Update module github.com/gofiber/fiber/v2 to v2.52.5

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
github.com/gofiber/fiber/v2	v2.44.0 -> v2.52.5

---

Release Notes

gofiber/fiber (github.com/gofiber/fiber/v2)

v2.52.5

Compare Source

👮 Security

Middleware/session: Session Middleware Token Injection Vulnerability - GHSA-98j2-3j3p-fw2v

https://docs.gofiber.io/api/middleware/session

🧹 Updates

• Middleware/session: Remove extra release and aquire ctx calls in session_test.go (#​3043)

🐛 Bug Fixes

• Middleware/monitor: middleware reporting of CPU usage (#​2984)
• Middleware/session: mutex for thread safety (#​3050)

📚 Documentation

• Improve ctx.Locals method description and example (#​3030)
• Improve ctx.Locals method documentation (#​3033)
• Update README_id.md (#​3045)

Full Changelog: gofiber/fiber@v2.52.4...v2.52.5

Thank you @​nyufeng, @​PaulTitto and @​sixcolors for making this update possible.

v2.52.4

Compare Source

🐛 Fixes

• Middleware/cors: CORS handling by @​sixcolors in https://github.com/gofiber/fiber/pull/2937
• Middleware/cors: Vary header handling non-cors OPTIONS requests by @​sixcolors in https://github.com/gofiber/fiber/pull/2939

Full Changelog: gofiber/fiber@v2.52.3...v2.52.4

v2.52.3

Compare Source

🐛 Fixes

• Middleware/cors: Handling and wildcard subdomain matching by @​sixcolors in https://github.com/gofiber/fiber/pull/2915
• Middleware/cors: Categorize requests correctly by @​sixcolors in https://github.com/gofiber/fiber/pull/2921
• Middleware/csrf: Fix Benchmark Tests by @​sixcolors in https://github.com/gofiber/fiber/pull/2932

Full Changelog: gofiber/fiber@v2.52.2...v2.52.3

v2.52.2

Compare Source

🐛 Fixes

• Middleware/cors: Validation of multiple Origins (https://github.com/gofiber/fiber/pull/2883)

Full Changelog: gofiber/fiber@v2.52.1...v2.52.2

v2.52.1

Compare Source

👮 Security

Middleware/cors: Insecure CORS Configuration Allowing Wildcard Origin with Credentials - GHSA-fmg4-x8pw-hjhg

https://docs.gofiber.io/api/middleware/cors

🐛 Fixes

• Middleware/healthcheck: Not working with route group(#​2863)

📚 Documentation

• Fix default value to false in docs of QueryBool (#​2811)
• Fix code snippet indentation in /docs/api/middleware/keyauth.md (#​2867)

Full Changelog: gofiber/fiber@v2.52.0...v2.52.1

Thank you @​luk3skyw4lker, @​CAEL0, @​grivera64, @​gaby and @​sixcolors for making this update possible.

v2.52.0

Compare Source

🚀 New

• Middleware/healthcheck: Add liveness and readiness checks (#​2509)
  https://docs.gofiber.io/api/middleware/healthcheck

// Direct usage with default config
app.Use(healthcheck.New())

// Or extend your config for customization
app.Use(healthcheck.New(healthcheck.Config{
    LivenessEndpoint: "/live",
    LivenessProbe: func(c *fiber.Ctx) bool {
        return true
    },
    ReadinessEndpoint: "/ready",
    ReadinessProbe: func(c *fiber.Ctx) bool {
        return serviceA.Ready() && serviceB.Ready() && ...
    },
}))

🧹 Updates

• Middlewares: don't constrain middlewares context-keys to strings (#​2751)
• Middleware/logger: colorize logger error message #​2593 (#​2773)
• Middleware/logger: changing default log output (#​2730)
• Middleware/logger: log client IP address by default (#​2755)
• Middleware/encryptcookie: update default config (#​2753)
• Improve benchmarks for getOffer (#​2739)

🛠️ Maintenance

• Bump github/codeql-action from 2 to 3 (#​2763)
• Bump github.com/google/uuid from 1.4.0 to 1.5.0 (#​2762)
• Bump actions/setup-go from 4 to 5 (#​2754)
• Bump golang.org/x/sys from 0.14.0 to 0.15.0 (#​2744)
• Bump github.com/valyala/fasthttp from 1.50.0 to 1.51.0 (#​2721)

