fastify 3.27.0 → 3.27.1

package/docs/Guides/Prototype-Poisoning.md

@@ -117,7 +117,7 @@ an `id` ), and then pass it to our validation library, anything passed through
 via `__proto__` would sneak in undetected.
 
 ### Oh joi!
-<a id="pp-oh-joi">
+<a id="pp-oh-joi"></a>
 
 The first question is, of course, why does the validation module **joi** ignore
 the prototype and let potentially harmful data through? We asked ourselves the
@@ -383,9 +383,9 @@ Because this work is important, I decided to try and make it not just
 financially sustainable but to grow and expand it. There is so much to improve.
 This is exactly what motivates me to implement the new [commercial licensing
 plan](https://web.archive.org/web/20190201220503/https://hueniverse.com/on-hapi-licensing-a-preview-f982662ee898)
-coming in March. You can ready more about it
+coming in March. You can read more about it
 [here](https://web.archive.org/web/20190201220503/https://hueniverse.com/on-hapi-licensing-a-preview-f982662ee898).
 
 Of all the time consuming things, security is at the very top. I hope this story
-successful conveyed not just the technical details, but also the human drama and
+successfully conveyed not just the technical details, but also the human drama and
 what it takes to keep the web secure.

package/docs/Reference/Server.md

@@ -13,7 +13,7 @@ describes the properties available in that options object.
   - [`https`](#https)
   - [`connectionTimeout`](#connectiontimeout)
   - [`keepAliveTimeout`](#keepalivetimeout)
-  - [`forceCloseConnections](#forcecloseconnections)
+  - [`forceCloseConnections`](#forcecloseconnections)
   - [`maxRequestsPerSocket`](#maxrequestspersocket)
   - [`requestTimeout`](#requesttimeout)
   - [`ignoreTrailingSlash`](#ignoretrailingslash)

package/fastify.d.ts

@@ -98,6 +98,7 @@ export type FastifyServerOptions<
   connectionTimeout?: number,
   keepAliveTimeout?: number,
   maxRequestsPerSocket?: number,
+  forceCloseConnections?: boolean,
   requestTimeout?: number,
   pluginTimeout?: number,
   bodyLimit?: number,

package/fastify.js

@@ -1,6 +1,6 @@
 'use strict'
 
-const VERSION = '3.27.0'
+const VERSION = '3.27.1'
 
 const Avvio = require('avvio')
 const http = require('http')

package/lib/errors.js

@@ -210,6 +210,11 @@ const codes = {
     500,
     TypeError
   ),
+  FST_ERR_INVALID_URL: createError(
+    'FST_ERR_INVALID_URL',
+    "URL must be a string. Received '%s'",
+    400
+  ),
 
   /**
    *  again listen when close server

package/lib/reply.js

@@ -365,12 +365,18 @@ function preserializeHookEnd (err, request, reply, payload) {
     return
   }
 
-  if (reply[kReplySerializer] !== null) {
-    payload = reply[kReplySerializer](payload)
-  } else if (reply.context && reply.context[kReplySerializerDefault]) {
-    payload = reply.context[kReplySerializerDefault](payload, reply.raw.statusCode)
-  } else {
-    payload = serialize(reply.context, payload, reply.raw.statusCode)
+  try {
+    if (reply[kReplySerializer] !== null) {
+      payload = reply[kReplySerializer](payload)
+    } else if (reply.context && reply.context[kReplySerializerDefault]) {
+      payload = reply.context[kReplySerializerDefault](payload, reply.raw.statusCode)
+    } else {
+      payload = serialize(reply.context, payload, reply.raw.statusCode)
+    }
+  } catch (e) {
+    wrapSeralizationError(e, reply)
+    onErrorHook(reply, e)
+    return
   }
 
   flatstr(payload)
@@ -378,6 +384,10 @@ function preserializeHookEnd (err, request, reply, payload) {
   onSendHook(reply, payload)
 }
 
