From 44a365c87b76c237d86d37f9eecc1a8fff80dba6 Mon Sep 17 00:00:00 2001
From: Uzlopak <aras.abbasi@googlemail.com>
Date: Thu, 22 Jun 2023 21:24:13 +0200
Subject: [PATCH 01/10] fix documentation, onRequest is default lifecycle stage
 (#254)

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 220fba3..d8a58fb 100644
--- a/README.md
+++ b/README.md
@@ -56,7 +56,7 @@ You can use it as is without passing any option or you can configure it as expla
   }
   ```
 * `methods`: Configures the **Access-Control-Allow-Methods** CORS header. Expects a comma-delimited string (ex: 'GET,PUT,POST') or an array (ex: `['GET', 'PUT', 'POST']`).
-* `hook`: See the section `Custom Fastify hook name` (default: `onResponse`)
+* `hook`: See the section `Custom Fastify hook name` (default: `onRequest`)
 * `allowedHeaders`: Configures the **Access-Control-Allow-Headers** CORS header. Expects a comma-delimited string (ex: `'Content-Type,Authorization'`) or an array (ex: `['Content-Type', 'Authorization']`). If not specified, defaults to reflecting the headers specified in the request's **Access-Control-Request-Headers** header.
 * `exposedHeaders`: Configures the **Access-Control-Expose-Headers** CORS header. Expects a comma-delimited string (ex: `'Content-Range,X-Content-Range'`) or an array (ex: `['Content-Range', 'X-Content-Range']`). If not specified, no custom headers are exposed.
 * `credentials`: Configures the **Access-Control-Allow-Credentials** CORS header. Set to `true` to pass the header, otherwise it is omitted.

From a7d0a62d53e190ca2a92d96d41365c18c2c8f28c Mon Sep 17 00:00:00 2001
From: Frazer Smith <frazer.dev@outlook.com>
Date: Thu, 20 Jul 2023 20:34:14 +0100
Subject: [PATCH 02/10] perf(index): use spread over object.assign (#257)

---
 index.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/index.js b/index.js
index 718b3b3..28dfc9a 100644
--- a/index.js
+++ b/index.js
@@ -137,7 +137,7 @@ function handleCorsOptionsCallbackDelegator (optionsResolver, fastify, req, repl
  * @param {import('./types').FastifyCorsOptions} opts
  */
 function normalizeCorsOptions (opts) {
-  const corsOptions = Object.assign({}, defaultOptions, opts)
+  const corsOptions = { ...defaultOptions, ...opts }
   if (Array.isArray(opts.origin) && opts.origin.indexOf('*') !== -1) {
     corsOptions.origin = '*'
   }

From d377285178938862d7a7cac943cbddd4682c719b Mon Sep 17 00:00:00 2001
From: Frazer Smith <frazer.dev@outlook.com>
Date: Fri, 21 Jul 2023 14:21:12 +0100
Subject: [PATCH 03/10] docs(readme): add plugin compatibility table (#258)

* docs(readme): add plugin compatibility table

* Update README.md

Co-authored-by: Manuel Spigolon <behemoth89@gmail.com>

* docs(readme): add note regarding lts support

* docs(readme): linebreak

---------

Co-authored-by: Manuel Spigolon <behemoth89@gmail.com>
---
 README.md | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index d8a58fb..6d8fe6c 100644
--- a/README.md
+++ b/README.md
@@ -7,19 +7,27 @@
 
 `@fastify/cors` enables the use of [CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing) in a Fastify application.
 
-Supports Fastify versions `4.x`.
-
-- Please refer to [7.x](https://github.com/fastify/fastify-cors/tree/v7.0.0) for Fastify `^3.x` compatibility.
-- Please refer to [3.x](https://github.com/fastify/fastify-cors/tree/3.x) for Fastify `^2.x` compatibility.
-- Please refer to [1.x](https://github.com/fastify/fastify-cors/tree/v1.0.0) for Fastify `^1.x` compatibility.
-
 ## Install
 ```
 npm i @fastify/cors
 ```
 
+### Compatibility
+
+| Plugin version | Fastify version |
+| -------------- |---------------- |
+| `^8.0.0`       | `^4.0.0`        |
+| `^7.0.0`       | `^3.0.0`        |
+| `^3.0.0`       | `^2.0.0`        |
+| `^1.0.0`       | `^1.0.0`        |
+
+
+Please note that if a Fastify version is out of support, then so are the corresponding version(s) of this plugin
+in the table above.
+See [Fastify's LTS policy](https://github.com/fastify/fastify/blob/main/docs/Reference/LTS.md) for more details.
+
 ## Usage
-Require `@fastify/cors` and register it as any other plugin, it will add a `onRequest` hook and a [wildcard options route](https://github.com/fastify/fastify/issues/326#issuecomment-411360862).
+Require `@fastify/cors` and register it as any other plugin, it will add an `onRequest` hook and a [wildcard options route](https://github.com/fastify/fastify/issues/326#issuecomment-411360862).
 ```js
 import Fastify from 'fastify'
 import cors from '@fastify/cors'

