diff --git a/package-lock.json b/package-lock.json index 94cb16d5..89c50f31 100644 --- a/package-lock.json +++ b/package-lock.json @@ -11,13 +11,13 @@ "dependencies": { "@fastify/accepts": "^4.3.0", "@fastify/autoload": "^5.8.0", - "@fastify/bearer-auth": "^9.3.0", - "@fastify/compress": "^7.0.0", + "@fastify/bearer-auth": "^9.4.0", + "@fastify/compress": "^7.0.3", "@fastify/cors": "^9.0.1", "@fastify/helmet": "^11.1.1", "@fastify/rate-limit": "^9.1.0", - "@fastify/sensible": "^5.5.0", - "@fastify/static": "^7.0.1", + "@fastify/sensible": "^5.6.0", + "@fastify/static": "^7.0.3", "@fastify/swagger": "^8.14.0", "@fastify/under-pressure": "^8.3.0", "cfb": "^1.2.2", @@ -1564,27 +1564,73 @@ "integrity": "sha512-bF86vl+1Kk91S41WIL9NrKhcugGQg/cQ959aTaombkCjA+9YAbgVCKKu2lRqtMsosDZ0CNRfVnaLYoHQIDUI2A==" }, "node_modules/@fastify/bearer-auth": { - "version": "9.3.0", - "resolved": "https://registry.npmjs.org/@fastify/bearer-auth/-/bearer-auth-9.3.0.tgz", - "integrity": "sha512-k2ertyzvveeY7P64+kczNJainIsOj3OvMwFkg+OHmVRebfvN6V0cGaKOgLb8d/UE8zuMfoCSxgIkp9+2HjheUg==", + "version": "9.4.0", + "resolved": "https://registry.npmjs.org/@fastify/bearer-auth/-/bearer-auth-9.4.0.tgz", + "integrity": "sha512-+xn8UCKhJiBP3SsbCjzhfq+Dtf/pl1BDVrgb0/o6WcgNDUZ+bcEZnJ0P2e6FQEtE2nMYonLD/aVa9Ku8N9Cfbw==", "dependencies": { "@fastify/error": "^3.4.1", "fastify-plugin": "^4.0.0" } }, "node_modules/@fastify/compress": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/@fastify/compress/-/compress-7.0.0.tgz", - "integrity": "sha512-jo/NaBVHP1OXIf8Kmr3bZyYQB0gAIgcy5c8rRKTPjhklHO7lRs/6ZFckUVT0NtbKSvrTuIcmSkxYpjyv3FNHXA==", + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/@fastify/compress/-/compress-7.0.3.tgz", + "integrity": "sha512-xa9fo5/DgK1s0bkS6xrYgNn8HmofO5tJvbCDk8QuXshSgLd2cFZANv1ox/Qv7zswS7JroHwTlCVv/XGTVO98tg==", "dependencies": { "@fastify/accept-negotiator": "^1.1.0", "fastify-plugin": "^4.5.0", - "into-stream": "^6.0.0", "mime-db": "^1.52.0", "minipass": "^7.0.2", "peek-stream": "^1.1.3", "pump": "^3.0.0", - "pumpify": "^2.0.1" + "pumpify": "^2.0.1", + "readable-stream": "^4.5.2" + } + }, + "node_modules/@fastify/compress/node_modules/buffer": { + "version": "6.0.3", + "resolved": "https://registry.npmjs.org/buffer/-/buffer-6.0.3.tgz", + "integrity": "sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/feross" + }, + { + "type": "patreon", + "url": "https://www.patreon.com/feross" + }, + { + "type": "consulting", + "url": "https://feross.org/support" + } + ], + "dependencies": { + "base64-js": "^1.3.1", + "ieee754": "^1.2.1" + } + }, + "node_modules/@fastify/compress/node_modules/readable-stream": { + "version": "4.5.2", + "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-4.5.2.tgz", + "integrity": "sha512-yjavECdqeZ3GLXNgRXgeQEdz9fvDDkNKyHnbHRFtOr7/LcfgBcmct7t/ET+HaCTqfh06OzoAxrkN/IfjJBVe+g==", + "dependencies": { + "abort-controller": "^3.0.0", + "buffer": "^6.0.3", + "events": "^3.3.0", + "process": "^0.11.10", + "string_decoder": "^1.3.0" + }, + "engines": { + "node": "^12.22.0 || ^14.17.0 || >=16.0.0" + } + }, + "node_modules/@fastify/compress/node_modules/string_decoder": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.3.0.tgz", + "integrity": "sha512-hkRX8U1WjJFd8LsDJ2yQ/wWWxaopEsABU1XfkM8A+j0+85JAGppt16cr1Whg6KIbb4okU6Mql6BOj+uup/wKeA==", + "dependencies": { + "safe-buffer": "~5.2.0" } }, "node_modules/@fastify/cors": { @@ -1654,9 +1700,9 @@ } }, "node_modules/@fastify/sensible": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/@fastify/sensible/-/sensible-5.5.0.tgz", - "integrity": "sha512-D0zpl+nocsRXLceSbc4gasQaO3ZNQR4dy9Uu8Ym0mh8VUdrjpZ4g8Ca9O3pGXbBVOnPIGHUJNTV7Yf9dg/OYdg==", + "version": "5.6.0", + "resolved": "https://registry.npmjs.org/@fastify/sensible/-/sensible-5.6.0.tgz", + "integrity": "sha512-Vq6Z2ZQy10GDqON+hvLF52K99s9et5gVVxTul5n3SIAf0Kq5QjPRUKkAMT3zPAiiGvoHtS3APa/3uaxfDgCODQ==", "dependencies": { "@lukeed/ms": "^2.0.1", "fast-deep-equal": "^3.1.1", @@ -1668,9 +1714,9 @@ } }, "node_modules/@fastify/static": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/@fastify/static/-/static-7.0.1.tgz", - "integrity": "sha512-i1p/nELMknAisNfnjo7yhfoUOdKzA+n92QaMirv2NkZrJ1Wl12v2nyTYlDwPN8XoStMBAnRK/Kx6zKmfrXUPXw==", + "version": "7.0.3", + "resolved": "https://registry.npmjs.org/@fastify/static/-/static-7.0.3.tgz", + "integrity": "sha512-2tmTdF+uFCykasutaO6k4/wOt7eXyi7m3dGuCPo5micXzv0qt6ttb/nWnDYL/BlXjYGfp1JI4a1gyluTIylvQA==", "dependencies": { "@fastify/accept-negotiator": "^1.0.0", "@fastify/send": "^2.0.0", @@ -6105,15 +6151,6 @@ "node": ">= 0.6" } }, - "node_modules/from2": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/from2/-/from2-2.3.0.tgz", - "integrity": "sha512-OMcX/4IC/uqEPVgGeyfN22LJk6AZrMkRZHxcHBMBvHScDGgwTm2GT2Wkgtocyd3JfZffjj2kYUDXXII0Fk9W0g==", - "dependencies": { - "inherits": "^2.0.1", - "readable-stream": "^2.0.0" - } - }, "node_modules/fs.realpath": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", @@ -6838,21 +6875,6 @@ "node": ">= 0.4" } }, - "node_modules/into-stream": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/into-stream/-/into-stream-6.0.0.tgz", - "integrity": "sha512-XHbaOAvP+uFKUFsOgoNPRjLkwB+I22JFPFe5OjTkQ0nwgj6+pSjb4NmB6VMxaPshLiOf+zcpOCBQuLwC1KHhZA==", - "dependencies": { - "from2": "^2.3.0", - "p-is-promise": "^3.0.0" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, "node_modules/ipaddr.js": { "version": "1.9.1", "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz", @@ -10402,14 +10424,6 @@ "os-tmpdir": "^1.0.0" } }, - "node_modules/p-is-promise": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/p-is-promise/-/p-is-promise-3.0.0.tgz", - "integrity": "sha512-Wo8VsW4IRQSKVXsJCn7TomUaVtyfjVDn3nUP7kE967BQk0CwFpdbZs0X0uk5sW9mkBa9eNM7hCMaG93WUAwxYQ==", - "engines": { - "node": ">=8" - } - }, "node_modules/p-limit": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", diff --git a/package.json b/package.json index 146912dc..6da8c8ea 100644 --- a/package.json +++ b/package.json @@ -104,13 +104,13 @@ "dependencies": { "@fastify/accepts": "^4.3.0", "@fastify/autoload": "^5.8.0", - "@fastify/bearer-auth": "^9.3.0", - "@fastify/compress": "^7.0.0", + "@fastify/bearer-auth": "^9.4.0", + "@fastify/compress": "^7.0.3", "@fastify/cors": "^9.0.1", "@fastify/helmet": "^11.1.1", "@fastify/rate-limit": "^9.1.0", - "@fastify/sensible": "^5.5.0", - "@fastify/static": "^7.0.1", + "@fastify/sensible": "^5.6.0", + "@fastify/static": "^7.0.3", "@fastify/swagger": "^8.14.0", "@fastify/under-pressure": "^8.3.0", "cfb": "^1.2.2", diff --git a/src/server.test.js b/src/server.test.js index 5c751bae..154a6abc 100644 --- a/src/server.test.js +++ b/src/server.test.js @@ -24,7 +24,6 @@ const expResHeaders = { "referrer-policy": "no-referrer", "strict-transport-security": "max-age=31536000; includeSubDomains", "surrogate-control": "no-store", - vary: "accept-encoding", "x-content-type-options": "nosniff", "x-dns-prefetch-control": "off", "x-download-options": "noopen", @@ -748,13 +747,13 @@ describe("Server deployment", () => { ...expResHeadersJson, "access-control-allow-origin": "https://notreal.nhs.uk", - vary: "Origin, accept-encoding", + vary: "Origin", }, text: { ...expResHeadersText, "access-control-allow-origin": "https://notreal.nhs.uk", - vary: "Origin, accept-encoding", + vary: "Origin", }, }, }, @@ -805,13 +804,13 @@ describe("Server deployment", () => { ...expResHeadersJson, "access-control-allow-origin": "https://notreal.nhs.uk", - vary: "Origin, accept-encoding", + vary: "Origin", }, text: { ...expResHeadersText, "access-control-allow-origin": "https://notreal.nhs.uk", - vary: "Origin, accept-encoding", + vary: "Origin", }, }, },