+function wrapSeralizationError (error, reply) {
+  error.serialization = reply.context.config
+}
+
 function onSendHook (reply, payload) {
   if (reply.context.onSend !== null) {
     reply[kReplySent] = true

package/lib/route.js

@@ -18,7 +18,8 @@ const {
 const {
   FST_ERR_SCH_VALIDATION_BUILD,
   FST_ERR_SCH_SERIALIZATION_BUILD,
-  FST_ERR_DEFAULT_ROUTE_INVALID_TYPE
+  FST_ERR_DEFAULT_ROUTE_INVALID_TYPE,
+  FST_ERR_INVALID_URL
 } = require('./errors')
 
 const {
@@ -99,6 +100,10 @@ function buildRouting (options) {
 
   // Convert shorthand to extended route declaration
   function prepareRoute (method, url, options, handler) {
+    if (typeof url !== 'string') {
+      throw new FST_ERR_INVALID_URL(typeof url)
+    }
+
     if (!handler && typeof options === 'function') {
       handler = options // for support over direct function calls such as fastify.get() options are reused as the handler
       options = {}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "fastify",
-  "version": "3.27.0",
+  "version": "3.27.1",
   "description": "Fast and low overhead web framework, for Node.js",
   "main": "fastify.js",
   "type": "commonjs",

package/test/route.test.js

@@ -8,6 +8,7 @@ const sget = require('simple-get').concat
 const joi = require('@hapi/joi')
 const Fastify = require('..')
 const proxyquire = require('proxyquire')
+const { FST_ERR_INVALID_URL } = require('../lib/errors')
 
 test('route', t => {
   t.plan(9)
@@ -1268,3 +1269,14 @@ test('Correct error message is produced if "path" option is used', t => {
     })
   }, new Error('Error Handler for POST:/test route, if defined, must be a function'))
 })
+
+test('invalid url attribute - non string URL', t => {
+  t.plan(1)
+  const fastify = Fastify()
+
+  try {
+    fastify.get(/^\/(donations|skills|blogs)/, () => {})
+  } catch (error) {
+    t.equal(error.code, FST_ERR_INVALID_URL().code)
+  }
+})

package/test/schema-serialization.test.js

@@ -670,3 +670,44 @@ test('error in custom schema serialize compiler, throw FST_ERR_SCH_SERIALIZATION
     t.equal(err.code, 'FST_ERR_SCH_SERIALIZATION_BUILD')
   })
 })
+
+test('Errors in searilizer sended to errorHandler', async t => {
+  let savedError
+
+  const fastify = Fastify()
+  fastify.get('/', {
+    schema: {
+      response: {
+        200: {
+          type: 'object',
+          properties: {
+            name: { type: 'string' },
+            power: { type: 'string' }
+          },
+          required: ['name']
+        }
+      }
+    }
+
+  }, function (req, reply) {
+    reply.code(200).send({ no: 'thing' })
+  })
+  fastify.setErrorHandler((error, request, reply) => {
+    savedError = error
+    reply.code(500).send(error)
+  })
+
+  const res = await fastify.inject('/')
+
+  t.equal(res.statusCode, 500)
+
+  // t.same(savedError, new Error('"name" is required!'));
+  t.same(res.json(), {
+    statusCode: 500,
+    error: 'Internal Server Error',
+    message: '"name" is required!'
+  })
+  t.ok(savedError, 'error presents')
+  t.ok(savedError.serialization, 'Serialization sign presents')
+  t.end()
+})

package/test/types/fastify.test-d.ts

@@ -57,6 +57,7 @@ fastify({ http2: true, https: {} }).inject({}, lightMyRequestCallback)
 expectAssignable<FastifyInstance<http2.Http2Server, http2.Http2ServerRequest, http2.Http2ServerResponse>>(fastify({ http2: true }))
 expectAssignable<FastifyInstance>(fastify({ ignoreTrailingSlash: true }))
 expectAssignable<FastifyInstance>(fastify({ connectionTimeout: 1000 }))
+expectAssignable<FastifyInstance>(fastify({ forceCloseConnections: true }))
 expectAssignable<FastifyInstance>(fastify({ keepAliveTimeout: 1000 }))
 expectAssignable<FastifyInstance>(fastify({ pluginTimeout: 1000 }))
 expectAssignable<FastifyInstance>(fastify({ bodyLimit: 100 }))

package/test/types/instance.test-d.ts

@@ -10,6 +10,7 @@ import { expectAssignable, expectError, expectType } from 'tsd'
 import { FastifyRequest } from '../../types/request'
 import { FastifyReply } from '../../types/reply'
 import { HookHandlerDoneFunction } from '../../types/hooks'
+import { FastifySchemaControllerOptions } from '../../types/schema'
 
 const server = fastify()
 
@@ -112,6 +113,29 @@ server.setNotFoundHandler({ preHandler: notFoundpreHandlerHandler, preValidation
 function invalidErrorHandler (error: number) {}
 expectError(server.setErrorHandler(invalidErrorHandler))
 