🐛 Fixes

• Middleware/redirect : fix for redirect with query params (#​2748)
• Middleware/adaptor: Adaptor + otelfiber issue #​2641 (#​2772)
• Middleware/cors: Should use the defined AllowedOriginsFunc config when AllowedOrigins is empty (#​2771)
• Middleware/session: Race in session middleware tests (#​2740)
• Middleware/csrf: Fix failing CSRF tests (#​2720)
• Fix race condition in parallel tests (#​2734)
• utils.IsIPv4 and net.ParseIP have inconsistent results #​2735 (#​2736)

📚 Documentation

• Middleware/csrf: Improve csrf docs (#​2726)
• Update app.md for indentation (#​2761)
• Update default config (#​2753)
• Update CONTRIBUTING.md (#​2752)

Full Changelog: gofiber/fiber@v2.51.0...v2.52.0

Thank you @​MehmetFiratKomurcu, @​benjajaja, @​brunodmartins, @​gilwo, @​iredmail, @​itswcg, @​luk3skyw4lker, @​muhammadkholidb, @​nickajacks1, @​sixcolors and @​tokelo-12 for making this update possible.

v2.51.0

Compare Source

🚀 New

• Add support for parameters in content negotiation (#​2678) RFC
  https://docs.gofiber.io/api/ctx#accepts

// Consideration of parameters in the accepted headers
// Accept: text/plain, application/json; version=1; foo=bar

app.Get("/", func(c *fiber.Ctx) error {
  // Extra parameters in the accept are ignored
  c.Accepts("text/plain;format=flowed") // "text/plain;format=flowed"

  // An offer must contain all parameters present in the Accept type
  c.Accepts("application/json") // ""

  // Parameter order and capitalization does not matter. Quotes on values are stripped.
  c.Accepts(`application/json;foo="bar";VERSION=1`) // "application/json;foo="bar";VERSION=1"
})

• Add support for application/problem+json (#​2704)
  https://docs.gofiber.io/api/ctx#json
  https://docs.gofiber.io/api/client#json

// Passing a custom json type
ctx.JSON(fiber.Map{
    "type": "https://example.com/probs/out-of-credit",
    "title": "You do not have enough credit.",
    "status": 403,
    "detail": "Your current balance is 30, but that costs 50.",
    "instance": "/account/12345/msgs/abc",
  }, fiber.)

🧹 Updates

• Ctx.Range: reduce allocations (#​2705)
• Middleware/pprof: improve performance (#​2709)

🛠️ Maintenance

• Bump golang.org/x/sys from 0.13.0 to 0.14.0 (#​2707)
• Bump github.com/google/uuid from 1.3.1 to 1.4.0 (#​2693)
• Bump actions/setup-node from 3 to 4 (#​2690)
• Bump github.com/mattn/go-isatty from 0.0.19 to 0.0.20 (#​2679)

🐛 Fixes

• Middleware/limiter: fix intermittent failures (#​2716)
• Naming of routes works wrong after mount #​2688 (#​2689)
• Fix method validation on route naming (#​2686)

📚 Documentation

• Changed "Twitter" to "X (Twitter)" in README.md Contribute Section (#​2696)
• Add additional information as to why GetReqHeaders returns a map where the values are slices of strings (#​2698)
• Enhance csrf.md (#​2692)

Full Changelog: gofiber/fiber@v2.50.0...v2.51.0

Thank you @​BandhiyaHardik, @​database64128, @​efectn, @​moritz157, @​nickajacks1, @​rhburt and @​sixcolors for making this update possible.

v2.50.0

Compare Source

❗ Breaking Changes

• Change signatures of GetReqHeaders and GetRespHeaders (#​2650)

To allow single and list values under headers according to the rfc standard

- func (c *Ctx) GetReqHeaders() map[string]string
+ func (c *Ctx) GetReqHeaders() map[string][]string

- func (c *Ctx) GetRespHeaders() map[string]string
+ func (c *Ctx) GetRespHeaders() map[string][]string

👮 Security

Middleware/csrf: Token Vulnerability (GHSA-mv73-f69x-444p, GHSA-94w9-97p3-p368)

https://docs.gofiber.io/api/middleware/csrf

🚀 Improvements to the CSRF middleware:

• Added support for single-use tokens through the SingleUseToken configuration option.
• Optional integration with GoFiber session middleware through the Session and SessionKey configuration options.
• Introduction of origin checks for HTTPS connections to verify referer headers.
• Implementation of a Double Submit Cookie approach for CSRF token generation and validation when used without Session.
• Enhancement of error handling with more descriptive error messages.
• The documentation for the CSRF middleware has been enhanced with the addition of the new options and best practices to improve security.

