[Snyk] Security upgrade @fastify/static from 6.11.2 to 7.0.0

[johanbook]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • services/auth-api/package.json
  • services/auth-api/package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	631/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.2	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @fastify/static

The new version differs by 15 commits.

• f1a248b Bumped v7.0.0
• 9e56e07 Upgrade glob to v10 ([Snyk] Upgrade rxjs from 7.5.5 to 7.8.1 #406)
• bcf5664 chore: improve types for `setHeaders` option ([Snyk] Upgrade @nestjs/platform-socket.io from 10.1.2 to 10.2.4 #428)
• a34d6a2 chore(package): fix repository url ([Snyk] Upgrade @nestjs/websockets from 10.1.2 to 10.2.4 #429)
• 5de6d94 docs(readme): replace `fastify.io` links with `fastify.dev` ([Snyk] Upgrade: @nestjs/common, @nestjs/core, @nestjs/platform-express #426)
• 1d788e4 docs(readme): replace `fastify.io` links with `fastify.dev` ([Snyk] Upgrade @nestjs/cqrs from 10.0.3 to 10.2.5 #425)
• e6f6124 build(deps-dev): bump tsd from 0.29.0 to 0.30.0 (fix(api): multiple fixes to swagger spec #424)
• 37056ce Bumped v6.12.0
• b77ca2c test: replace `typeof` undefined check (feat(web-ui): improve blogs skeleton #420)
• 08e72cb chore(package): explicitly declare js module type ([Snyk] Upgrade: @commitlint/cli, @commitlint/config-conventional #419)
• 43c78e6 perf(index): check set size over converting to array to check length (Add e2e testing and in-memory db that is run as part of nighlty #416)
• 8f4e793 refactor: remove unused bindings (docs(repo): update links to micro services #417)
• 16d3f27 refactor: add `u` unicode flag to regex (feat(api): include profile names in notifications #418)
• f169915 fix eslint (Use Nestjs testing #415)
• d40ce2d Bumped v6.11.2

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 15.52%. Comparing base (b27cec8) to head (5a3abfe).

Additional details and impacted files

@@             Coverage Diff             @@
##             main     #700       +/-   ##
===========================================
- Coverage   37.40%   15.52%   -21.88%     
===========================================
  Files         518       19      -499     
  Lines        5163      219     -4944     
  Branches      406       16      -390     
===========================================
- Hits         1931       34     -1897     
+ Misses       3088      173     -2915     
+ Partials      144       12      -132     

Flag	Coverage Δ
api	?
auth-api	15.52% <ø> (ø)
homepage	?
tracking	?
web-ui	?

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.