+server.setSchemaController({
+  bucket: (parentSchemas: unknown) => {
+    return {
+      addSchema (schema: unknown) {
+        expectType<unknown>(schema)
+        expectType<FastifyInstance>(server.addSchema({ type: 'null' }))
+        return server.addSchema({ type: 'null' })
+      },
+      getSchema (schemaId: string) {
+        expectType<string>(schemaId)
+        return server.getSchema('SchemaId')
+      },
+      getSchemas () {
+        expectType<Record<string, unknown>>(server.getSchemas())
+        return server.getSchemas()
+      }
+    }
+  }
+})
+
+function invalidSchemaController (schemaControllerOptions: FastifySchemaControllerOptions) {}
+expectError(server.setSchemaController(invalidSchemaController))
+
 server.setReplySerializer(function (payload, statusCode) {
   expectType<unknown>(payload)
   expectType<number>(statusCode)
@@ -171,6 +195,7 @@ type InitialConfig = Readonly<{
   keepAliveTimeout?: number,
   bodyLimit?: number,
   caseSensitive?: boolean,
+  forceCloseConnections?: boolean,
   http2?: boolean,
   https?: boolean | Readonly<{ allowHTTP1: boolean }>,
   ignoreTrailingSlash?: boolean,

package/types/instance.d.ts

@@ -1,6 +1,12 @@
 import { Chain as LightMyRequestChain, InjectOptions, Response as LightMyRequestResponse, CallbackFunc as LightMyRequestCallback } from 'light-my-request'
 import { RouteOptions, RouteShorthandMethod, RouteGenericInterface, DefaultRoute } from './route'
-import { FastifySchema, FastifySchemaCompiler, FastifySchemaValidationError, FastifySerializerCompiler } from './schema'
+import {
+  FastifySchema,
+  FastifySchemaCompiler,
+  FastifySchemaValidationError,
+  FastifySerializerCompiler,
+  FastifySchemaControllerOptions
+} from './schema'
 import { RawServerBase, RawRequestDefaultExpression, RawServerDefault, RawReplyDefaultExpression, ContextConfigDefault } from './utils'
 import { FastifyLoggerInstance } from './logger'
 import { FastifyRegister } from './register'
@@ -380,6 +386,11 @@ export interface FastifyInstance<
    */
   setSerializerCompiler<T = FastifySchema>(schemaCompiler: FastifySerializerCompiler<T>): FastifyInstance<RawServer, RawRequest, RawReply, Logger>;
 
+  /**
+   * Set the schema controller for all routes.
+   */
+  setSchemaController(schemaControllerOpts: FastifySchemaControllerOptions): FastifyInstance<RawServer, RawRequest, RawReply, Logger>;
+
   /**
   * Set the reply serializer for all routes.
   */
@@ -427,6 +438,7 @@ export interface FastifyInstance<
   initialConfig: Readonly<{
     connectionTimeout?: number,
     keepAliveTimeout?: number,
+    forceCloseConnections?: boolean,
     bodyLimit?: number,
     caseSensitive?: boolean,
     http2?: boolean,

package/types/schema.d.ts

@@ -1,3 +1,5 @@
+import { ValidatorCompiler } from '@fastify/ajv-compiler'
+import { FastifyInstance, FastifyServerOptions } from '../fastify'
 /**
  * Schemas in Fastify follow the JSON-Schema standard. For this reason
  * we have opted to not ship strict schema based types. Instead we provide
@@ -36,3 +38,15 @@ export interface FastifyValidationResult {
 export type FastifySchemaCompiler<T> = (routeSchema: FastifyRouteSchemaDef<T>) => FastifyValidationResult
 
 export type FastifySerializerCompiler<T> = (routeSchema: FastifyRouteSchemaDef<T>) => (data: any) => string
+
+export interface FastifySchemaControllerOptions{
+  bucket?: (parentSchemas?: unknown) => {
+    addSchema(schema: unknown): FastifyInstance;
+    getSchema(schemaId: string): unknown;
+    getSchemas(): Record<string, unknown>;
+  };
+  compilersFactory?: {
+    buildValidator?: ValidatorCompiler;
+    buildSerializer?: (externalSchemas: unknown, serializerOptsServerOption: FastifyServerOptions['serializerOpts']) => FastifySerializerCompiler<unknown>;
+  };
+}