what stackpulse tracks
Fastify releases from GitHub
StackPulse watches Fastify release notes and keeps the original source link close to every summary.
#stacks/fastify/framework
Fastify release notes, breaking changes, and upgrade notes.
Fast and low overhead web framework for Node.js StackPulse turns upstream changelogs into scannable summaries with risky changes, deprecations, migration notes, and source links.
releases
6
breaking
0
security
4
deprecated
1
migrations
0
upgrade risk
Breaking changes and deprecations
Risky changes are separated from normal feature notes so you can scan upgrade impact before changing production dependencies.
migration notes
Source-backed next steps
Migration steps and recommended actions are only shown when the upstream release notes support them.
# latest_releases
source-backedv5.9.0highdeprecationfeaturesecurityJun 28, 2026
v5.9.0
This release introduces new features like request.mediaType and onMaxParamLength support, along with several bug fixes and performance improvements.
affected
Developers using Fastify for HTTP/2 streaming, media type handling, or parameter validation may need to update their code.
action
Update to v5.9.0 to benefit from new features and security fixes.
release_signals
!Secure fix: Do not trust forwarded host/proto when socket is missing
!Clear socket._meta after response to prevent keep-alive leaks
!Deprecated leveldb plugin has been removed from documentation
+Added request.mediaType for better media type handling
+Added support for onMaxParamLength for customizing parameter length validation
+Performance optimizations for ContentType parsing and schema serialization
v5.8.5criticalsecurityApr 14, 2026
v5.8.5
This release primarily addresses a security vulnerability (CVE-2026-33806) and includes minor dependency updates and bug fixes.
affected
Users affected by CVE-2026-33806 should upgrade immediately.
action
Upgrade to version 5.8.5 to mitigate the security vulnerability.
release_signals
!Fixed CVE-2026-33806 (GHSA-247c-9743-5963)
v5.8.4lowMar 23, 2026
v5.8.4
This release includes minor updates and fixes. Refer to the full changelog for detailed changes.
view source on github->v5.8.3criticalsecurityMar 23, 2026
v5.8.3
This release primarily addresses a security vulnerability (CVE-2026-3635) and includes minor documentation updates and fixes.
affected
Users affected by CVE-2026-3635 should upgrade immediately.
action
Upgrade to v5.8.3 to mitigate the security vulnerability.
release_signals
!Fixed CVE-2026-3635 (GHSA-444r-cwp2-x5xf)
v5.8.2lowfeatureMar 7, 2026
v5.8.2
This release includes documentation updates, ecosystem additions, and a fix to prevent quadratic backtracking in key-value pair parsing.
affected
Developers using Fastify may benefit from updated documentation and new ecosystem plugins.
action
Review the updated documentation and consider integrating new ecosystem plugins if applicable.
release_signals
+Added @yeliex/fastify-problem-details to the ecosystem
+Added fastify-file-router to the ecosystem
+Added fastify-svelte-view to the Ecosystem list
+Added @glidemq/fastify to community plugins
v5.8.1criticalsecurityMar 5, 2026
v5.8.1
This release addresses a security vulnerability in the Content-Type validation logic, preventing malformed content types from passing validation.
affected
Users relying on Content-Type validation in Fastify are affected.
action
Upgrade to v5.8.1 immediately to mitigate the security risk.
release_signals
!Fixes 'Missing End Anchor in "subtypeNameReg" Allows Malformed Content-Types to Pass Validation' (CVE-2026-3419)