fix(deps): update module github.com/gofiber/fiber/v2 to v3

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/gofiber/fiber/v2	v2.52.11 → v3.1.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

gofiber/fiber (github.com/gofiber/fiber/v2)

v3.1.0

Compare Source

🚀 New

• expand middleware context helpers (#​4079)

app := fiber.New(fiber.Config{
    PassLocalsToContext: true, // default: false
})

// Works for requestid, csrf, session, basicauth, keyauth middlewares
app.Use(requestid.New())

app.Get("/", func(ctx fiber.Ctx) error {
    // Value helpers from middlewares works now with 3 different context items
    id := requestid.FromContext(ctx)              // works always
    id := requestid.FromContext(ctx.RequestCtx()) // works always
    id := requestid.FromContext(ctx.Context())    // works only when `PassLocalsToContext` is true
    
    return c.SendString(id)
})

https://docs.gofiber.io/api/fiber/#passlocalstocontext

🧹 Updates

• update utils and add go 1.26 for test workflow (#​4087)
• optimize helpers performance (#​4049)
• harden numeric constraint parsing and expand route tests (#​4054)

🐛 Fixes

• harden DefaultRes.Format against nil handler panics (#​4105)
• guard nil request in adaptor LocalContextFromHTTPRequest (#​4097)
• fix Unix-socket support in IsProxyTrusted (#​4088)
• harden proxy nil client handling in Do/Forward paths (#​4083)
• add nil-safety to response decode helpers (#​4081)
• sanitize attachment/download filenames (#​4070)
• harden flash cookie detection (#​4078)
• fix bind struct validation only for struct targets (#​4082)
• enforce Range header limit configuration (#​4071)
• apply limits to msgp serialization (#​4065)
• fix sanitizePath validation logic (#​4064)
• fix Test method returning empty response on timeout (#​4063)
• fix nil pointer dereference in context methods when accessed after release (#​4062)
• retry addon: remove unnecessary sleep after last failed attempt (#​4060)
• make TLS listener config discovery safer (#​4055)
• validate nil services early and during lifecycle (#​4050)
• skip non-string state keys during iteration (#​4048)
• harden Port() handling (#​4051)
• prevent panics on non-string log keys (#​4046)

🛠️ Maintenance

• bump streetsidesoftware/cspell-action from 8.2.0 to 8.3.0 (#​4111)
• bump the golang-modules group with 3 updates (#​4080)
• bump github.com/shamaton/msgpack/v3 from 3.0.0 to 3.1.0 (#​4075)
• bump github.com/klauspost/compress from 1.18.3 to 1.18.4 (#​4076)
• bump github.com/gofiber/schema from 1.6.0 to 1.7.0 (#​4074)
• bump golang.org/x/sys from 0.40.0 to 0.41.0 in the golang-modules group (#​4073)
• bump github/codeql-action from 4.32.3 to 4.32.4 (#​4104)
• bump github/codeql-action from 4.32.1 to 4.32.2 (#​4058)
• bump github/codeql-action from 4.32.0 to 4.32.1 (#​4047)

📚 Documentation

• update versioned storage imports in middleware docs (#​4102)
• update documentation for parser configuration and request handling (#​4096)
• fix invalid Go slice literal in middleware registration example (#​4095)
• document uri struct tag for ctx.Bind().URI() in migration guide (#​4092)
• document logger Stream rename (#​4057)

📒 Documentation: https://docs.gofiber.io/next/

💬 Discord: https://gofiber.io/discord

Full Changelog: gofiber/fiber@v3.0.0...v3.1.0

Thank you @​ReneWerner87, @​SadikSunbul, @​gaby and @​sixcolors for making this release possible.

v3.0.0

Compare Source

For a detailed view of all changes and the migration guide, visit:
https://docs.gofiber.io/whats_new

