2,7 @@
 
 const { test } = require('tap')
 const AJV = require('ajv')
+const S = require('fluent-json-schema')
 const Fastify = require('..')
 const ajvMergePatch = require('ajv-merge-patch')
 
@@ -403,3 +404,54 @@ test('side effect on schema let the server crash', async t => {
 
   await fastify.ready()
 })
+
+test('only response schema trigger AJV pollution', async t => {
+  const ShowSchema = S.object().id('ShowSchema').prop('name', S.string())
+  const ListSchema = S.array().id('ListSchema').items(S.ref('ShowSchema#'))
+
+  const fastify = Fastify()
+  fastify.addSchema(ListSchema)
+  fastify.addSchema(ShowSchema)
+
+  const routeResponseSchemas = {
+    schema: { response: { 200: S.ref('ListSchema#') } }
+  }
+
+  fastify.register(
+    async (app) => { app.get('/resource/', routeResponseSchemas, () => ({})) },
+    { prefix: '/prefix1' }
+  )
+  fastify.register(
+    async (app) => { app.get('/resource/', routeResponseSchemas, () => ({})) },
+    { prefix: '/prefix2' }
+  )
+
+  await fastify.ready()
+})
+
+test('only response schema trigger AJV pollution #2', async t => {
+  const ShowSchema = S.object().id('ShowSchema').prop('name', S.string())
+  const ListSchema = S.array().id('ListSchema').items(S.ref('ShowSchema#'))
+
+  const fastify = Fastify()
+  fastify.addSchema(ListSchema)
+  fastify.addSchema(ShowSchema)
+
+  const routeResponseSchemas = {
+    schema: {
+      params: S.ref('ListSchema#'),
+      response: { 200: S.ref('ListSchema#') }
+    }
+  }
+
+  fastify.register(
+    async (app) => { app.get('/resource/', routeResponseSchemas, () => ({})) },
+    { prefix: '/prefix1' }
+  )
+  fastify.register(
+    async (app) => { app.get('/resource/', routeResponseSchemas, () => ({})) },
+    { prefix: '/prefix2' }
+  )
+
+  await fastify.ready()
+})

package/test/types/content-type-parser.test-d.ts

@@ -1,5 +1,5 @@
-import fastify from '../../fastify'
-import { expectType } from 'tsd'
+import fastify, { FastifyContentTypeParser } from '../../fastify'
+import { expectError, expectType } from 'tsd'
 import { IncomingMessage } from 'http'
 import { FastifyRequest } from '../../types/request'
 
@@ -56,3 +56,9 @@ expectType<void>(fastify().addContentTypeParser<Buffer>('bodyContentType', { par
   expectType<Buffer>(body)
   return null
 }))
+
+expectType<FastifyContentTypeParser>(fastify().getDefaultJsonParser('error', 'ignore'))
+
+expectError(fastify().getDefaultJsonParser('error', 'skip'))
+
+expectError(fastify().getDefaultJsonParser('nothing', 'ignore'))

package/test/types/instance.test-d.ts

@@ -1,5 +1,8 @@
-import fastify, { FastifyError, FastifyInstance, ValidationResult } from '../../fastify'
+import fastify, { FastifyContentTypeParser, FastifyError, FastifyInstance, ValidationResult } from '../../fastify'
 import { expectAssignable, expectError, expectType } from 'tsd'
+import { FastifyRequest } from '../../types/request'
+import { FastifyReply } from '../../types/reply'
+import { HookHandlerDoneFunction } from '../../types/hooks'
 
 const server = fastify()
 
@@ -38,6 +41,19 @@ server.setErrorHandler(fastifyErrorHandler)
 function nodeJSErrorHandler (error: NodeJS.ErrnoException) {}
 server.setErrorHandler(nodeJSErrorHandler)
 
+function notFoundHandler (request: FastifyRequest, reply: FastifyReply) {}
+function notFoundpreHandlerHandler (request: FastifyRequest, reply: FastifyReply, done: HookHandlerDoneFunction) { done() }
+async function notFoundpreHandlerAsyncHandler (request: FastifyRequest, reply: FastifyReply) {}
+function notFoundpreValidationHandler (request: FastifyRequest, reply: FastifyReply, done: HookHandlerDoneFunction) { done() }
+async function notFoundpreValidationAsyncHandler (request: FastifyRequest, reply: FastifyReply) {}
+
+server.setNotFoundHandler(notFoundHandler)
+server.setNotFoundHandler({ preHandler: notFoundpreHandlerHandler }, notFoundHandler)
+server.setNotFoundHandler({ preHandler: notFoundpreHandlerAsyncHandler }, notFoundHandler)
+server.setNotFoundHandler({ preValidation: notFoundpreValidationHandler }, notFoundHandler)
+server.setNotFoundHandler({ preValidation: notFoundpreValidationAsyncHandler }, notFoundHandler)
+server.setNotFoundHandler({ preHandler: notFoundpreHandlerHandler, preValidation: notFoundpreValidationHandler }, notFoundHandler)
+
 function invalidErrorHandler (error: number) {}
 expectError(server.setErrorHandler(invalidErrorHandler))
 