Thank you @​sixcolors

🚀 New

• Cookie parser (#​2656)
  https://docs.gofiber.io/api/ctx#cookieparser

// Field names should start with an uppercase letter
type Person struct {
    Name     string  `cookie:"name"`
    Age      int     `cookie:"age"`
    Job      bool    `cookie:"job"`
}
// Example route
app.Get("/", func(c *fiber.Ctx) error {
    p := new(Person)
    // This method is similar to BodyParser, but for cookie parameters
    if err := c.CookieParser(p); err != nil {
        return err
    }
    
    log.Println(p.Name)     // Joseph
    log.Println(p.Age)      // 23
    log.Println(p.Job)      // true
})

• Middleware/cors: Allow disabling caching in preflight requests (#​2649)
  https://docs.gofiber.io/api/middleware/cors#config

// To disable caching completely, pass MaxAge value negative. It will set the Access-Control-Max-Age header 0.
app.Use(cors.New(cors.Config{MaxAge: -1})) 

• Middleware/session: Add Reset method to Session struct in session middleware (#​2654)
  https://docs.gofiber.io/api/middleware/session#signatures

// Provide more flexibility in session management, especially in scenarios like repeated user logins
func (s *Session) Reset() error

Example usage:

// Initialize default config
// This stores all of your app's sessions
store := session.New()

app.Post("/login", func(c *fiber.Ctx) error {
    // Get session from storage
    sess, err := store.Get(c)
    if err != nil {
        panic(err)
    }
    
    // ... validate login ...
    
    // Check if the session is fresh
    if !sess.Fresh() {
        // If the session is not fresh, reset it
        if err := sess.Reset(); err != nil {
            panic(err)
        }
    }
    // Set new session data
    sess.Set("user_id", user.ID)
    // Save session
    if err := sess.Save(); err != nil {
        panic(err)
    }

    return c.SendString(fmt.Sprintf("Welcome %v", user.ID))
})

• Middleware/session: Add Delete method to Store struct in session middleware (#​2655)
  https://docs.gofiber.io/api/middleware/session#signatures

// Provide more control over individual session management, especially in scenarios 
// like administrator-enforced user logout or user-initiated logout from a specific device session
func (s *Store) Delete(id string) error

Example usage:

app.Post("/admin/session/:id/logout", func(c *fiber.Ctx) error {
    // Get session id from request
    sessionID := c.Params("id")

    // Delete the session
    if err := store.Delete(sessionID); err != nil {
        return c.Status(500).SendString(err.Error())
    }

    return c.SendString("Logout successful")
})

🧹 Updates

• Middleware/filesystem: Improve status for SendFile (#​2664)
• Middleware/filesystem: Set response code (#​2632)
• Refactor Ctx.Method func to improve code readability (#​2647)

🛠️ Maintenance

• Fix loop variable captured by func literal (#​2660)
• Run gofumpt and goimports (#​2662)
• Use utils.AssertEqual instead of t.Fatal on some tests (#​2653)
• Apply go fix ./... with latest version of go in repository (#​2661)
• Bump github.com/valyala/fasthttp from 1.49.0 to 1.50.0 (#​2634)
• Bump golang.org/x/sys from 0.12.0 to 0.13.0 (#​2665)

🐛 Fixes

• Path checking on route naming (#​2676)
• Incorrect log depth when use log.WithContext (#​2666)
• Jsonp ignoring custom json encoder (#​2658)
• PassLocalsToView when bind parameter is nil (#​2651)
• Parse ips return invalid in abnormal case (#​2642)
• Bug parse custom header (#​2638)
• Middleware/adaptor: Reduce memory usage by replacing io.ReadAll() with io.Copy() (#​2637)
• Middleware/idempotency: Nil pointer dereference issue on idempotency middleware (#​2668)

📚 Documentation

• Incorrect status code source (#​2667)
• Middleware/requestid: Typo in requestid.md (#​2675)
• Middleware/cors: Update docs to better explain AllowOriginsFunc (#​2652)

Full Changelog: gofiber/fiber@v2.49.2...v2.50.0

Thank you @​KaptinLin, @​Skyenought, @​cuipeiyu, @​dairlair, @​efectn, @​gaby, @​geerew, @​huykn, @​jimmyl02, @​joey1123455, @​joshlarsen, @​jscappini, @​peczenyj and @​sixcolors for making this update possible.

v2.49.2

Compare Source

🧹 Updates

• Middleware/logger: Enabling color changes padding for some fields #​2604 (#​2616)
• Bump actions/checkout from 3 to 4 (#​2618)
• Bump golang.org/x/sys from 0.11.0 to 0.12.0 (#​2617)

🐛 Fixes

• Vulnerability in Ctx.IsFromLocal(GHSA-3q5p-3558-364f)