Try our new migration tool to help you upgrade from v2 to v3:

go install github.com/gofiber/cli/fiber@latest
fiber migrate --to v3

What's Changed

🚀 New Features

• 🚀 App (Docs)
  • Rename WithTlsConfig method to WithTLSConfig in (#​2570)
  • Use any as default Message type of Error struct in (#​1925)
  • Add support for custom constraints in (#​2807)
  • Add support for trusted origins in (#​2910)
  • Add DialDualStack option for upstream IPv6 support in (#​2900)
  • TrustedOrigins using https://*.example.com style subdomains in (#​2925)
  • Add configuration support to c.SendFile() in (#​3017)
  • Add CHIPS support to Cookie in (#​3047)
  • Add TestConfig to app.Test() for configurable testing in (#​3161)
  • Add buffered streaming support in (#​3131)
  • Add support for AutoTLS / ACME in (#​3201)
  • Add support for configuring TLS Min Version in (#​3248)
  • Fix square bracket notation in Multipart FormData in (#​3235)
  • Add support for application state management in (#​3360)
  • Add support for NewErrorf in (#​3463)
  • Add UNIX socket support in (#​3535)
  • Add support for Msgpack in (#​3565)
  • Add default UTF-8 charset in (#​3583)
  • Support for SendEarlyHints in (#​3483)
  • Add conditional copy helpers in (#​3703)
  • Add request inspection helpers in (#​3727)
  • Add support for redacting values in (#​3759)
  • Add support for handling unsupported HTTP methods as HTTP 501 in (#​3854)
  • Add support for ReloadViews() in (#​3876)
  • Expose startup message customization hooks in (#​3824)
  • Migrate from UUIDv4 to SecureToken for key generation in (#​3946)
  • Add ExpirationFunc for dynamic expiration in (#​3984)
  • Auto-enforce Secure=true for Partitioned cookies in Cookie() in (#​3976)
• 📎 Binding (Docs)
  • Initial support for binding in (#​1981)
  • Bind: add support for multipart file binding in (#​3309)
  • Add All method to Bind in (#​3373)
• 🌎 Client (Docs)
  • Client refactor in (#​1986)
  • Add support for creating Fiber client from existing FastHTTP client in (#​3214)
  • Add support for iterator methods to Fiber client in (#​3228)
  • Add support for HostClient and LBClient in (#​3774)
  • Add support for streaming response bodies in client and response handling in (#​4014)
• 🧠 Context (Docs)
  • Convert fiber.Ctx type to interface in (#​1928)
  • Add Drop method to DefaultCtx for silent connection termination in (#​3257)
  • Add End() method to Ctx in (#​3280)
  • Improve and Optimize ShutdownWithContext Func in (#​3162)
  • Add support for context.Context in keyauth middleware in (#​3287)
  • Fiber.Context implement context.Context in (#​3382)
  • Add NewWithCustomCtx initialization helper in (#​3476)
  • Add context methods to fiber.Storage interface in (#​3566)
  • Add Fiber Context to BasicAuth Authorizer in (#​3621)
  • Implement OverrideParam override behavior for DefaultCtx in (#​3962)
  • Add context common request helpers in (#​4007)
  • Adding GetReqHeaders and GetRespHeaders in (#​2831)
  • Add Req and Res API in (#​2894)
• 🔬 Extractors (Docs)
  • Introduce Extractor pattern for session ID retrieval in (#​3625)
  • Enhance extractor functionality with metadata and security validation in (#​3630)
  • Add extractors package in (#​3725)
• 🧰 Generic (Docs)
  • Add QueryParser for get query using generic in (#​2776)
  • Addition of Locals Function with Go Generics as an Alternative to c.Locals in (#​2813)
  • Implement new generic functions: Params, Get and Convert in (#​2850)
