fastify 4.0.0-rc.5 → 4.0.2

package/docs/Reference/Validation-and-Serialization.md

@@ -6,10 +6,12 @@ recommend using [JSON Schema](https://json-schema.org/) to validate your routes
 and serialize your outputs. Internally, Fastify compiles the schema into a
 highly performant function.
 
-Validation will only be attempted if the content type is `application-json`,
-as described in the documentation for the [content type parser](./ContentTypeParser.md).
+Validation will only be attempted if the content type is `application-json`, as
+described in the documentation for the [content type
+parser](./ContentTypeParser.md).
 
-All the examples in this section are using the [JSON Schema Draft 7](https://json-schema.org/specification-links.html#draft-7) specification.
+All the examples in this section are using the [JSON Schema Draft
+7](https://json-schema.org/specification-links.html#draft-7) specification.
 
 > ## ⚠  Security Notice
 > Treat the schema definition as application code. Validation and serialization
@@ -147,10 +149,9 @@ fastify.register((instance, opts, done) => {
 
 
 ### Validation
-The route validation internally relies upon
-[Ajv v8](https://www.npmjs.com/package/ajv) which is a high-performance
-JSON Schema validator.
-Validating the input is very easy: just add the fields that you need
+The route validation internally relies upon [Ajv
+v8](https://www.npmjs.com/package/ajv) which is a high-performance JSON Schema
+validator. Validating the input is very easy: just add the fields that you need
 inside the route schema, and you are done!
 
 The supported validations are:
@@ -233,13 +234,12 @@ const schema = {
 fastify.post('/the/url', { schema }, handler)
 ```
 
-*Note that Ajv will try to [coerce](https://ajv.js.org/coercion.html) the values to
-the types specified in your schema `type` keywords, both to pass the validation
-and to use the correctly typed data afterwards.*
+*Note that Ajv will try to [coerce](https://ajv.js.org/coercion.html) the values
+to the types specified in your schema `type` keywords, both to pass the
+validation and to use the correctly typed data afterwards.*
 
-The Ajv default configuration in Fastify supports coercing array
-parameters in `querystring`.
-Example:
+The Ajv default configuration in Fastify supports coercing array parameters in
+`querystring`. Example:
 
 ```js
 const opts = {
@@ -318,8 +318,9 @@ For further information see [here](https://ajv.js.org/coercion.html)
 #### Ajv Plugins
 <a id="ajv-plugins"></a>
 
-You can provide a list of plugins you want to use with the default `ajv` instance.
-Note that the plugin must be **compatible with the Ajv version shipped within Fastify**.
+You can provide a list of plugins you want to use with the default `ajv`
+instance. Note that the plugin must be **compatible with the Ajv version shipped
+within Fastify**.
 
 > Refer to [`ajv options`](./Server.md#ajv) to check plugins format
 
@@ -388,7 +389,8 @@ body, URL  parameters, headers, and query string. The default
 [ajv](https://ajv.js.org/) validation interface. Fastify uses it internally to
 speed the validation up.
 
