[Snyk] Upgrade fastify from 5.2.1 to 5.6.0

[adityamaru]

Snyk has created this PR to upgrade fastify from 5.2.1 to 5.6.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 8 versions ahead of your current version.

• The recommended version was released 21 days ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Improper Validation of Specified Type of Input SNYK-JS-FASTIFY-9788069	649	No Known Exploit

Release notes

Package name: fastify

• 5.6.0 - 2025-09-05
  

  What's Changed

  • fix: update typescript pino type to pick by @ dancastillo in #6287
  • feat(types): router option types by @ dancastillo in #6282
  • fix(types): Fix use of "esModuleInterop: false" by @ joshkel in #6292
  • docs: fix typo in Reference: TypeScript.md by @ hmanzoni in #6302
  • docs: clarify router performance note by @ Prasad2604 in #6306

  New Contributors

  • @ joshkel made their first contribution in #6292
  • @ hmanzoni made their first contribution in #6302
  • @ Prasad2604 made their first contribution in #6306

  Full Changelog: v5.5.0...v5.6.0

• 5.5.0 - 2025-08-11
  

  What's Changed

  • docs: fix markdown linting issue by @ Uzlopak in #6175
  • chore: removed simple-get from mkcalendar tests by @ ilteoood in #6199
  • chore: removed simple-get from versioned-routes tests by @ ilteoood in #6202
  • chore: removed simple-get from hooks tests by @ ilteoood in #6210
  • fix: close pipelining test by @ ilteoood in #6204
  • chore: removed simple-get from unlock test by @ ilteoood in #6178
  • chore: removed simple-get from use-semicolon-delimiter tests by @ ilteoood in #6203
  • chore: removed simple-get from custom-https-server tests by @ ilteoood in #6201
  • chore: remove simple-get from custom parser 5 by @ ilteoood in #6172
  • chore: removed simple-get from head tests by @ ilteoood in #6196
  • chore: removed simple-get from request id tests by @ ilteoood in #6193
  • chore: remove simple get from custom parser 1 by @ ilteoood in #6167
  • chore: removed simple-get from custom-parser-0 by @ ilteoood in #6168
  • chore: remove simple-get from custom parser 2 by @ ilteoood in #6169
  • chore: remove simple-get from custom parser 4 by @ ilteoood in #6171
  • chore: removed simple-get from promises test by @ ilteoood in #6183
  • chore: removed simple-get from move test by @ ilteoood in #6179
  • chore: remove simple-get from custom querystring parser by @ ilteoood in #6166
  • chore: remove simple-get from propfind by @ ilteoood in #6174
  • chore: removed simple-get from case insensitive test by @ ilteoood in #6188
  • chore: remove simple get from async-await tests by @ ilteoood in #6165
  • chore: removed simple-get from header overflow test by @ ilteoood in #6190
  • chore: removed simple-get from check test by @ ilteoood in #6176
  • chore: removed simple-get from async hooks test by @ ilteoood in #6189
  • feat(types): export more schema related types by @ marcalexiei in #6207
  • chore: removed simple-get from copy tests by @ ilteoood in #6198
  • chore: removed simple-get from request-error test by @ ilteoood in #6184
  • chore: removed simple-get from decorator tests by @ ilteoood in #6192
  • ci: pin third-party actions to commit-hash by @ Fdawgs in #6218
  • fix: close fastify instance by @ ilteoood in #6177
  • chore(license): replace date range by @ Fdawgs in #6219
  • chore: removed simple-get from plugin-1 test by @ ilteoood in #6180
  • chore: removed simple-get from plugin-2 test by @ ilteoood in #6181
  • chore: removed simple-get from plugin-3 test by @ ilteoood in #6182
  • chore: remove simple get from reply test by @ ilteoood in #6160
  • feat(types): add missing error types by @ davidwood in #6217
  • docs: setErrorHandler description by @ AlvesJorge in #6227