  • Support generic configurable logger in (#​3705)
• 🚀 Listen (Docs)
  • Merge Listen methods & ListenConfig in (#​1930)
  • Add support for graceful shutdown timeout in ListenConfig in (#​3220)
  • Add TLSConfig to ListenConfig in (#​4024)
• 🔌 Addons/retry (Docs)
  • Add retry mechanism in (#​1972)
• 🧬 Middleware – adaptor (Docs)
  • Add BodyStream() logic to adaptor.FiberHandler middleware in (#​3799)
  • Add local context support to adaptor middleware in (#​3975)
• 🧬 Middleware – basicauth (Docs)
  • Add HeaderLimit option to BasicAuth middleware in (#​3620)
  • Support hashed BasicAuth passwords in (#​3631)
• 🧬 Middleware – cache (Docs)
  • Add Cache Invalidation Option to Cache Middleware in (#​3036)
  • Add Max Func to Limiter Middleware in (#​3070)
  • Support for disabling response headers in Limiter Middleware in (#​3618)
• 🧬 Middleware – compression (Docs)
  • Add support for zstd compression in (#​3041)
  • Add support for CBOR encoding in (#​3173)
• 🧬 Middleware – cors (Docs)
  • Add support for Access-Control-Allow-Private-Network in (#​2908)
• 🧬 Middleware – csrf (Docs)
  • Add support for Sec-Fetch-Site header in CSRF middleware in (#​3913)
• 🧬 Middleware – encryptcookie (Docs)
  • Add cookie name authentication for EncryptCookie middleware in (#​3788)
• 🧬 Middleware – favicon (Docs)
  • Add MaxBytes to favicon middleware in (#​4016)
• 🧬 Middleware – earlydata (Docs)
  • Add earlydata middleware in (#​2270)
• 🧬 Middleware – healthcheck (Docs)
  • Migrate HealthChecker to v3 in (#​2884)
  • Add Startup Probe to Healthcheck Middleware in (#​3069)
• 🧬 Middleware – idempotency (Docs)
  • Add idempotency middleware in (#​2253)
• 🧬 Middleware – keyauth (Docs)
  • Add support for custom KeyLookup functions in the Keyauth middleware in (#​3028)
• 🧬 Middleware – logger (Docs)
  • Refactor logger middleware in (#​1979)
  • Add AllLogger to Config in (#​3153)
  • Add Skip function to logger middleware in (#​3333)
  • Add predefined log formats in (#​3359)
  • Add support for ForceColors in Logger middleware in (#​3428)
• 🧬 Middleware – proxy (Docs)
  • Add support for TrustProxy in (#​3170)
  • Add KeepConnectionHeader option to Proxy middleware in (#​3662)
• 🧬 Middleware – requestid (Docs)
  • Add Context Support to RequestID Middleware in (#​3200)
  • Validate HTTP headers in RequestID middleware in (#​3919)
• 🧬 Middleware – responsetime (Docs)
  • Add response time middleware in (#​3891)
• 🧬 Middleware – session (Docs)
  • Re-write session middleware with handler in (#​3016)
  • Add support for Keys() in session middleware in (#​3517)
• 🧬 Middleware – static (Docs)
  • Add static middleware in (#​3006)
• 🧬 Middleware – timeout (Docs)
  • Add config for Timeout middleware in (#​3604)
• 🔄️ Redirect (Docs)
  • New redirection methods in (#​2014)
• 🗺️ Router (Docs)
  • Router interface changes in (#​2176)
  • Native support for net/http and fasthttp handlers in (#​3769)
  • New Route method in (#​2065)
  • New mounting system in (#​2022)
  • Add support for RebuildTree in (#​3074)
  • Add support for Express.js style req/res handlers in (#​3809)
  • Add support for DisableAutoRegister of HEAD routes in (#​3817)
  • Enhance CheckConstraint method for improved error handling in (#​3356)
  • Add Support for Removing Routes in (#​3230)
  • Add support for embedded Koa-Style Req and Res structs in (#​3533)
  • Support Express-style next callback handlers in (#​4029)
• 🧩 Services (Docs)
  • Add Support for service dependencies in (#​3434)

