Skip to content

fix(deps): bump @fastify/swagger from 9.6.1 to 9.7.0#88

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/fastify/swagger-9.7.0
Open

fix(deps): bump @fastify/swagger from 9.6.1 to 9.7.0#88
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/fastify/swagger-9.7.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 20, 2026

Copy link
Copy Markdown
Contributor

Bumps @fastify/swagger from 9.6.1 to 9.7.0.

Release notes

Sourced from @​fastify/swagger's releases.

v9.7.0

What's Changed

New Contributors

Full Changelog: fastify/fastify-swagger@v9.6.1...v9.7.0

Commits
  • 4e44d70 Bumped v9.7.0
  • ab6c5df fix(openapi): keep required query flag for params (#910)
  • 99b9b43 chore: ignore local AI assistant files (#909)
  • a65d96a fix(openapi): always set requestBody.required to true when schema.body exists...
  • d35da58 chore: remove tests-checker workflow (#908)
  • efcb074 chore(deps-dev): bump @​types/node from 24.10.4 to 25.0.3 (#907)
  • 746069d chore: faster checks (#905)
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
fix(deps): bump @fastify/swagger from 9.6.1 to 9.7.0
6bbbbfd 
Bumps [@fastify/swagger](https://github.com/fastify/fastify-swagger) from 9.6.1 to 9.7.0.
- [Release notes](https://github.com/fastify/fastify-swagger/releases)
- [Commits](fastify/fastify-swagger@v9.6.1...v9.7.0)

---
updated-dependencies:
- dependency-name: "@fastify/swagger"
  dependency-version: 9.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the 📦 Dependencies Pull requests that update a dependency file label May 20, 2026
@dependabot dependabot Bot requested a review from Proskynete as a code owner May 20, 2026 11:47
@dependabot dependabot Bot added the 📦 Dependencies Pull requests that update a dependency file label May 20, 2026
@github-actions

github-actions Bot commented May 20, 2026

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/@fastify/swagger 9.7.0 🟢 6.8
Details
CheckScoreReason
Code-Review🟢 6Found 15/24 approved changesets -- score normalized to 6
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Maintained🟢 68 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 6
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
SAST🟢 6SAST tool is not run on all commits -- score normalized to 6

Scanned Files

  • package-lock.json

@github-actions github-actions Bot added the 🤩 size/xs Extra small PR (0-10 lines) label May 20, 2026
@github-actions

github-actions Bot commented May 20, 2026

Copy link
Copy Markdown

🐳 Docker Image Size Comparison

Branch Size
Base (main) 397MB
PR (dependabot/npm_and_yarn/fastify/swagger-9.7.0) 397MB

💡 Tip: Keep image size small using multi-stage builds and .dockerignore

@github-actions

github-actions Bot commented Jun 20, 2026

Copy link
Copy Markdown

This PR is stale because it has been open 30 days with no activity.
Remove the stale label or comment, or this will be closed in 5 days.

@github-actions github-actions Bot added the stale Inactive for 30+ days label Jun 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Proskynete Proskynete Awaiting requested review from Proskynete Proskynete is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

📦 Dependencies Pull requests that update a dependency file 🤩 size/xs Extra small PR (0-10 lines) stale Inactive for 30+ days

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants