Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

fastify

Ecosystem:
npm
Package URL:
pkg:npm/fastify
Total PRs:
3,328 Dependabot PRs
Latest PR:
6 days ago
Unique Repositories:
1,285 repositories
Unique Repos (30 days):
47 repositories
Security Advisories
Denial of Service vulnerability with large JSON payloads in fastify
GHSA-mq6c-fh97-4gwv CVE-2018-3711 HIGH published almost 8 years ago • updated 4 days ago
Affected versions of `fastify` are vulnerable to a denial of service when processing a request with `Content-Type` set to `application/json` and a ...
Fastify Vulnerable to DoS via Unbounded Memory Allocation in sendWebStream
GHSA-mrq3-vjjr-p77c CVE-2026-25224 LOW published 4 months ago • updated about 4 hours ago
### Impact A Denial of Service vulnerability in Fastify’s Web Streams response handling can allow a remote client to exhaust server memory. Applica...
Fastify's Content-Type header tab character allows body validation bypass
GHSA-jx2c-rxcm-jvmq CVE-2026-25223 HIGH published 4 months ago • updated about 4 hours ago
### Impact A validation bypass vulnerability exists in Fastify where request body validation schemas specified by Content-Type can be completely c...
Fastify vulnerable to invalid content-type parsing, which could lead to validation bypass
GHSA-mg2h-6x62-wpwc CVE-2025-32442 HIGH published about 1 year ago • updated 4 days ago
### Impact In applications that specify different validation strategies for different content types, it's possible to bypass the validation by pro...
fastify vulnerable to denial of service via malicious Content-Type
GHSA-455w-c45v-86rg CVE-2022-39288 HIGH published over 3 years ago • updated 4 days ago
### Impact An attacker can send an invalid `Content-Type` header that can cause the application to crash, leading to a possible Denial of Service a...
View all 10 advisories
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
build(deps): bump the npm_and_yarn group across 2 directories with 20 updates

beauNate/happier #3

5.8.4 → 5.8.5 Patch PR
Closed 6 days ago 1 comment
beauNate
chore(deps): bump the patch-production group with 10 updates

HeadySystems/heady-ai #168

5.8.4 → 5.8.5 Patch PR
Closed 6 days ago 1 comment
HeadySystems
chore(deps): bump the npm_and_yarn group across 1 directory with 6 updates

stvn101/typescript-sdk #1

5.8.4 → 5.8.5 Patch PR
Open 16 days ago 2 comments
stvn101
Bump fastify from 5.8.2 to 5.8.5

w1ck3ds0d4/VeilBreak #206

5.8.2 → 5.8.5 Patch PR
Open 17 days ago 2 comments
w1ck3ds0d4
chore(deps)(deps): bump the production-dependencies group across 1 directory with 34 updates

Outboxy/outboxy #32

5.8.1 → 5.8.5 Patch PR
Open 20 days ago 1 comment
Outboxy
chore(deps): Bump the backend-minor-patch group across 1 directory with 13 updates

Lexcom-Systems-Group-Inc/esexpress-v2 #23

5.8.4 → 5.8.5 Patch PR
Open 20 days ago 2 comments
Lexcom-Systems-Group-Inc
chore(deps): bump the production-dependencies group across 1 directory with 4 updates

tbmobb813/United-Dev-Platform- #110

5.8.2 → 5.8.5 Patch PR
Open 21 days ago 7 comments
tbmobb813
chore(deps): bump the npm-dependencies group across 1 directory with 15 updates

macel94/ip-geo-analytics #98

5.8.2 → 5.8.5 Patch PR
Closed 21 days ago 1 comment
macel94
chore(deps): bump the production-dependencies group with 16 updates

KwakuBoohene/casual-padel-tourneys #4

5.8.2 → 5.8.5 Patch PR
Closed 21 days ago 1 comment
KwakuBoohene
chore(deps): Bump the backend-minor-patch group across 1 directory with 12 updates

Lexcom-Systems-Group-Inc/esexpress-v2 #22

5.8.4 → 5.8.5 Patch PR
Open 24 days ago 2 comments
Lexcom-Systems-Group-Inc
chore(deps): bump the npm_and_yarn group across 3 directories with 4 updates

GlacierEQ/openai-agents-js #25

5.8.3 → 5.8.5 Patch PR
Closed 25 days ago 3 comments
GlacierEQ
chore(deps): bump the npm_and_yarn group across 1 directory with 19 updates

fork-the-planet/agents #44

5.8.2 → 5.8.5 Patch PR
Closed 26 days ago 1 comment
fork-the-planet
chore(deps): bump the minor-and-patch group across 1 directory with 16 updates

zkorum/agora #1043

5.8.4 → 5.8.5 Patch PR
Closed 28 days ago 3 comments
zkorum
Bump the runtime-dependencies group across 5 directories with 17 updates

mmolotov/femi #45

5.8.4 → 5.8.5 Patch PR
Open 28 days ago 2 comments
mmolotov
deps: bump the minor-and-patch group across 1 directory with 64 updates

steiner385/reasonbridge #1269

5.8.4 → 5.8.5 Patch PR
Closed 28 days ago 1 comment
steiner385
Bump the production-minor-patch group with 35 updates

percy-main/website-v2 #267

5.8.3 → 5.8.5 Patch PR
Open 28 days ago 2 comments
percy-main
chore(deps): bump the npm_and_yarn group across 2 directories with 8 updates

jrin0340-420/astroglider #2

5.8.3 → 5.8.5 Patch PR
Closed about 1 month ago 1 comment
jrin0340-420
Bump fastify from 5.8.3 to 5.8.5 in the npm_and_yarn group across 1 directory

percy-main/website-v2 #245

5.8.3 → 5.8.5 Patch PR
Open about 1 month ago 3 comments
percy-main
chore(deps): bump the fastify group across 1 directory with 2 updates

jwillz7667/InterviewPilot #4

5.8.2 → 5.8.5 Patch PR
Open about 1 month ago 2 comments
jwillz7667
Bump the npm_and_yarn group across 1 directory with 5 updates

graphile/crystal #3047

5.8.4 → 5.8.5 Patch PR
Open about 1 month ago 3 comments
graphile
chore(deps): bump the npm_and_yarn group across 2 directories with 8 updates

bruno-castilho/python-editor #6

5.8.4 → 5.8.5 Patch PR
Closed about 1 month ago 1 comment
bruno-castilho
chore(deps): bump the production-dependencies group across 1 directory with 47 updates

SNAPR68/Artist-App #21

5.8.2 → 5.8.5 Patch PR
Open about 1 month ago 1 comment
SNAPR68
chore(deps): bump the backend-minor-patch group across 1 directory with 13 updates

itdojp/ITDO_ERP4 #1740

5.8.4 → 5.8.5 Patch PR
Open about 1 month ago 1 comment
itdojp
chore(deps): bump the minor-and-patch group across 1 directory with 17 updates

zkorum/agora #1021

5.8.4 → 5.8.5 Patch PR
Open about 1 month ago 3 comments
zkorum
chore(deps): bump the minor-and-patch group across 1 directory with 10 updates

zkorum/agora #1019

5.8.4 → 5.8.5 Patch PR
Open about 1 month ago 2 comments
zkorum
chore(deps)(deps): bump the security group across 1 directory with 106 updates

tomascesarlemossil/agoraencontrei #91

5.8.4 → 5.8.5 Patch PR
Open about 1 month ago 2 comments
tomascesarlemossil
build(deps): Bump the minor-and-patch group across 1 directory with 48 updates

wordshepherd/colophony #444

5.8.4 → 5.8.5 Patch PR
Closed about 1 month ago 1 comment
wordshepherd
Bump the dependencies group across 1 directory with 6 updates

GazousGit/api-fastify-passport-vitest-prisma #18

5.8.4 → 5.8.5 Patch PR
Closed about 1 month ago 1 comment
GazousGit
build(deps): bump fastify from 5.8.4 to 5.8.5 in the npm_and_yarn group across 1 directory

michaelzick/timefraim #20

5.8.4 → 5.8.5 Patch PR
Closed about 1 month ago 1 comment
michaelzick
build(deps): bump the npm group across 1 directory with 16 updates

USThing/template-api #116

5.8.4 → 5.8.5 Patch PR
Open about 1 month ago 1 comment
USThing
build(deps): bump the production-dependencies group across 1 directory with 37 updates

hackclub/lapse #208

5.8.1 → 5.8.5 Patch PR
Closed about 1 month ago 2 comments
hackclub
chore(deps): bump the production-dependencies group across 1 directory with 12 updates

sidclawhq/platform #50

5.8.4 → 5.8.5 Patch PR
Closed about 1 month ago 1 comment
sidclawhq
chore(deps): bump the backend-minor-patch group across 1 directory with 12 updates

itdojp/ITDO_ERP4 #1739

5.8.4 → 5.8.5 Patch PR
Open about 1 month ago 1 comment
itdojp
chore(deps): bump the workspace-dependencies group with 20 updates