🧹 Updates

• ⚙️ Core & API
  • Replace string functions in (#​3923)
  • Update conditional instructions for startup skip in (#​3475)
  • Update AGENTS startup instructions in (#​3474)
  • Add []byte support to utils.EqualFold in (#​2029)
  • Change startup message in (#​2041)
  • Update to use gofiber/utils/v2 in (#​2184)
  • Router: return status 501 instead of 400 on unknown method in (#​2220)
  • Cleanup in (#​2255)
  • Fix ContextKey collisions in (#​2781)
  • Update Ctx.Format to match Express's res.format in (#​2766)
  • Update handler signature for v3 in (#​2794)
  • Change interface{} to any in (#​2796)
  • Added respects body immutability to ctx.Body() and ctx.BodyRaw() functions. in (#​2812)
  • Print to stderr if log fails for default format in (#​2830)
  • Clean up errcheck config in (#​2841)
  • Update startup message formatting in (#​2847)
  • Simplify content negotiation code in (#​2865)
  • Rename "ClientNew" Function to "New" in (#​2896)
  • Remove repetitive words in (#​2917)
  • Improper query/body parsing with embedded structs in (#​2906)
  • Improve and simplify logic of ctx.Next() in (#​3063)
  • Use Named Fields Instead of Positional and Align Structures to Reduce Memory Usage in (#​3079)
  • Use utils Trim functions instead of the strings/bytes functions in (#​3087)
  • Consolidate Logic of Handling the Request Body in (#​3093)
  • Use msgp for flash message encoding/decoding in (#​3099)
  • Replace vendored gorilla/schema package in (#​3152)
  • Improve naming convention for Context returning functions in (#​3193)
  • Nil pointer dereference with Must Bind binding in (#​3171)
  • Mark go1.23 as minimum go version in (#​3226)
  • Rename the Method Names of FormData and FormDatas (#​3251) in (#​3255)
  • Reduce the Memory Usage of ignoreHeaders in (#​3322)
  • Migrate randString to rand v2 in (#​3329)
  • Sorting error in sortAcceptedTypes in (#​3331)
  • Reduce the memory usage of RoutePatternMatch in (#​3335)
  • Replace findLastCharsetPosition with strings.LastIndexByte in (#​3338)
  • Replace isInCharset with bytes.IndexByte in (#​3342)
  • Remove two string fields in DefaultCtx to save 32 bytes in (#​3353)
  • Replace treePath with treePathHash in DefaultCtx to reduce memory usage in (#​3368)
  • Remove redundant field method in DefaultCtx in (#​3372)
  • Add findNextNonEscapedCharPosition for single-byte charset cases in (#​3378)
  • Change c.Redirect() default status in (#​3415)
  • Improve routing treeBuild flow in (#​3456)
  • Make genericParseType return error in (#​3473)
  • Update minimum go version to 1.24 in (#​3481)
  • Use slices.Contains to simplify code in (#​3486)
  • Use maps.Copy to simplify code in (#​3490)
  • Update loop syntax for retry mechanism in (#​3516)
  • Update codecov configuration in (#​3528)
  • Use GetState to reduce duplicate code in (#​3542)
  • Improve Cookie() validation in (#​3546)
  • Improve Accept* compliance with RFC 9110 in (#​3548)
  • Refactor fasthttp iter calls to range loops in (#​3559)
  • Add iterator helpers for client types in (#​3560)
  • Update utils dependency in (#​3576)
  • Refactor Opt-in support for CBOR in (#​3580)
  • Simplify generic function calls in (#​3578)
  • Replace math/rand with crypto/rand in (#​3508)
  • Add sync pool and release helpers for Bind in (#​3660)
  • Add CBOR support to AutoFormat() in (#​3665)
  • Fix AcceptsLanguages() RFC compliance in (#​3672)
  • Respect immutable config in Params(), Protocol(), and Body() in (#​3676)
  • Delay routing error creation in (#​3683)
  • Using reflect.TypeAssert in (#​3698)
  • Handle Transfer-Encoding bodies in HasBody in (#​3748)
  • Improve error handling when using storage drivers in (#​3754)
  • Use sync.Pool for Client hooks in (#​3758)
  • Avoid locking in gc() if nothing to delete in (#​3765)
  • Cleanup return error logic in Bind() in (#​3764)
  • Update RouteChain function in (#​3761)
  • Make boundary a const in (#​3783)
  • Preallocate slice size in Client::Param() in (#​3782)
  • Skip locking garbage collector if nothing to delete in (#​3787)
