fix(deps): update module github.com/gofiber/fiber/v2 to v2.52.5

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
github.com/gofiber/fiber/v2	v2.49.2 -> v2.52.5

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

gofiber/fiber (github.com/gofiber/fiber/v2)

v2.52.5

Compare Source

👮 Security

Middleware/session: Session Middleware Token Injection Vulnerability - GHSA-98j2-3j3p-fw2v

https://docs.gofiber.io/api/middleware/session

🧹 Updates

• Middleware/session: Remove extra release and aquire ctx calls in session_test.go (#​3043)

🐛 Bug Fixes

• Middleware/monitor: middleware reporting of CPU usage (#​2984)
• Middleware/session: mutex for thread safety (#​3050)

📚 Documentation

• Improve ctx.Locals method description and example (#​3030)
• Improve ctx.Locals method documentation (#​3033)
• Update README_id.md (#​3045)

Full Changelog: gofiber/fiber@v2.52.4...v2.52.5

Thank you @​nyufeng, @​PaulTitto and @​sixcolors for making this update possible.

v2.52.4

Compare Source

🐛 Fixes

• Middleware/cors: CORS handling by @​sixcolors in https://github.com/gofiber/fiber/pull/2937
• Middleware/cors: Vary header handling non-cors OPTIONS requests by @​sixcolors in https://github.com/gofiber/fiber/pull/2939

Full Changelog: gofiber/fiber@v2.52.3...v2.52.4

v2.52.3

Compare Source

🐛 Fixes

• Middleware/cors: Handling and wildcard subdomain matching by @​sixcolors in https://github.com/gofiber/fiber/pull/2915
• Middleware/cors: Categorize requests correctly by @​sixcolors in https://github.com/gofiber/fiber/pull/2921
• Middleware/csrf: Fix Benchmark Tests by @​sixcolors in https://github.com/gofiber/fiber/pull/2932

Full Changelog: gofiber/fiber@v2.52.2...v2.52.3

v2.52.2

Compare Source

🐛 Fixes

• Middleware/cors: Validation of multiple Origins (https://github.com/gofiber/fiber/pull/2883)

Full Changelog: gofiber/fiber@v2.52.1...v2.52.2

v2.52.1

Compare Source

👮 Security

Middleware/cors: Insecure CORS Configuration Allowing Wildcard Origin with Credentials - GHSA-fmg4-x8pw-hjhg

https://docs.gofiber.io/api/middleware/cors

🐛 Fixes

• Middleware/healthcheck: Not working with route group(#​2863)

📚 Documentation

• Fix default value to false in docs of QueryBool (#​2811)
• Fix code snippet indentation in /docs/api/middleware/keyauth.md (#​2867)

Full Changelog: gofiber/fiber@v2.52.0...v2.52.1

Thank you @​luk3skyw4lker, @​CAEL0, @​grivera64, @​gaby and @​sixcolors for making this update possible.

v2.52.0

Compare Source

🚀 New

• Middleware/healthcheck: Add liveness and readiness checks (#​2509)
  https://docs.gofiber.io/api/middleware/healthcheck

// Direct usage with default config
app.Use(healthcheck.New())

// Or extend your config for customization
app.Use(healthcheck.New(healthcheck.Config{
    LivenessEndpoint: "/live",
    LivenessProbe: func(c *fiber.Ctx) bool {
        return true
    },
    ReadinessEndpoint: "/ready",
    ReadinessProbe: func(c *fiber.Ctx) bool {
        return serviceA.Ready() && serviceB.Ready() && ...
    },
}))

🧹 Updates

• Middlewares: don't constrain middlewares context-keys to strings (#​2751)
• Middleware/logger: colorize logger error message #​2593 (#​2773)
• Middleware/logger: changing default log output (#​2730)
• Middleware/logger: log client IP address by default (#​2755)
• Middleware/encryptcookie: update default config (#​2753)
• Improve benchmarks for getOffer (#​2739)

🛠️ Maintenance

• Bump github/codeql-action from 2 to 3 (#​2763)
• Bump github.com/google/uuid from 1.4.0 to 1.5.0 (#​2762)
• Bump actions/setup-go from 4 to 5 (#​2754)
• Bump golang.org/x/sys from 0.14.0 to 0.15.0 (#​2744)
• Bump github.com/valyala/fasthttp from 1.50.0 to 1.51.0 (#​2721)

🐛 Fixes

• Middleware/redirect : fix for redirect with query params (#​2748)
• Middleware/adaptor: Adaptor + otelfiber issue #​2641 (#​2772)
• Middleware/cors: Should use the defined AllowedOriginsFunc config when AllowedOrigins is empty (#​2771)
• Middleware/session: Race in session middleware tests (#​2740)
• Middleware/csrf: Fix failing CSRF tests (#​2720)
• Fix race condition in parallel tests (#​2734)
• utils.IsIPv4 and net.ParseIP have inconsistent results #​2735 (#​2736)