From 533ed0823700cd39d61b48507f58b14ec14be129 Mon Sep 17 00:00:00 2001
From: Uzlopak <aras.abbasi@googlemail.com>
Date: Mon, 24 Jul 2023 12:23:09 +0300
Subject: [PATCH 04/10] test: cors headers sent when payload is stream (#260)

---
 test/cors.test.js | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)

diff --git a/test/cors.test.js b/test/cors.test.js
index 5110126..074b133 100644
--- a/test/cors.test.js
+++ b/test/cors.test.js
@@ -1,8 +1,10 @@
 'use strict'
 
 const { test } = require('tap')
+const { createReadStream, statSync, readFileSync } = require('fs')
 const Fastify = require('fastify')
 const cors = require('../')
+const { resolve } = require('path')
 
 test('Should add cors headers', t => {
   t.plan(4)
@@ -28,6 +30,38 @@ test('Should add cors headers', t => {
   })
 })
 
+test('Should add cors headers when payload is a stream', t => {
+  t.plan(4)
+
+  const fastify = Fastify()
+  fastify.register(cors)
+  const filePath = resolve(__dirname, __filename)
+
+  fastify.get('/', (req, reply) => {
+    const stream = createReadStream(filePath)
+    reply
+      .type('application/json')
+      .header('Content-Length', statSync(filePath).size)
+      .send(stream)
+  })
+
+  const fileContent = readFileSync(filePath, 'utf-8')
+
+  fastify.inject({
+    method: 'GET',
+    url: '/'
+  }, (err, res) => {
+    t.error(err)
+    delete res.headers.date
+    t.equal(res.statusCode, 200)
+    t.equal(res.payload, fileContent)
+    t.match(res.headers, {
+      'access-control-allow-origin': '*',
+      'content-length': statSync(filePath).size
+    })
+  })
+})
+
 test('Should add cors headers (custom values)', t => {
   t.plan(8)
 

From 1d30fc93d4b35bb01e963d0fbf61a763d03796fd Mon Sep 17 00:00:00 2001
From: TT <44315206+timedtext@users.noreply.github.com>
Date: Thu, 17 Aug 2023 15:40:49 +0800
Subject: [PATCH 05/10] Reduce bundle size (#266)

Importing in this way can reduce the bundle size when it is needed to package into a single file.
---
 vary.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vary.js b/vary.js
index 1d0be67..a10324d 100644
--- a/vary.js
+++ b/vary.js
@@ -1,6 +1,6 @@
 'use strict'
 
-const LRUCache = require('mnemonist').LRUCache
+const LRUCache = require('mnemonist/lru-cache')
 
 /**
  * Field Value Components

From da503abd2c4570f1658f4e4348ca22df0f9df5a5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 25 Aug 2023 11:35:51 +0200
Subject: [PATCH 06/10] chore(deps-dev): bump @typescript-eslint/eslint-plugin
 from 5.62.0 to 6.4.1 (#267)

* chore(deps-dev): bump @typescript-eslint/eslint-plugin

Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 5.62.0 to 6.4.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.4.1/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update package.json