-Fastify's [baseline ajv configuration](https://github.com/fastify/ajv-compiler#ajv-configuration) is:
+Fastify's [baseline ajv
+configuration](https://github.com/fastify/ajv-compiler#ajv-configuration) is:
 
 ```js
 {
@@ -469,7 +471,8 @@ fastify.post('/the/url', {
   },
   validatorCompiler: ({ schema, method, url, httpPart }) => {
     return function (data) {
-      // with option strict = false, yup `validateSync` function returns the coerced value if validation was successful, or throws if validation failed
+      // with option strict = false, yup `validateSync` function returns the
+      // coerced value if validation was successful, or throws if validation failed
       try {
         const result = schema.validateSync(data, yupOptions)
         return { value: result }
@@ -487,15 +490,15 @@ fastify.post('/the/url', {
 Fastify's validation error messages are tightly coupled to the default
 validation engine: errors returned from `ajv` are eventually run through the
 `schemaErrorFormatter` function which is responsible for building human-friendly
-error messages. However, the `schemaErrorFormatter` function is written with `ajv`
-in mind. As a result, you may run into odd or incomplete error messages when
-using other validation libraries.
+error messages. However, the `schemaErrorFormatter` function is written with
+`ajv` in mind. As a result, you may run into odd or incomplete error messages
+when using other validation libraries.
 
 To circumvent this issue, you have 2 main options :
 
 1. make sure your validation function (returned by your custom `schemaCompiler`)
-   returns errors in the same structure and format as `ajv` (although this
-   could prove to be difficult and tricky due to differences between validation
+   returns errors in the same structure and format as `ajv` (although this could
+   prove to be difficult and tricky due to differences between validation
    engines)
 2. or use a custom `errorHandler` to intercept and format your 'custom'
    validation errors
@@ -503,8 +506,8 @@ To circumvent this issue, you have 2 main options :
 To help you in writing a custom `errorHandler`, Fastify adds 2 properties to all
 validation errors:
 
-* `validation`: the content of the `error` property of the object returned by the
-  validation function (returned by your custom `schemaCompiler`)
+* `validation`: the content of the `error` property of the object returned by
+  the validation function (returned by your custom `schemaCompiler`)
 * `validationContext`: the 'context' (body, params, query, headers) where the
   validation error occurred
 
@@ -567,10 +570,20 @@ fastify.post('/the/url', { schema }, handler)
 ```
 
 As you can see, the response schema is based on the status code. If you want to
-use the same schema for multiple status codes, you can use `'2xx'`, for example:
+use the same schema for multiple status codes, you can use `'2xx'` or `default`,
+for example:
 ```js
 const schema = {
   response: {
+    default: {
+      type: 'object',
+      properties: {
+        error: {
+          type: 'boolean',
+          default: true
+        }
+      }
+    },
     '2xx': {
       type: 'object',
       properties: {
@@ -689,9 +702,8 @@ fastify.setSchemaErrorFormatter(function (errors, dataVar) {
 })
 ```
 
-You can also use
-[setErrorHandler](./Server.md#seterrorhandler) to
-define a custom response for validation errors such as
+You can also use [setErrorHandler](./Server.md#seterrorhandler) to define a
+custom response for validation errors such as
 
 ```js
 fastify.setErrorHandler(function (error, request, reply) {
@@ -701,9 +713,9 @@ fastify.setErrorHandler(function (error, request, reply) {
 })
 ```
 
-If you want a custom error response in the schema without headaches, and quickly, take a
-look at [`ajv-errors`](https://github.com/epoberezkin/ajv-errors).
-Check out the
+If you want a custom error response in the schema without headaches, and
+quickly, take a look at
+[`ajv-errors`](https://github.com/epoberezkin/ajv-errors). Check out the
 [example](https://github.com/fastify/example/blob/HEAD/validation-messages/custom-errors-messages.js)
 usage.
 > Make sure to install version 1.0.1 of `ajv-errors`, because later versions of
@@ -719,7 +731,8 @@ const fastify = Fastify({
   ajv: {
     customOptions: {
       jsonPointers: true,
-      allErrors: true // Warning: Enabling this option may lead to this security issue https://www.cvedetails.com/cve/CVE-2020-8192/
+      // Warning: Enabling this option may lead to this security issue https://www.cvedetails.com/cve/CVE-2020-8192/
+      allErrors: true
     },
     plugins: [
       require('ajv-errors')
@@ -797,9 +810,8 @@ fastify.setErrorHandler(function (error, request, reply) {
 
 ### JSON Schema support
 
-JSON Schema provides utilities to optimize your schemas that,
-in conjunction with Fastify's shared schema, let you reuse all your schemas
-easily.
+JSON Schema provides utilities to optimize your schemas that, in conjunction
+with Fastify's shared schema, let you reuse all your schemas easily.
 
 | Use Case                          | Validator | Serializer |
 |-----------------------------------|-----------|------------|

package/fastify.js

@@ -1,6 +1,6 @@
 'use strict'
 