📚 Documentation

• Replaced double quotes with backticks in all route parameter strings (#​2591)

Full Changelog: gofiber/fiber@v2.49.1...v2.49.2

Thank you @​11-aryan and @​AKARSHITJOSHI for making this update possible.

v2.49.1

Compare Source

🧹 Updates

• Bump github.com/valyala/fasthttp from 1.48.0 to 1.49.0 (#​2615)

🐛 Fixes

• Rollback changes to go.mod file (#​2614)

📚 Documentation

• Add Polish translation - README_pl.md (#​2613)
• Update README_ko.md (#​2605)

Full Changelog: gofiber/fiber@v2.49.0...v2.49.1

Thank you @​KompocikDot, @​LimJiAn and @​gaby for making this update possible.

v2.49.0

Compare Source

❗ Breaking Changes

• Add config to enable splitting by comma in parsers (#​2560)
  https://docs.gofiber.io/api/fiber#config

EnableSplittingOnParsers splits the query/body/header parameters by comma when it's true (default: false).

For example, you can use it to parse multiple values from a query parameter like this:
/api?foo=bar,baz == foo[]=bar&foo[]=baz

🚀 New

• Add custom data property to favicon middleware config (#​2579)
  https://docs.gofiber.io/api/middleware/favicon#config

This allows the user to use //go:embed flags to load favicon data during build-time, and supply it to the middleware instead of reading the file every time the application starts.

🧹 Updates

• Middleware/logger: Latency match gin-gonic/gin formatter (#​2569)
• Middleware/filesystem: Refactor: use errors.Is instead of os.IsNotExist (#​2558)
• Use Global vars instead of local vars for isLocalHost (#​2595)
• Remove redundant nil check (#​2584)
• Bump github.com/mattn/go-runewidth from 0.0.14 to 0.0.15 (#​2551)
• Bump github.com/google/uuid from 1.3.0 to 1.3.1 (#​2592)
• Bump golang.org/x/sys from 0.10.0 to 0.11.0 (#​2563)
• Add go 1.21 to ci and readmes (#​2588)

🐛 Fixes

• Middleware/logger: Default latency output format (#​2580)
• Decompress request body when multi Content-Encoding sent on request headers (#​2555)

📚 Documentation

• Fix wrong JSON docs (#​2554)
• Update io/ioutil package to io package (#​2589)
• Replace EG flag with the proper and smaller SVG (#​2585)
• Added Egyptian Arabic readme file (#​2565)
• Translate README to Portuguese (#​2567)
• Improve *fiber.Client section (#​2553)
• Improved the config section of the middleware readme´s (#​2552)
• Added documentation about ctx Fresh (#​2549)
• Update intro.md (#​2550)
• Fixed link to slim template engine (#​2547)

Full Changelog: gofiber/fiber@v2.48.0...v2.49.0

Thank you @​Jictyvoo, @​Juneezee, @​Kirari04, @​LimJiAn, @​PassTheMayo, @​andersonmiranda-com, @​bigpreshy, @​efectn, @​renanbastos93, @​scandar, @​sixcolors and @​stefanb for making this update possible.

v2.48.0

Compare Source

🚀 New

• Add ability to print custom message on startup (#​2491)
  https://docs.gofiber.io/guide/hooks#onlisten

app := fiber.New(fiber.Config{
  DisableStartupMessage: true,
})

app.Hooks().OnListen(func(listenData fiber.ListenData) error {
  if fiber.IsChild() {
      return nil
  }
  scheme := "http"
  if data.TLS {
    scheme = "https"
  }
  log.Println(scheme + "://" + listenData.Host + ":" + listenData.Port)
  return nil
})

app.Listen(":5000")

• Add Logger interface and fiberlog (#​2499)
  https://docs.gofiber.io/api/log

🧹 Updates

• Dictpool is not completely gone (#​2540)
• Bump golang.org/x/sys from 0.9.0 to 0.10.0 (#​2530)
• Bump github.com/valyala/fasthttp from 1.47.0 to 1.48.0 (#​2511)

🐛 Fixes

• Middleware/logger: Default logger color behaviour (#​2513)

📚 Documentation

• Fix link (#​2542)
• Fix bad documentation on queries function (#​2522)
• Fix validation-guide (#​2517)
• Fix bad documentation on queries function (#​2522)
• Add a warning on security implications when using X-Forwarded-For improperly (#​2520)
• Fix typo (#​2518)
• Typo in ctx.md (#​2516)
• Fix comment in client.go (#​2514)
• Fix docs api fiber custom config (#​2510)