📚 Documentation

• Middleware/csrf: Improve csrf docs (#​2726)
• Update app.md for indentation (#​2761)
• Update default config (#​2753)
• Update CONTRIBUTING.md (#​2752)

Full Changelog: gofiber/fiber@v2.51.0...v2.52.0

Thank you @​MehmetFiratKomurcu, @​benjajaja, @​brunodmartins, @​gilwo, @​iredmail, @​itswcg, @​luk3skyw4lker, @​muhammadkholidb, @​nickajacks1, @​sixcolors and @​tokelo-12 for making this update possible.

v2.51.0

Compare Source

🚀 New

• Add support for parameters in content negotiation (#​2678) RFC
  https://docs.gofiber.io/api/ctx#accepts

// Consideration of parameters in the accepted headers
// Accept: text/plain, application/json; version=1; foo=bar

app.Get("/", func(c *fiber.Ctx) error {
  // Extra parameters in the accept are ignored
  c.Accepts("text/plain;format=flowed") // "text/plain;format=flowed"

  // An offer must contain all parameters present in the Accept type
  c.Accepts("application/json") // ""

  // Parameter order and capitalization does not matter. Quotes on values are stripped.
  c.Accepts(`application/json;foo="bar";VERSION=1`) // "application/json;foo="bar";VERSION=1"
})

• Add support for application/problem+json (#​2704)
  https://docs.gofiber.io/api/ctx#json
  https://docs.gofiber.io/api/client#json

// Passing a custom json type
ctx.JSON(fiber.Map{
    "type": "https://example.com/probs/out-of-credit",
    "title": "You do not have enough credit.",
    "status": 403,
    "detail": "Your current balance is 30, but that costs 50.",
    "instance": "/account/12345/msgs/abc",
  }, fiber.)

🧹 Updates

• Ctx.Range: reduce allocations (#​2705)
• Middleware/pprof: improve performance (#​2709)

🛠️ Maintenance

• Bump golang.org/x/sys from 0.13.0 to 0.14.0 (#​2707)
• Bump github.com/google/uuid from 1.3.1 to 1.4.0 (#​2693)
• Bump actions/setup-node from 3 to 4 (#​2690)
• Bump github.com/mattn/go-isatty from 0.0.19 to 0.0.20 (#​2679)

🐛 Fixes

• Middleware/limiter: fix intermittent failures (#​2716)
• Naming of routes works wrong after mount #​2688 (#​2689)
• Fix method validation on route naming (#​2686)

📚 Documentation

• Changed "Twitter" to "X (Twitter)" in README.md Contribute Section (#​2696)
• Add additional information as to why GetReqHeaders returns a map where the values are slices of strings (#​2698)
• Enhance csrf.md (#​2692)

Full Changelog: gofiber/fiber@v2.50.0...v2.51.0

Thank you @​BandhiyaHardik, @​database64128, @​efectn, @​moritz157, @​nickajacks1, @​rhburt and @​sixcolors for making this update possible.

v2.50.0

Compare Source

❗ Breaking Changes

• Change signatures of GetReqHeaders and GetRespHeaders (#​2650)

To allow single and list values under headers according to the rfc standard

- func (c *Ctx) GetReqHeaders() map[string]string
+ func (c *Ctx) GetReqHeaders() map[string][]string

- func (c *Ctx) GetRespHeaders() map[string]string
+ func (c *Ctx) GetRespHeaders() map[string][]string

👮 Security

Middleware/csrf: Token Vulnerability (GHSA-mv73-f69x-444p, GHSA-94w9-97p3-p368)

https://docs.gofiber.io/api/middleware/csrf

🚀 Improvements to the CSRF middleware:

• Added support for single-use tokens through the SingleUseToken configuration option.
• Optional integration with GoFiber session middleware through the Session and SessionKey configuration options.
• Introduction of origin checks for HTTPS connections to verify referer headers.
• Implementation of a Double Submit Cookie approach for CSRF token generation and validation when used without Session.
• Enhancement of error handling with more descriptive error messages.
• The documentation for the CSRF middleware has been enhanced with the addition of the new options and best practices to improve security.