-const VERSION = '4.0.0-rc.5'
+const VERSION = '4.0.2'
 
 const Avvio = require('avvio')
 const http = require('http')

package/lib/error-serializer.js

@@ -1,195 +1,23 @@
 // This file is autogenerated by build/build-error-serializer.js, do not edit
 /* istanbul ignore file */
-module.exports = $main
-    'use strict'
-  
-    
-function $pad2Zeros (num) {
-  const s = '00' + num
-  return s[s.length - 2] + s[s.length - 1]
-}
-
-function $asAny (i) {
-  return JSON.stringify(i)
-}
-
-function $asNull () {
-  return 'null'
-}
-
-function $asInteger (i) {
-  if (typeof i === 'bigint') {
-    return i.toString()
-  } else if (Number.isInteger(i)) {
-    return $asNumber(i)
-  } else {
-    /* eslint no-undef: "off" */
-    return $asNumber(parseInteger(i))
-  }
-}
-
-function $asIntegerNullable (i) {
-  return i === null ? null : $asInteger(i)
-}
-
-function $asNumber (i) {
-  const num = Number(i)
-  if (isNaN(num)) {
-    return 'null'
-  } else {
-    return '' + num
-  }
-}
-
-function $asNumberNullable (i) {
-  return i === null ? null : $asNumber(i)
-}
-
-function $asBoolean (bool) {
-  return bool && 'true' || 'false' // eslint-disable-line
-}
 
-function $asBooleanNullable (bool) {
-  return bool === null ? null : $asBoolean(bool)
-}
+'use strict'
 
-function $asDatetime (date, skipQuotes) {
-  const quotes = skipQuotes === true ? '' : '"'
-  if (date instanceof Date) {
-    return quotes + date.toISOString() + quotes
-  } else if (date && typeof date.toISOString === 'function') {
-    return quotes + date.toISOString() + quotes
-  } else {
-    return $asString(date, skipQuotes)
-  }
-}
+const Serializer = require('fast-json-stringify/serializer')
+const buildAjv = require('fast-json-stringify/ajv')
 
-function $asDate (date, skipQuotes) {
-  const quotes = skipQuotes === true ? '' : '"'
-  if (date instanceof Date) {
-    return quotes + new Date(date.getTime() - (date.getTimezoneOffset() * 60000 )).toISOString().slice(0, 10) + quotes
-  } else if (date && typeof date.format === 'function') {
-    return quotes + date.format('YYYY-MM-DD') + quotes
-  } else {
-    return $asString(date, skipQuotes)
-  }
-}
-
-function $asTime (date, skipQuotes) {
-  const quotes = skipQuotes === true ? '' : '"'
-  if (date instanceof Date) {
-    const hour = new Intl.DateTimeFormat('en', { hour: 'numeric', hour12: false }).format(date)
-    const minute = new Intl.DateTimeFormat('en', { minute: 'numeric' }).format(date)
-    const second = new Intl.DateTimeFormat('en', { second: 'numeric' }).format(date)
-    return quotes + $pad2Zeros(hour) + ':' + $pad2Zeros(minute) + ':' + $pad2Zeros(second) + quotes
-  } else if (date && typeof date.format === 'function') {
-    return quotes + date.format('HH:mm:ss') + quotes
-  } else {
-    return $asString(date, skipQuotes)
-  }
-}
-
-function $asString (str, skipQuotes) {
-  const quotes = skipQuotes === true ? '' : '"'
-  if (str instanceof Date) {
-    return quotes + str.toISOString() + quotes
-  } else if (str === null) {
-    return quotes + quotes
-  } else if (str instanceof RegExp) {
-    str = str.source
-  } else if (typeof str !== 'string') {
-    str = str.toString()
-  }
-  // If we skipQuotes it means that we are using it as test
-  // no need to test the string length for the render
-  if (skipQuotes) {
-    return str
-  }
-
-  if (str.length < 42) {
-    return $asStringSmall(str)
-  } else {
-    return JSON.stringify(str)
-  }
-}
+const serializer = new Serializer({"mode":"standalone"})
+const ajv = buildAjv({})
 