  • docs: fix onError hook execution order documentation by @ emicovi in #6225
  • fix: handle abort signal in fastify.listen by @ climba03003 in #6235
  • feat: prepare to use Promise.withResolvers by @ climba03003 in #6232
  • docs: updated SECURITY.md by @ Eomm in #6233
  • fix(docs): fix markdown to exclude leading parenthesis by @ IanWoodard in #6238
  • ci: fix thollander/actions-comment-pull-request commit-hash by @ Fdawgs in #6244
  • docs(routes): add payload to preParsing signature by @ callmehiphop in #6240
  • docs(ecosystem): add fastify-route-preset plugin by @ inyourtime in #6220
  • chore: remove simple get from async request, get and register... by @ ilteoood in #6246
  • docs: improve custom validator documentation for async hooks by @ emicovi in #6228
  • chore: remove simple get from route shorthand by @ ilteoood in #6245
  • chore: Bump @ stylistic/eslint-plugin from 4.4.1 to 5.1.0 in the dev-dependencies-eslint group by @ dependabot[bot] in #6242
  • chore: Bump @ types/node from 22.15.34 to 24.0.8 in the dev-dependencies-typescript group by @ dependabot[bot] in #6243
  • chore(tests): remove simple get by @ ilteoood in #6249
  • chore: finally remove simple get by @ ilteoood in #6251
  • chore: remove undici from schema-validation.test.js by @ Uzlopak in #6252
  • test: fix flakyness of close-pipelining-test, upgrade undici to v7 by @ Uzlopak in #6256
  • fix: account for EPIPE fetch errors in tests by @ gurgunday in #6255
  • docs: correct parameter name in frameworkErrors handler by @ inyourtime in #6257
  • docs: fix server page headings level by @ golopot in #6258
  • fix: add FST_ERR_CTP_INVALID_JSON_BODY by @ Uzlopak in #5925
  • feat: optimize content type parser by using AsyncResource.bind() by @ gurgunday in #6262
  • fix: remove unnecessary body length check in contentTypeParser by @ gurgunday in #6266
  • docs(ecosystem): add fastify-multilingual by @ gbrugger in #6268
  • chore: fix docs Request.md by @ ts0307 in #6270
  • chore: Bump typescript from 5.8.3 to 5.9.2 in the dev-dependencies-typescript group by @ dependabot[bot] in #6273
  • chore: Bump cross-env from 7.0.3 to 10.0.0 by @ dependabot[bot] in #6274
  • feat(types): enforce reply status code types with type providers by @ samchungy in #6250
  • feat: move router options to own key by @ dancastillo in #5985
  • docs: refine CONTRIBUTING.md for better readability by @ Dipali127 in #6277
  • chore: refactor reply.send and prioritize kReplyIsError by @ gurgunday in #6267
  • docs(ecosystem): add fastify-permissions plugin by @ pckrishnadas88 in #6265
  • docs: Add Hey API to ecosystem by @ mrlubos in #6280
  • fix: OPTIONS Content-Type handling by @ gurgunday in #6263

  New Contributors

  • @ marcalexiei made their first contribution in #6207
  • @ davidwood made their first contribution in #6217
  • @ AlvesJorge made their first contribution in #6227
  • @ emicovi made their first contribution in #6225
  • @ IanWoodard made their first contribution in #6238
  • @ callmehiphop made their first contribution in #6240
  • @ golopot made their first contribution in #6258
  • @ gbrugger made their first contribution in #6268
  • @ ts0307 made their first contribution in #6270
  • @ Dipali127 made their first contribution in #6277
  • @ pckrishnadas88 made their first contribution in #6265
  • @ mrlubos made their first contribution in #6280

  Full Changelog: v5.4.0...v5.5.0

• 5.4.0 - 2025-06-12
  

  What's Changed

  • test: mv routes-* from tap by @ jean-michelet in #6092
  • test: mv skip-reply-send from tap by @ jean-michelet in #6094
  • test: mv plugins from tap by @ jean-michelet in #6088
  • fix(ci): ignore alternative runtime result by @ Eomm in #6125
  • test: mv schema-* from tap by @ jean-michelet in #6093
  • test: mv hooks-async from tap by