  • Enhance Body handling in setConfigToRequest for better type su… in (#​3820)
  • Improve propagation of context.Context in (#​3822)
  • Inline Request state wrappers in (#​3827)
  • Remove unneeded "utils" alias in (#​3834)
  • Add FullPath() helper to context in (#​3837)
  • Handle nil map targets in Binder in (#​3839)
  • Extracted generic releasePooledBinder function in (#​3841)
  • Return error during EncryptCookie failure in (#​3842)
  • Fix gocritic httpNoBody and hugeParam issues in (#​3855)
  • Refactor internal errors to use sentinel values in (#​3864)
  • Improve byte-range handling for SendFile() in (#​3870)
  • Use int64 when dealing with HTTP Ranges in (#​3874)
  • Replace strings.TrimSpace with utils.TrimSpace in (#​3918)
  • Replace strings.Index with strings.Cut for improved readallity in (#​3956)
  • Validate constraint by bit operation in (#​3963)
  • Use sync.Pool for form and multipart binding in (#​3967)
  • Use sync.Pool for redirect old input map in (#​3971)
  • Replace anonymous struct key with named type in (#​4020)
• 🧬 Middleware & Addons
  • Document "null" origin handling in CORS middleware in (#​4001)
    (Docs)
  • Refactor CSRF middleware and enhance documentation in (#​3598)
  • Fix pprof middleware docs and default config in (#​3642)
  • Fix CORS docs and comments in (#​3637)
  • Fix CSRF error message mismatch with documentation in (#​3636)
  • Refactor filesystem middleware with io/fs in (#​2027) (Docs)
  • Remove mutex lock in logger middleware in (#​2840)
  • Update CSRF and Limiter to remove repetitive names in (#​2846)
  • Refactor(middleware/cors): Config, lists as list types. in (#​2962)
  • Enforce key length for EncryptCookie middleware default functions in (#​3056)
  • Middleware/CORS Remove Scheme Restriction in (#​3163)
  • Unify and enhance timeout middleware in (#​3275)
  • Simplify HealthCheck middleware in (#​3380)
  • Improve proxy middleware in (#​3468)
  • Enhance KeyAuth middleware to better comply with RFC 6750 in (#​3482)
  • Enhance BasicAuth middleware to better comply with RFC 6750 in (#​3484)
  • Improve cache middleware RFC compliance in (#​3488)
  • Enhance config validation in EncryptCookie middleware in (#​3491)
  • Refactor EnvVar middleware in (#​3513)
  • Improve CORS middleware response headers in (#​3505)
  • Improve BasicAuth middleware default security in (#​3522)
  • Improve static middleware security in (#​3595)
  • Remove SHA-1/MD5 support in BasicAuth middleware in (#​3634)
  • Remove support for PasswordFromContext from BasicAuth middleware in (#​3638)
  • Refactor KeyAuth Middleware: Extractor-Based Configuration and Enhanced Flexibility in (#​3685)
  • Return generic errors in KeyAuth middleware in (#​3692)
  • Fix CSRF subdomain wildcard boundary in (#​3694)
  • Improve Cache middleware defaults in (#​3740)
  • Migrate Session middleware to new extractors package in (#​3744)
  • Improve Compress middleware RFC compliance in (#​3745)
  • Improve KeyAuth middleware RFC compliance in (#​3742)
  • Update CSRF middleware to use shared extractors in (#​3746)
  • Update keyauth middleware to use shared extractors in (#​3747)
  • Fix cache cleanup and redact token values in (#​3757)
  • Ensure middleware prefix matching requires slash boundary in (#​3755)
  • Reduce the memory usage of cacheableStatusCodes in (#​3789)
  • Refactor configuration management for favicon and envvar middlewares in (#​3898)
  • Improve Cache middleware compliance in (#​3973)
  • Further improvements to Cache middleware in (#​3989)
  • Skip caching oversized responses in idempotency middleware in (#​4018)
• ⚡️ Performance & Benchmarks
  • Optimize the menu item text in (#​3267)
  • Remove utils.Trim* because stdlib has same performance in go1.19 in (#​2030)
  • Performance improvements in (#​2838)
  • Add parallel benchmarks to adaptor middleware in (#​2870)
  • Expand Tests and Benchmarks for Log package in (#​2886)
  • Performance optimizations in (#​2947)
  • Add Benchmarks for IsProxyTrusted() in (#​2933)
  • Optimize Cache middleware handler in (#​3031)