-function $asStringNullable (str) {
-  return str === null ? null : $asString(str)
-}
 
-// magically escape strings for json
-// relying on their charCodeAt
-// everything below 32 needs JSON.stringify()
-// every string that contain surrogate needs JSON.stringify()
-// 34 and 92 happens all the time, so we
-// have a fast case for them
-function $asStringSmall (str) {
-  const l = str.length
-  let result = ''
-  let last = 0
-  let found = false
-  let surrogateFound = false
-  let point = 255
-  // eslint-disable-next-line
-  for (var i = 0; i < l && point >= 32; i++) {
-    point = str.charCodeAt(i)
-    if (point >= 0xD800 && point <= 0xDFFF) {
-      // The current character is a surrogate.
-      surrogateFound = true
-    }
-    if (point === 34 || point === 92) {
-      result += str.slice(last, i) + '\\'
-      last = i
-      found = true
+    function main (input) {
+      let json = ''
+      json += anonymous0(input)
+      return json
     }
-  }
-
-  if (!found) {
-    result = str
-  } else {
-    result += str.slice(last)
-  }
-  return ((point < 32) || (surrogateFound === true)) ? JSON.stringify(str) : '"' + result + '"'
-}
-
-
-    
-    /**
-     * Used by schemas that are dependant on calling 'ajv.validate' during runtime,
-     * it stores the value of the '$id' property of the schema (if it has it) inside
-     * a cache which is used to figure out if the schema was compiled into a validator
-     * by ajv on a previous call, if it was then the '$id' string will be used to 
-     * invoke 'ajv.validate', this allows:
-     * 
-     * 1. Schemas that depend on ajv.validate calls to leverage ajv caching system.
-     * 2. To avoid errors, since directly invoking 'ajv.validate' with the same 
-     * schema (that contains an '$id' property) twice will throw an error.
-     */
-    const $validateWithAjv = (function() {
-      const cache = new Set()
-
-      return function (schema, target) {
-        const id = schema.$id
-        
-        if (!id) {
-          return ajv.validate(schema, target)
-        }
-
-        const cached = cache.has(id)
-
-        if (cached) {
-          return ajv.validate(id, target)
-        } else {
-          cache.add(id)
-          return ajv.validate(schema, target)
-        }
-      }
-    })()
-
-
-    function parseInteger(int) { return Math.trunc(int) }
     
-    function $main (input) {
+    function anonymous0 (input) {
+      // main
   
       var obj = (input && typeof input.toJSON === 'function')
     ? input.toJSON()
@@ -198,60 +26,60 @@ function $asStringSmall (str) {
       var json = '{'
       var addComma = false
   
-          var t = Number(obj["statusCode"])
-          if (!isNaN(t)) {
-            
+      if (obj["statusCode"] !== undefined) {
+        
   if (addComma) {
     json += ','
   } else {
     addComma = true
   }
 
-            json += "\"statusCode\"" + ':' + t
-      
+        json += "\"statusCode\"" + ':'
+      json += serializer.asNumber.bind(serializer)(obj["statusCode"])
       }
     
-        if (obj["code"] !== undefined) {
-          
+      if (obj["code"] !== undefined) {
+        
   if (addComma) {
     json += ','
   } else {
     addComma = true
   }
 
-          json += "\"code\"" + ':'
-        json += $asString(obj["code"])
+        json += "\"code\"" + ':'
+      json += serializer.asString.bind(serializer)(obj["code"])
       }
     
-        if (obj["error"] !== undefined) {
-          
+      if (obj["error"] !== undefined) {
+        
   if (addComma) {
     json += ','
   } else {
     addComma = true
   }
 
-          json += "\"error\"" + ':'
-        json += $asString(obj["error"])
+        json += "\"error\"" + ':'
+      json += serializer.asString.bind(serializer)(obj["error"])
       }
     