@@ -106,3 +122,7 @@ type InitialConfig = Readonly<{
 }>
 
 expectType<InitialConfig>(fastify().initialConfig)
+
+expectType<FastifyContentTypeParser>(server.defaultTextParser)
+
+expectType<FastifyContentTypeParser>(server.getDefaultJsonParser('ignore', 'error'))

package/types/content-type-parser.d.ts

@@ -54,3 +54,9 @@ export interface AddContentTypeParser<
  * Checks for a type parser of a content type
  */
 export type hasContentTypeParser = (contentType: string | RegExp) => boolean
+
+export type ProtoAction = 'error' | 'remove' | 'ignore'
+
+export type ConstructorAction = 'error' | 'remove' | 'ignore'
+
+export type getDefaultJsonParser = (onProtoPoisoning: ProtoAction, onConstructorPoisoning: ConstructorAction) => FastifyContentTypeParser

package/types/instance.d.ts

@@ -8,7 +8,14 @@ import { onRequestHookHandler, preParsingHookHandler, onSendHookHandler, preVali
 import { FastifyRequest } from './request'
 import { FastifyReply } from './reply'
 import { FastifyError } from 'fastify-error'
-import { AddContentTypeParser, hasContentTypeParser } from './content-type-parser'
+import {
+  AddContentTypeParser,
+  hasContentTypeParser,
+  getDefaultJsonParser,
+  FastifyContentTypeParser,
+  ProtoAction,
+  ConstructorAction
+} from './content-type-parser'
 
 /**
  * Fastify server instance. Returned by the core `fastify()` method.
@@ -312,10 +319,18 @@ export interface FastifyInstance<
   /**
    * Set the 404 handler
    */
-  setNotFoundHandler<RouteGeneric extends RouteGenericInterface = RouteGenericInterface>(
+  setNotFoundHandler<RouteGeneric extends RouteGenericInterface = RouteGenericInterface> (
     handler: (request: FastifyRequest<RouteGeneric, RawServer, RawRequest>, reply: FastifyReply<RawServer, RawRequest, RawReply, RouteGeneric>) => void
   ): FastifyInstance<RawServer, RawRequest, RawReply, Logger>;
 
+  setNotFoundHandler<RouteGeneric extends RouteGenericInterface = RouteGenericInterface, ContextConfig extends ContextConfigDefault = ContextConfigDefault> (
+    opts: {
+      preValidation?: preValidationHookHandler<RawServer, RawRequest, RawReply, RouteGeneric, ContextConfig> | preValidationHookHandler<RawServer, RawRequest, RawReply, RouteGeneric, ContextConfig>[];
+      preHandler?: preHandlerHookHandler<RawServer, RawRequest, RawReply, RouteGeneric, ContextConfig> | preHandlerHookHandler<RawServer, RawRequest, RawReply, RouteGeneric, ContextConfig>[];
+    },
+    handler: (request: FastifyRequest<RouteGeneric, RawServer, RawRequest>, reply: FastifyReply<RawServer, RawRequest, RawReply, RouteGeneric>) => void
+  ): FastifyInstance<RawServer, RawRequest, RawReply, Logger>
+
   /**
    * Fastify default error handler
    */
@@ -352,6 +367,14 @@ export interface FastifyInstance<
    */
   addContentTypeParser: AddContentTypeParser<RawServer, RawRequest>;
   hasContentTypeParser: hasContentTypeParser;
+  /**
+   * Fastify default JSON parser
+   */
+  getDefaultJsonParser: getDefaultJsonParser;
+  /**
+   * Fastify default plain text parser
+   */
+  defaultTextParser: FastifyContentTypeParser;
 
   /**
    * Prints the representation of the internal radix tree used by the router
@@ -376,8 +399,8 @@ export interface FastifyInstance<
     ignoreTrailingSlash?: boolean,
     disableRequestLogging?: boolean,
     maxParamLength?: number,
-    onProtoPoisoning?: 'error' | 'remove' | 'ignore',
-    onConstructorPoisoning?: 'error' | 'remove' | 'ignore',
+    onProtoPoisoning?: ProtoAction,
+    onConstructorPoisoning?: ConstructorAction,
     pluginTimeout?: number,
     requestIdHeader?: string,
     requestIdLogLabel?: string,