Full Changelog: gofiber/fiber@v2.47.0...v2.48.0

Thank you @​ForAeons, @​RHeynsZa, @​Saman-Safaei, @​Skyenought, @​Z3NTL3, @​andre-dasilva, @​cmd777, @​dozheiny, @​efectn, @​f1rstmehul, @​gaby, @​itcuihao and @​mo1ein for making this update possible.

v2.47.0

Compare Source

🚀 New

• Add queries function (#​2475)
  https://docs.gofiber.io/api/ctx#queries

// GET /api/posts?filters.author.name=John&filters.category.name=Technology

app.Get("/", func(c *fiber.Ctx) error {
    m := c.Queries()
    m["filters.author.name"] // John
    m["filters.category.name"] // Technology
})

• Middleware/logger: Add DisableColors to set the default output format (#​2493)
  https://docs.gofiber.io/api/middleware/logger#config

// Disable colors when outputting to default format
app.Use(logger.New(logger.Config{
    DisableColors: true,
}))

🧹 Updates

• Update getOffer to consider quality and specificity (#​2486)
• Use c.app.getString instead of string(...) (#​2489)
• Bump github.com/mattn/go-isatty from 0.0.18 to 0.0.19 (#​2474)
• Bump golang.org/x/sys from 0.8.0 to 0.9.0 (#​2508)

🐛 Fixes

• Middleware/limiter: Fix Sliding Window limiter when SkipSuccessfulRequests/SkipFailedRequests is used. (#​2484)
• Fix onListen hooks when they are used with prefork mode (#​2504)
• Fix middleware naming and returned values of group methods (#​2477)
• Treat case for possible timer memory leak (#​2488)
• Reset terminal colors after print routes (#​2481)

📚 Documentation

• Update version of html template (#​2505)
• Translate README_fa.md (#​2496)
• Correcting a syntax error in the README (#​2473)

Full Changelog: gofiber/fiber@v2.46.0...v2.47.0

Thank you @​Kamandlou, @​Satont, @​Skyenought, @​cmd777, @​dozheiny, @​efectn, @​gaby, @​kaazedev, @​luk3skyw4lker, @​obakumen, @​sixcolors and @​ytsruh for making this update possible.

v2.46.0

Compare Source

🚀 New

• Utils: add Go 1.20+ way of converting byte slice to string (#​2468)
• Middleware/adaptor: allow to convert fiber.Ctx to (net/http).Request (#​2461)

🧹 Updates

• Speedup and cleanup "path" testcases and benchmarks (#​2465)
• Middleware/adaptor: allow to convert fiber.Ctx to (net/http).Request (#​2461)
• Utils: add Go 1.20+ way of converting string to byte slice (#​2462)
• Merge some external middlewares to core (#​2453)
  https://docs.gofiber.io/category/-middleware

🐛 Fixes

• Fix mount route positioning (#​2463)

📚 Documentation

• Update README_ru.md (#​2456)

Full Changelog: gofiber/fiber@v2.45.0...v2.46.0

Thank you @​alekseikovrigin, @​efectn and @​leonklingele for making this update possible.

v2.45.0

Compare Source

🚀 New

• Add filesystem config contentTypeCharset support (#​2438)
  https://docs.gofiber.io/api/middleware/filesystem#default-config

🧹 Updates

• Consistent way of logging and fix middleware log format (#​2432, #​2444)
• Improve error handling for net error(s) (#​2421)
• Bump golang.org/x/sys from 0.7.0 to 0.8.0 (#​2449)
• Bump github.com/valyala/fasthttp from 1.45.0 to 1.47.0 (#​2426, #​2445)

🐛 Fixes

• Middleware/cors: Changed condition for 'AllowOriginsFunc' (#​2423)

📚 Documentation

• Correct errors in Italian translation (#​2417)
• Correct grammar errors in Azerbaijani translation. (#​2413)

Full Changelog: gofiber/fiber@v2.44.0...v2.45.0

Thank you @​Jamess-Lucass, @​baichangda, @​carmeloriolo, @​kanansnote and @​kousikmitra for making this update possible.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 7 additional dependencies were updated

Details:

Package	Change
github.com/google/uuid	v1.3.0 -> v1.5.0
golang.org/x/crypto	v0.8.0 -> v0.14.0
github.com/klauspost/compress	v1.16.3 -> v1.17.0
github.com/mattn/go-isatty	v0.0.18 -> v0.0.20
github.com/mattn/go-runewidth	v0.0.14 -> v0.0.15
github.com/valyala/fasthttp	v1.45.0 -> v1.51.0
golang.org/x/sys	v0.7.0 -> v0.15.0