-        if (obj["message"] !== undefined) {
-          
+      if (obj["message"] !== undefined) {
+        
   if (addComma) {
     json += ','
   } else {
     addComma = true
   }
 
-          json += "\"message\"" + ':'
-        json += $asString(obj["message"])
+        json += "\"message\"" + ':'
+      json += serializer.asString.bind(serializer)(obj["message"])
       }
     
       json += '}'
       return json
     }
-    
-  
-    ;
-     return $main
   
+    
+    
+
+module.exports = main
+    

package/lib/pluginUtils.js

@@ -104,7 +104,17 @@ function checkVersion (fn) {
   const requiredVersion = meta.fastify
 
   const fastifyRc = /-rc.+$/.test(this.version)
+  if (fastifyRc === true && semver.gt(this.version, semver.coerce(requiredVersion)) === true) {
+    // A Fastify release candidate phase is taking place. In order to reduce
+    // the effort needed to test plugins with the RC, we allow plugins targeting
+    // the prior Fastify release to be loaded.
+    return
+  }
   if (requiredVersion && semver.satisfies(this.version, requiredVersion, { includePrerelease: fastifyRc }) === false) {
+    // We are not in a release candidate phase. Thus, we must honor the semver
+    // ranges defined by the plugin's metadata. Which is to say, if the plugin
+    // expects an older version of Fastify than the _current_ version, we will
+    // throw an error.
     throw new FST_ERR_PLUGIN_VERSION_MISMATCH(meta.name, requiredVersion, this.version)
   }
 }

package/lib/reply.js

@@ -291,7 +291,7 @@ Reply.prototype.removeTrailer = function (key) {
 
 Reply.prototype.code = function (code) {
   const intValue = parseInt(code)
-  if (isNaN(intValue) || intValue < 100 || intValue > 600) {
+  if (isNaN(intValue) || intValue < 100 || intValue > 599) {
     throw new FST_ERR_BAD_STATUS_CODE(code || String(code))
   }
 

package/lib/schemas.js

@@ -143,6 +143,9 @@ function getSchemaSerializer (context, statusCode) {
   if (responseSchemaDef[fallbackStatusCode]) {
     return responseSchemaDef[fallbackStatusCode]
   }
+  if (responseSchemaDef.default) {
+    return responseSchemaDef.default
+  }
   return false
 }
 

package/lib/validation.js

@@ -7,7 +7,7 @@ const {
   kSchemaBody: bodySchema,
   kSchemaResponse: responseSchema
 } = require('./symbols')
-const scChecker = /^[1-5]{1}[0-9]{2}$|^[1-5]xx$/
+const scChecker = /^[1-5]{1}[0-9]{2}$|^[1-5]xx$|^default$/
 