  • Update benchmarks for Logger Middleware in (#​3061)
  • Improve performance of Adaptor Middleware in (#​3078)
  • Refactor Benchmark Results Workflow in (#​3082)
  • Improve performance of helper functions in (#​3086)
  • Improve Performance of c.Body() by 125% in (#​3090)
  • Add Benchmarks for Rewrite Middleware in (#​3092)
  • Optimize IsFromLocal() performance in (#​3140)
  • Improve Performance of Fiber Router in (#​3261)
  • Improve Performance of getSplicedStrList in (#​3318)
  • Optimize routeParser by using sync.Pool in (#​3343)
  • Add Immutable benchmarks for default case in (#​3374)
  • Performance optimizations in (#​3477)
  • Improve performance for "equalFieldType" function in (#​3479)
  • Fix compression benchmarks in (#​3561)
  • Improve iterator performance. in (#​3562)
  • Improve sanitizePath performance in (#​3601)
  • Skip unstable GenericParseType benchmarks in (#​3614)
  • Reduce allocation in AutoFormat in (#​3652)
  • Optimize Fresh header parsing for fasthttp 1.65 in (#​3687)
  • Improve Req/Res Benchmarks in (#​3693)
  • Improve performance analyseConstantPart in (#​3753)
  • Improve allocations for Request Params() in (#​3766)
  • Reduce allocations in Request (saves ~16% B/op) in (#​3768)
  • Benchmark for cache miss case in (#​3836)
  • Improve performance of RebuildTree() by 68% in (#​3895)
  • Optimize string handling and memory allocations in (#​3922)
  • Improve performance (reduce allocations) in (#​3964)
• 🛠️ Testing & Tooling
  • Use testify for assertion in (#​2036)
  • Generate msgp tests in (#​2263)
  • V3 Feature: Make app.Test accept a time.Duration timeout in (#​2269)
  • Speed up addon/retry tests in (#​2800)
  • Re-enable tparallel linter in (#​2801)
  • Fix testifylint errors in middleware in (#​2805)
  • Fix remaining testifylint errors in (#​2806)
  • Fix force type assertions in session_test.go in (#​2815)
  • Address multiple lint rules in (#​2869)
  • Do not retry flaky tests in (#​2875)
  • Enabling shuffling, cleanup and consistency across tests in (#​2931)
  • Adding a generator to generate the CTX interface in (#​3024)
  • Test(middleware/session): Remove extra release and acquire ctx calls in session_test.go in (#​3044)
  • Test(ctx_test): Fix race condition in (#​3081)
  • The value of map is unused in uniqueRouteStack in (#​3320)
  • Mark unused tests with t.SkipNow in (#​3366)
  • Fix proxy middleware tests for offline environments in (#​3467)
  • Add unit-test for header injection in (#​3470)
  • Add URI Test case for Test_Ctx_Binders in (#​3480)
  • Test: Enhance CSRF tests to address unsafe header value issue (#​2045) in (#​3485)
  • Improve EarlyData middleware tests coverage in (#​3520)
  • Improve Idempotency middleware tests coverage in (#​3521)
  • Improve Helmet middleware tests coverage in (#​3523)
  • Improve Retry addon tests coverage in (#​3526)
  • Add missing CSRF token extractor tests in (#​3527)
  • Improve hooks test coverage in (#​3524)
  • Improve Binder tests coverage in (#​3529)
  • Improve CORS tests coverage in (#​3530)
  • Improve CSRF tests coverage in (#​3531)
  • Improve Router tests coverage in (#​3550)
  • Add tests for quoteRawString in (#​3613)
  • Fix Makefile to install tools before running them in (#​3612)
  • Fix Cookie SameSite constants to Pascal case per RFC specification in (#​3608)
  • Fix timing for streaming test in (#​3628)
  • Add missing checks in Ctx tests in (#​3670)
  • Stabilize interrupted stream writer test in (#​3669)
  • Use ephemeral ports in unit tests in (#​3686)
  • Use project toolchain for go run tools in (#​3709)
  • Expand Binder tests coverage in (#​3714)
  • Prevent CopyContextToFiberContext panic and add comprehensive test coverage in (#​3770)
  • Add flushing-related unit tests for net/http adaptor in (#​3807)
  • Fix fatal error calls in adapter_test.go in (#​3810)
  • Test HEAD request compliance in (#​3868)
  • Improve OPTIONS wildcard regression test in (#​3869)
  • Add table-driven integration tests in (#​3894)
  • Improve timing robustness in flaky cache and session tests in (#​3994)