Thank you @​sixcolors

🚀 New

• Cookie parser (#​2656)
  https://docs.gofiber.io/api/ctx#cookieparser

// Field names should start with an uppercase letter
type Person struct {
    Name     string  `cookie:"name"`
    Age      int     `cookie:"age"`
    Job      bool    `cookie:"job"`
}
// Example route
app.Get("/", func(c *fiber.Ctx) error {
    p := new(Person)
    // This method is similar to BodyParser, but for cookie parameters
    if err := c.CookieParser(p); err != nil {
        return err
    }
    
    log.Println(p.Name)     // Joseph
    log.Println(p.Age)      // 23
    log.Println(p.Job)      // true
})

• Middleware/cors: Allow disabling caching in preflight requests (#​2649)
  https://docs.gofiber.io/api/middleware/cors#config

// To disable caching completely, pass MaxAge value negative. It will set the Access-Control-Max-Age header 0.
app.Use(cors.New(cors.Config{MaxAge: -1})) 

• Middleware/session: Add Reset method to Session struct in session middleware (#​2654)
  https://docs.gofiber.io/api/middleware/session#signatures

// Provide more flexibility in session management, especially in scenarios like repeated user logins
func (s *Session) Reset() error

Example usage:

// Initialize default config
// This stores all of your app's sessions
store := session.New()

app.Post("/login", func(c *fiber.Ctx) error {
    // Get session from storage
    sess, err := store.Get(c)
    if err != nil {
        panic(err)
    }
    
    // ... validate login ...
    
    // Check if the session is fresh
    if !sess.Fresh() {
        // If the session is not fresh, reset it
        if err := sess.Reset(); err != nil {
            panic(err)
        }
    }
    // Set new session data
    sess.Set("user_id", user.ID)
    // Save session
    if err := sess.Save(); err != nil {
        panic(err)
    }

    return c.SendString(fmt.Sprintf("Welcome %v", user.ID))
})

• Middleware/session: Add Delete method to Store struct in session middleware (#​2655)
  https://docs.gofiber.io/api/middleware/session#signatures

// Provide more control over individual session management, especially in scenarios 
// like administrator-enforced user logout or user-initiated logout from a specific device session
func (s *Store) Delete(id string) error

Example usage:

app.Post("/admin/session/:id/logout", func(c *fiber.Ctx) error {
    // Get session id from request
    sessionID := c.Params("id")

    // Delete the session
    if err := store.Delete(sessionID); err != nil {
        return c.Status(500).SendString(err.Error())
    }

    return c.SendString("Logout successful")
})

🧹 Updates

• Middleware/filesystem: Improve status for SendFile (#​2664)
• Middleware/filesystem: Set response code (#​2632)
• Refactor Ctx.Method func to improve code readability (#​2647)

🛠️ Maintenance

• Fix loop variable captured by func literal (#​2660)
• Run gofumpt and goimports (#​2662)
• Use utils.AssertEqual instead of t.Fatal on some tests (#​2653)
• Apply go fix ./... with latest version of go in repository (#​2661)
• Bump github.com/valyala/fasthttp from 1.49.0 to 1.50.0 (#​2634)
• Bump golang.org/x/sys from 0.12.0 to 0.13.0 (#​2665)

🐛 Fixes

• Path checking on route naming (#​2676)
• Incorrect log depth when use log.WithContext (#​2666)
• Jsonp ignoring custom json encoder (#​2658)
• PassLocalsToView when bind parameter is nil (#​2651)
• Parse ips return invalid in abnormal case (#​2642)
• Bug parse custom header (#​2638)
• Middleware/adaptor: Reduce memory usage by replacing io.ReadAll() with io.Copy() (#​2637)
• Middleware/idempotency: Nil pointer dereference issue on idempotency middleware (#​2668)

📚 Documentation

• Incorrect status code source (#​2667)
• Middleware/requestid: Typo in requestid.md (#​2675)
• Middleware/cors: Update docs to better explain AllowOriginsFunc (#​2652)

Full Changelog: gofiber/fiber@v2.49.2...v2.50.0

Thank you @​KaptinLin, @​Skyenought, @​cuipeiyu, @​dairlair, @​efectn, @​gaby, @​geerew, @​huykn, @​jimmyl02, @​joey1123455, @​joshlarsen, @​jscappini, @​peczenyj and @​sixcolors for making this update possible.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 23.33%. Comparing base (fc4e981) to head (133c8b0).

❗ Current head 133c8b0 differs from pull request most recent head fbb0e22

Please upload reports for the commit fbb0e22 to get more accurate results.

Additional details and impacted files

@@           Coverage Diff           @@
##           master      #70   +/-   ##
=======================================
  Coverage   23.33%   23.33%           
=======================================
  Files           5        5           
  Lines         390      390           
=======================================
  Hits           91       91           
  Misses        293      293           
  Partials        6        6           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 6 additional dependencies were updated

Details:

Package	Change
github.com/google/uuid	v1.3.1 -> v1.5.0
github.com/mattn/go-isatty	v0.0.19 -> v0.0.20
golang.org/x/net	v0.15.0 -> v0.17.0
github.com/klauspost/compress	v1.16.7 -> v1.17.0
github.com/valyala/fasthttp	v1.50.0 -> v1.51.0
golang.org/x/sys	v0.12.0 -> v0.15.0