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Manuel Spigolon <behemoth89@gmail.com>
---
 package.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index ed4eb6f..65f5753 100644
--- a/package.json
+++ b/package.json
@@ -32,8 +32,8 @@
   "devDependencies": {
     "@fastify/pre-commit": "^2.0.2",
     "@types/node": "^20.1.0",
-    "@typescript-eslint/eslint-plugin": "^5.12.1",
-    "@typescript-eslint/parser": "^5.12.1",
+    "@typescript-eslint/eslint-plugin": "^6.4.1",
+    "@typescript-eslint/parser": "^6.4.0",
     "cors": "^2.8.5",
     "fastify": "^4.0.0-rc.2",
     "standard": "^17.0.0",

From fcbbcc12e6ac4b65e050180e802ffbc78315f459 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 4 Sep 2023 17:18:31 +0000
Subject: [PATCH 07/10] chore(deps-dev): bump tsd from 0.28.1 to 0.29.0 (#268)

Bumps [tsd](https://github.com/SamVerschueren/tsd) from 0.28.1 to 0.29.0.
- [Release notes](https://github.com/SamVerschueren/tsd/releases)
- [Commits](https://github.com/SamVerschueren/tsd/compare/v0.28.1...v0.29.0)

---
updated-dependencies:
- dependency-name: tsd
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 65f5753..acd7033 100644
--- a/package.json
+++ b/package.json
@@ -38,7 +38,7 @@
     "fastify": "^4.0.0-rc.2",
     "standard": "^17.0.0",
     "tap": "^16.0.0",
-    "tsd": "^0.28.0",
+    "tsd": "^0.29.0",
     "typescript": "^5.0.2"
   },
   "dependencies": {

From 061862a9478871751575745e07375123ea32dc68 Mon Sep 17 00:00:00 2001
From: Frazer Smith <frazer.dev@outlook.com>
Date: Sun, 10 Sep 2023 10:15:32 +0100
Subject: [PATCH 08/10] perf: use `node:` prefix to bypass require.cache call
 for builtins (#269)

See https://github.com/fastify/fastify-static/pull/407
---
 test/cors.test.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/test/cors.test.js b/test/cors.test.js
index 074b133..fa53e1f 100644
--- a/test/cors.test.js
+++ b/test/cors.test.js
@@ -1,10 +1,10 @@
 'use strict'
 
 const { test } = require('tap')
-const { createReadStream, statSync, readFileSync } = require('fs')
+const { createReadStream, statSync, readFileSync } = require('node:fs')
 const Fastify = require('fastify')
 const cors = require('../')
-const { resolve } = require('path')
+const { resolve } = require('node:path')
 
 test('Should add cors headers', t => {
   t.plan(4)

From 120a209b0606e7b537ac1985a238cc38df4c1b42 Mon Sep 17 00:00:00 2001
From: Frazer Smith <frazer.dev@outlook.com>
Date: Sat, 16 Sep 2023 15:48:36 +0100
Subject: [PATCH 09/10] refactor(vary): use word character class (#270)

---
 vary.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vary.js b/vary.js
index a10324d..4ff5e8c 100644
--- a/vary.js
+++ b/vary.js
@@ -20,7 +20,7 @@ const LRUCache = require('mnemonist/lru-cache')
  * @see https://datatracker.ietf.org/doc/html/rfc7230#section-3.2.6
  */
 
-const validFieldnameRE = /^[!#$%&'*+\-.^_`|~0-9A-Za-z]+$/
+const validFieldnameRE = /^[!#$%&'*+\-.^\w`|~]+$/u
 function validateFieldname (fieldname) {
   if (validFieldnameRE.test(fieldname) === false) {
     throw new TypeError('Fieldname contains invalid characters.')

From 8b3d70bda24e7c48e3d01e44fac593d5259976dd Mon Sep 17 00:00:00 2001
From: Manuel Spigolon <manuel.spigolon@nearform.com>
Date: Tue, 19 Sep 2023 19:18:49 +0200
Subject: [PATCH 10/10] Bumped v8.4.0

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index acd7033..69d9239 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@fastify/cors",
-  "version": "8.3.0",
+  "version": "8.4.0",
   "description": "Fastify CORS",
   "main": "index.js",
   "types": "types/index.d.ts",