chore: upgrade @fastify/jwt to 9.1.0 #615
Conversation
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
Caution Review the following alerts detected in dependencies. According to your organization's Security Policy, you must resolve all "Block" alerts before proceeding. Learn more about Socket for GitHub.
|
||||||||||||||||||
There was a problem hiding this comment.
Pull Request Overview
This PR upgrades @fastify/jwt from version 9.0.1 to 9.1.0 and adds comprehensive compatibility tests to ensure the upgrade is safe and to protect against future breaking changes.
- Adds extensive JWT compatibility test suite covering all JWT authentication features
- Documents the new compatibility testing approach for future upgrades
- Upgrades the
@fastify/jwtdependency to version 9.1.0
Reviewed Changes
Copilot reviewed 3 out of 4 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| test/jwt-compatibility.ts | Comprehensive test suite covering JWT plugin registration, token validation, scope authorization, error handling, storage integration, and configuration validation |
| package.json | Updates @fastify/jwt dependency from 9.0.1 to 9.1.0 |
| docs/jwt-compatibility-testing.md | Documentation explaining the JWT compatibility testing approach, test categories, and troubleshooting guidance |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 3 out of 4 changed files in this pull request and generated 2 comments.
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| // First upload an artifact | ||
| await app.inject({ | ||
| method: 'PUT', | ||
| url: `/v8/artifacts/${artifactId}`, | ||
| headers: { | ||
| authorization: `Bearer ${token}`, | ||
| 'content-type': 'application/octet-stream', | ||
| }, | ||
| query: { | ||
| team, | ||
| }, | ||
| payload: Buffer.from('test cache data'), | ||
| }) |
There was a problem hiding this comment.
[nitpick] This artifact upload code is duplicated in multiple test cases. Consider extracting it into a helper function to reduce code duplication and improve maintainability.
| console.log('JWT token rejected:', response.body) | ||
| assert.fail('JWT token should be valid but was rejected') |
There was a problem hiding this comment.
Using console.log in tests is not recommended as it pollutes test output. Consider using the test runner's built-in assertion messages or removing this debug output entirely.
| console.log('JWT token rejected:', response.body) | |
| assert.fail('JWT token should be valid but was rejected') | |
| assert.fail(`JWT token should be valid but was rejected. Response body: ${response.body}`) |
1 participant
In this PR
Issues reference
Checklist
pnpm lintpnpm buildpnpm testSummary
Adds comprehensive JWT compatibility tests to validate that upgrading
@fastify/jwtfrom 9.0.1 to 9.1.0 is safe for this project. Tests exercise the plugin as used here (including JWKS-based verification, scope handling, and error behavior) without referencing package versions, ensuring forward compatibility for future upgrades. Also adds documentation describing how to run and interpret the new tests.What changed
test/jwt-compatibility.ts:JWKS_URL)formatUserbehavior (with and withoutscope)docs/jwt-compatibility-testing.mdexplaining:Why this is needed
@fastify/jwt9.0.1 → 9.1.0 does not change behavior in this codebase@fastify/jwtupgrades by testing usage patterns rather than versionsfastify-jwt-jwksand scope-based access checksHow to verify locally
pnpm test jwt-compatibility.tspnpm testNotes on compatibility
mock-jwks)These assertions are stable and independent of specific
@fastify/jwtversions, so they will continue to guard behavior as the dependency evolves.