 function compileSchemasForSerialization (context, compile) {
   if (!context.schema || !context.schema.response) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "fastify",
-  "version": "4.0.0-rc.5",
+  "version": "4.0.2",
   "description": "Fast and low overhead web framework, for Node.js",
   "main": "fastify.js",
   "type": "commonjs",
@@ -12,11 +12,12 @@
     "coverage:ci": "npm run unit -- --cov --coverage-report=html --no-browser --no-check-coverage -R terse",
     "coverage:ci-check-coverage": "nyc check-coverage --branches 100 --functions 100 --lines 100 --statements 100",
     "license-checker": "license-checker --production --onlyAllow=\"MIT;ISC;BSD-3-Clause;BSD-2-Clause\"",
-    "lint": "npm run lint:standard && npm run lint:typescript",
+    "lint": "npm run lint:standard && npm run lint:typescript && npm run lint:markdown",
     "lint:fix": "standard --fix",
+    "lint:markdown": "markdownlint-cli2",
     "lint:standard": "standard | snazzy",
     "lint:typescript": "eslint -c types/.eslintrc.json types/**/*.d.ts test/types/**/*.test-d.ts",
-    "prepublishOnly": "tap --no-check-coverage test/internals/version.test.js",
+    "prepublishOnly": "tap --no-check-coverage test/build/**.test.js",
     "test": "npm run lint && npm run unit && npm run test:typescript",
     "test:ci": "npm run unit -- -R terse --cov --coverage-report=lcovonly && npm run test:typescript",
     "test:report": "npm run lint && npm run unit:report && npm run test:typescript",
@@ -145,7 +146,6 @@
     "eslint-plugin-n": "^15.2.0",
     "eslint-plugin-promise": "^6.0.0",
     "fast-json-body": "^1.1.0",
-    "fast-json-stringify": "^4.0.0",
     "fastify-plugin": "^3.0.1",
     "fluent-json-schema": "^3.1.0",
     "form-data": "^4.0.0",
@@ -158,6 +158,7 @@
     "json-schema-to-ts": "^2.5.3",
     "JSONStream": "^1.3.5",
     "license-checker": "^25.0.1",
+    "markdownlint-cli2": "^0.4.0",
     "proxyquire": "^2.1.3",
     "pump": "^3.0.0",
     "self-cert": "^2.0.0",
@@ -180,6 +181,7 @@
     "@fastify/fast-json-stringify-compiler": "^3.0.0",
     "abstract-logging": "^2.0.1",
     "avvio": "^8.1.3",
+    "fast-json-stringify": "^4.1.0",
     "find-my-way": "^6.3.0",
     "light-my-request": "^5.0.0",
     "pino": "^8.0.0",

package/test/build/error-serializer.test.js

@@ -0,0 +1,28 @@
+'use strict'
+
+const t = require('tap')
+const test = t.test
+const fs = require('fs')
+const path = require('path')
+
+const { code } = require('../../build/build-error-serializer')
+
+test('check generated code syntax', async (t) => {
+  t.plan(1)
+
+  // standard is a esm, we import it like this
+  const { default: standard } = await import('standard')
+  const result = await standard.lintText(code)
+
+  // if there are any invalid syntax
+  // fatal count will be greater than 0
+  t.equal(result[0].fatalErrorCount, 0)
+})
+
+test('ensure the current error serializer is latest', async (t) => {
+  t.plan(1)
+
+  const current = await fs.promises.readFile(path.resolve('lib/error-serializer.js'))
+
+  t.equal(current.toString(), code)
+})

package/test/{internals → build}/version.test.js

@@ -4,7 +4,7 @@ const fs = require('fs')
 const path = require('path')
 const t = require('tap')
 const test = t.test
-const fastify = require('../..')()
+const fastify = require('../../fastify')()
 
 test('should be the same as package.json', t => {
   t.plan(1)

package/test/plugin.test.js

@@ -1057,6 +1057,38 @@ test('plugin metadata - release candidate', t => {
   }
 })
 
+test('fastify-rc loads prior version plugins', t => {
+  t.plan(2)
+  const fastify = Fastify()
+  Object.defineProperty(fastify, 'version', {
+    value: '99.0.0-rc.1'
+  })
+
+  plugin[Symbol.for('plugin-meta')] = {
+    name: 'plugin',
+    fastify: '^98.1.0'
+  }
+  plugin2[Symbol.for('plugin-meta')] = {
+    name: 'plugin2',
+    fastify: '98.x'
+  }
+
+  fastify.register(plugin)
+
+  fastify.ready((err) => {
+    t.error(err)
+    t.pass('everything right')
+  })
+
+  function plugin (instance, opts, done) {
+    done()
+  }
+
+  function plugin2 (instance, opts, done) {
+    done()
+  }
+})
+
 test('hasPlugin method exists as a function', t => {
   t.plan(1)
 

package/test/reply-error.test.js

@@ -520,7 +520,13 @@ const invalidErrorCodes = [
   undefined,
   null,
   'error_code',
-  700 // out of the 100-600 range
+
+  // out of the 100-599 range:
+  0,
+  1,
+  99,
+  600,
+  700
 ]
 invalidErrorCodes.forEach((invalidCode) => {
   test(`should throw error if error code is ${invalidCode}`, t => {