🐛 Bug Fixes

• Fix logger benchmarks in (#​2074)
• Fix benchmark results related to handler, next in (#​2130)
• Testifylint failure that fell through the cracks in (#​2821)
• Inconsistent and flaky unit-tests in (#​2892)
• CORS handling in (#​2938)
• Fix some struct names in comments in (#​2974)
• Fixes #​3038 "v3 Flash Message with redirect is not working" in (#​3046)
• Mutex for thread safety in (#​3049)
• Fix data-race with sync.Pool in (#​3051)
• Fasthttp errors cause panic when Params is used in (#​3055)
• Use Content-Length for bytesReceived and bytesSent tags in Logger Middleware in (#​3066)
• Cache middleware: runtime error: "index out of range [0] with length 0" in (#​3075)
• Error check in Form binder in (#​3110)
• Client: fix SetProxyURL functionality in (#​3109)
• Fix handle un-matched open brackets in the query params in (#​3126)
• Fix issue with default logger when creating RequestCtx in (#​3134)
• Fix typo in (#​3145)
• Behavior of DefaultCtx.Fresh when 'Last-Modified' and 'If-Modified-Since' are equal in (#​3150)
• Adaptor middleware duplicates cookies in (#​3151)
• Close File After SaveFileToStorage in (#​3197)
• Make SetValWithStruct set zero values and support more types #​3167 in (#​3227)
• Fix EnableSplittingOnParsers is not functional in (#​3231)
• Memory leak removal in the idempotency middleware in (#​3263)
• Make Render bind parameter type any again in (#​3270)
• Fix app.Test() auto-failing when a connection is closed early in (#​3279)
• Align cache middleware with RFC7231 in (#​3283)
• Goroutine leakage in (#​3306)
• GenericParseType parsing large uint leads to overflow in (#​3315)
• Fix handler order in routing in (#​3321)
• Update binder in form_test in (#​3336)
• Fix client iterators when using break statement in (#​3357)
• Fix: Logger Middleware tests to use regex for time validation in (#​3392)
• Handling of next param position in (#​3418)
• Fix redirection flash messages violate cookie structure in (#​3457)
• Fix AGENTS markdown lint in (#​3460)
• Parsing of IPv6 addresses in (#​3466)
• Middlewares immutable config handling in (#​3494)
• Subdomains offset handling in (#​3495)
• Fix Cache-Control header parsing in (#​3534)
• Fix Content-Type comparison in Is() in (#​3536)
• Fix Subdomains() parsing for IDNs in (#​3538)
• Fix Range() parsing of bytes unit in (#​3541)
• Fix Etag validation per RFC 9110 in (#​3554)
• Fix Range() handling of HTTP 416 per RFC 9110 in (#​3552)
• Fix Accept-Language matching per RFC 4647 in (#​3553)
• Fix Cache middleware handling of Age in (#​3547)
• Fix Content-Disposition header per RFC 6266 in (#​3551)
• Fix Body() handling of Content-Encoding per RFC 9110 in (#​3543)
• Fix multipart boundary for Client per RFC 2046 in (#​3563)
• Fix address parsing for leading/trailing spaces in (#​3569)
• Fix missing Allow header in EnvVar middleware per RFC 9110 in (#​3570)
• Fix static/favicon middlewares file descriptor leaks in (#​3579)
• Fix CookieJar domain logic in (#​3564)
• Fix handling of negative BodyLimit in (#​3599)
• Fix MIME type equality checks in (#​3602)
• Fix retry config handling in (#​3609)
• Fix limiter middleware not counting fiber.NewErrorf responses as failed requests in (#​3623)
• Fix race in cookie tests in (#​3629)
• Fix bind All() merging logic in (#​3659)
• Fix Static middleware browser support for subdirectories in (#​3673)
• Fix CORS subdomain wildcard boundary in (#​3690)
• Fix support for context.Context in (#​3720)
• Improve BasicAuth middleware RFC compliance in (#​3743)
• Handle Unix sockets in adaptor middleware in (#​3760)
• Fix usage of runtime RO data for ppc64 and s390x platforms in (#​3772)
• Respect DisablePathNormalizing during client requests in (#​3773)
• Always close form file in (#​3786)
• Fix recover middleware panic output formatting in (#​3816)
• Correct fresh flag logic in getSession in (#​3825)
• Prevent memory corruption in internal memory storage from pooled buffers in (#​3828)
• Avoid writing into released Response in core::execFunc() in (#​3830)
• Remove Flash Cookie from Response headers after parsing in (#​3840)
• Fix binder splitting for pointer-backed slice fields in (#​3844)
• Fix typos in some files in (#​3847)
• Execute middleware routes when handling errors in ([#&fix(deps): update module github.com/gofiber/template/html/v2 to v3 #8

---

Configuration

📅 Schedule: Branch creation - "before 6am on monday" in timezone UTC, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

PR Label Validation Failed

❌ Missing required area label
Please add a label starting with area/ (e.g., area/handlers, area/models, area/services)

Current labels:

• size/XS
• type/dependencies

Requirements:

• ✅ Must have at least one type/* label
• ✅ Must have at least one area/* label
• ❌ Must NOT have special labels (needs-review, needs-testing, blocked, wip, invalid, wontfix, duplicate)

[github-actions]

