deps: update fastify to 5.8.1

chore: replace .npmrc with pnpm-workspace.yaml
2026-03-15 07:01:39 -07:00 · 2026-03-02 16:27:45 -08:00
4 changed files with 27 additions and 31 deletions
@@ -1,25 +0,0 @@
-# Package Manager Configuration
-# Force pnpm usage - breaks npm/yarn intentionally
-node-linker=pnpm
-
-# Security: Disable all lifecycle scripts
-ignore-scripts=true
-enable-pre-post-scripts=false
-
-# Security: Require packages to be 10+ days old before installation
-minimum-release-age=14400
-
-# Security: Verify package integrity hashes
-verify-store-integrity=true
-
-# Security: Enforce strict trust policies
-trust-policy=strict
-
-# Security: Strict peer dependency resolution
-strict-peer-dependencies=true
-
-# Performance: Use symlinks for node_modules
-symlink=true
-
-# Lockfile: Ensure lockfile is not modified during install
-frozen-lockfile=false
@@ -26,6 +26,6 @@
    "@nhcarrigan/discord-analytics": "0.0.6",
    "@nhcarrigan/logger": "1.1.1",
    "discord.js": "14.22.1",
-    "fastify": "5.7.4"
+    "fastify": "5.8.1"
  }
 }
@@ -18,8 +18,8 @@ importers:
        specifier: 14.22.1
        version: 14.22.1
      fastify:
-        specifier: 5.7.4
-        version: 5.7.4
+        specifier: 5.8.1
+        version: 5.8.1
    devDependencies:
      '@nhcarrigan/eslint-config':
        specifier: 5.2.0
@@ -1335,8 +1335,8 @@ packages:
  fast-uri@3.1.0:
    resolution: {integrity: sha512-iPeeDKJSWf4IEOasVVrknXpaBV0IApz/gp7S2bb7Z4Lljbl2MGJRqInZiUrQwV16cpzw/D3S5j5Julj/gT52AA==}

-  fastify@5.7.4:
-    resolution: {integrity: sha512-e6l5NsRdaEP8rdD8VR0ErJASeyaRbzXYpmkrpr2SuvuMq6Si3lvsaVy5C+7gLanEkvjpMDzBXWE5HPeb/hgTxA==}
+  fastify@5.8.1:
+    resolution: {integrity: sha512-y0kicFvvn7CYWoPOVLOcvn4YyKQz03DIY7UxmyOy21/J8eXm09R+tmb+tVDBW5h+pja30cHI5dqUcSlvY86V2A==}

  fastq@1.19.1:
    resolution: {integrity: sha512-GwLTyxkCXjXbxqIhTsMI2Nui8huMPtnxg7krajPJAjnEG/iiOS7i+zCtWGZR9G0NBKbXKh6X9m9UIsYX/N6vvQ==}
@@ -3847,7 +3847,7 @@ snapshots:

  fast-uri@3.1.0: {}

-  fastify@5.7.4:
+  fastify@5.8.1:
    dependencies:
      '@fastify/ajv-compiler': 4.0.5
      '@fastify/error': 4.2.0
@@ -0,0 +1,21 @@
+# Security
+
+# Do not execute any scripts of installed packages (project scripts still run)
+ignoreDepScripts: true
+# Do not automatically run pre/post scripts (e.g. preinstall, postbuild)
+enablePrePostScripts: false
+# Only allow packages published at least 10 days ago (reduces risk of compromised packages)
+minimumReleaseAge: 14400
+# Fail if a package's trust level has decreased compared to previous releases
+trustPolicy: no-downgrade
+# Ignore trust policy for packages published more than 1 year ago (predates provenance signing)
+trustPolicyIgnoreAfter: 525960
+# Fail if there are missing or invalid peer dependencies
+strictPeerDependencies: true
+# Prevent transitive dependencies from using exotic sources (git repos, direct tarball URLs)
+blockExoticSubdeps: true
+
+# Lockfile
+
+# Allow the lockfile to be updated during install (set to true in CI for stricter reproducibility)
+preferFrozenLockfile: false
Author	SHA1	Message	Date
minori	b3d1a1526d	deps: update fastify to 5.8.1 Node.js CI / CI (pull_request) Successful in 29s Details Security Scan and Upload / Security & DefectDojo Upload (pull_request) Successful in 1m20s Details	2026-03-15 07:01:39 -07:00
hikari	c020603d97	chore: replace .npmrc with pnpm-workspace.yaml Node.js CI / CI (push) Successful in 32s Details Security Scan and Upload / Security & DefectDojo Upload (push) Successful in 2m20s Details	2026-03-02 16:27:45 -08:00