KhazP/artbot #14

5.8.4 → 5.8.5 Patch PR
Closed about 1 month ago 1 comment
KhazP
chore(deps): bump the typescript-minor group across 1 directory with 28 updates

t402-io/t402 #453

5.8.4 → 5.8.5 Patch PR
Closed about 1 month ago 6 comments
t402-io
Bump the runtime-dependencies group across 4 directories with 16 updates

mmolotov/femi #40

5.8.4 → 5.8.5 Patch PR
Open about 1 month ago 1 comment
mmolotov
chore(deps): bump the minor-and-patch group across 1 directory with 16 updates

JensKlimke/cad #12

5.8.4 → 5.8.5 Patch PR
Open about 1 month ago 1 comment
JensKlimke
chore(deps)(deps): bump the security group across 1 directory with 102 updates

tomascesarlemossil/agoraencontrei #84

5.8.4 → 5.8.5 Patch PR
Closed about 1 month ago 3 comments
tomascesarlemossil
build(deps): Bump the minor-and-patch group across 1 directory with 43 updates

wordshepherd/colophony #443

5.8.4 → 5.8.5 Patch PR
Closed about 1 month ago 1 comment
wordshepherd
Bump the minor-and-patch group across 1 directory with 18 updates

ajhwell/metapi #11

5.8.2 → 5.8.5 Patch PR
Closed about 1 month ago 1 comment
ajhwell
chore(deps): bump the minor-and-patch group across 1 directory with 12 updates

cita-777/metapi #516

5.8.4 → 5.8.5 Patch PR
Closed about 1 month ago 1 comment
cita-777
chore(deps-dev): bump the dev-dependencies group across 1 directory with 19 updates

solvapay/solvapay-sdk #136

5.8.4 → 5.8.5 Patch PR
Open about 1 month ago 1 comment
solvapay
deps(deps): bump the npm-minor-patch group across 1 directory with 35 updates

phalanxduel/phalanxduel #36

5.8.4 → 5.8.5 Patch PR
Open about 1 month ago 3 comments
phalanxduel
chore(deps): bump the minor-and-patch group across 1 directory with 21 updates

zkorum/agora #1000

5.8.4 → 5.8.5 Patch PR
Open about 1 month ago 2 comments
zkorum
chore(deps): bump the minor-and-patch group across 1 directory with 15 updates

zkorum/agora #999

5.8.4 → 5.8.5 Patch PR
Closed about 1 month ago 3 comments
zkorum
chore(deps-dev): bump the dev-dependencies group across 1 directory with 18 updates

solvapay/solvapay-sdk #130

5.8.4 → 5.8.5 Patch PR
Closed about 1 month ago 2 comments
solvapay
chore(deps): bump the npm_and_yarn group across 17 directories with 5 updates

graphql-hive/graphql-yoga #4454

5.8.3 → 5.8.5 Patch PR
Closed about 2 months ago 2 comments
graphql-hive
Bump the minor-and-patch group across 1 directory with 10 updates

andrewnordstrom-eng/bluesky-community-feed #181

5.8.4 → 5.8.5 Patch PR
Closed about 2 months ago 1 comment
andrewnordstrom-eng
chore(deps): bump the minor-and-patch group with 9 updates

htxryan/pearl #24

5.8.4 → 5.8.5 Patch PR
Open about 2 months ago 1 comment
htxryan
Bump the patch-deps-updates group across 1 directory with 16 updates

webdriverio/devtools #192

5.8.4 → 5.8.5 Patch PR
Closed about 2 months ago 2 comments
webdriverio
Package Details
Name: fastify
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/fastify
JSON API: View JSON
Security Advisories

10

Active advisories
HIGH 5
MODERATE 4
LOW 1
View All npm Advisories
Package Information
Description:

Fast and low overhead web framework, for Node.js

Repository: https://github.com/fastify/fastify
Homepage: https://fastify.dev/
Latest Release: 5.3.3
about 1 year ago
Dependent Repos: 16,712
Dependent Packages: 3,270
Downloads: 10,856,076
Ranking: Top 0.206% by dependent repos Top 0.1136% by downloads Top 0.0251% by dependent pkgs
PR Status
Open 1,549 (46.5%)
Merged 308 (9.3%)
Closed 1,263 (38.0%)
PR Types
Major 649 (19.5%)
Minor 1,681 (50.5%)
Patch 748 (22.5%)
Removal 36 (1.1%)