📊 Code Coverage Report

Total Coverage: 72.0%

Coverage by Package

github.com/ullbergm/echo-server/handlers/builder.go:8:	BuilderHandler			100.0%
github.com/ullbergm/echo-server/handlers/echo.go:27:	EchoHandler			100.0%
github.com/ullbergm/echo-server/handlers/echo.go:62:	EchoHandlerHead			100.0%
github.com/ullbergm/echo-server/handlers/echo.go:78:	buildEchoResponse		100.0%
github.com/ullbergm/echo-server/handlers/echo.go:94:	buildRequestInfo		100.0%
github.com/ullbergm/echo-server/handlers/echo.go:122:	buildHeadersMap			100.0%
github.com/ullbergm/echo-server/handlers/echo.go:130:	buildServerInfo			83.3%
github.com/ullbergm/echo-server/handlers/echo.go:147:	getHostAddress			75.0%
github.com/ullbergm/echo-server/handlers/echo.go:163:	getEnvironmentVariables		94.1%
github.com/ullbergm/echo-server/handlers/echo.go:199:	getKubernetesInfo		100.0%
github.com/ullbergm/echo-server/handlers/echo.go:245:	getRemoteAddress		100.0%
github.com/ullbergm/echo-server/handlers/echo.go:261:	getCustomStatusCode		100.0%
github.com/ullbergm/echo-server/handlers/echo.go:276:	parseCookies			100.0%
github.com/ullbergm/echo-server/handlers/echo.go:293:	setResponseCookies		100.0%
github.com/ullbergm/echo-server/handlers/echo.go:309:	parseSetCookieHeader		100.0%
github.com/ullbergm/echo-server/handlers/echo.go:380:	parseExpires			100.0%
github.com/ullbergm/echo-server/handlers/echo.go:404:	getCompressionInfo		100.0%
github.com/ullbergm/echo-server/handlers/echo.go:438:	getRequestTLSInfo		33.3%
github.com/ullbergm/echo-server/handlers/echo.go:465:	getServerTLSInfo		100.0%
github.com/ullbergm/echo-server/handlers/metrics.go:17:	Gather				100.0%
github.com/ullbergm/echo-server/handlers/metrics.go:36:	MetricsHandler			100.0%
github.com/ullbergm/echo-server/main.go:32:		main				0.0%
github.com/ullbergm/echo-server/main.go:217:		formatValue			0.0%
github.com/ullbergm/echo-server/main.go:235:		startDualStackServers		0.0%
github.com/ullbergm/echo-server/main.go:309:		storeCertificateInfo		0.0%
github.com/ullbergm/echo-server/services/body.go:37:	NewBodyService			100.0%
github.com/ullbergm/echo-server/services/body.go:53:	ParseBody			91.7%
github.com/ullbergm/echo-server/services/body.go:108:	isBinaryData			100.0%
github.com/ullbergm/echo-server/services/body.go:132:	parseJSON			100.0%
github.com/ullbergm/echo-server/services/body.go:144:	parseXML			100.0%
github.com/ullbergm/echo-server/services/body.go:151:	parseFormURLEncoded		100.0%
github.com/ullbergm/echo-server/services/body.go:170:	parseMultipartForm		100.0%
github.com/ullbergm/echo-server/services/jwt.go:18:	NewJWTService			100.0%
github.com/ullbergm/echo-server/services/jwt.go:35:	ExtractAndDecodeJWTs		100.0%
github.com/ullbergm/echo-server/services/jwt.go:66:	decodeJWT			100.0%
github.com/ullbergm/echo-server/services/jwt.go:99:	decodeBase64URL			100.0%
github.com/ullbergm/echo-server/services/jwt.go:124:	truncateToken			100.0%
github.com/ullbergm/echo-server/services/metrics.go:18:	NewMetricsService		100.0%
github.com/ullbergm/echo-server/services/metrics.go:39:	MetricsMiddleware		90.9%
github.com/ullbergm/echo-server/services/tls.go:24:	NewTLSService			100.0%
github.com/ullbergm/echo-server/services/tls.go:29:	GetOrGenerateCertificate	87.5%
github.com/ullbergm/echo-server/services/tls.go:65:	generateSelfSignedCertificate	75.0%
github.com/ullbergm/echo-server/services/tls.go:135:	logCertificateInfo		100.0%
github.com/ullbergm/echo-server/services/tls.go:158:	ParseCertificate		100.0%
total:							(statements)			72.0%

📁 Download full coverage report

[renovate]

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 3 additional dependencies were updated

Details:

Package	Change
github.com/gofiber/utils/v2	v2.0.0 -> v2.0.2
github.com/klauspost/compress	v1.18.3 -> v1.18.4
golang.org/x/net	v0.49.0 -> v0.50.0