[Snyk] Upgrade @fastify/multipart from 9.0.3 to 9.3.0

[clovercrash]

Snyk has created this PR to upgrade @fastify/multipart from 9.0.3 to 9.3.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 4 versions ahead of your current version.

• The recommended version was released a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Incomplete Filtering of One or More Instances of Special Elements SNYK-JS-VALIDATOR-13653476	372	Proof of Concept
	Directory Traversal SNYK-JS-VITEPLUGINSTATICCOPY-12179280	372	Proof of Concept
	Command Injection SNYK-JS-GLOB-14040952	372	Proof of Concept
	Command Injection SNYK-JS-GLOB-14040952	372	Proof of Concept
	Improper Validation of Specified Type of Input SNYK-JS-VALIDATOR-13395830	372	Proof of Concept
	Directory Traversal SNYK-JS-VITE-13644406	372	Proof of Concept
	Open Redirect SNYK-JS-ASTROJSNODE-11951436	372	Proof of Concept
	Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') SNYK-JS-ASTROJSNODE-13535086	372	Proof of Concept
	Relative Path Traversal SNYK-JS-ASTROJSNODE-14059141	372	Proof of Concept
	Allocation of Resources Without Limits or Throttling SNYK-JS-AXIOS-12613773	372	Proof of Concept
	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	372	Proof of Concept
	Prototype Pollution SNYK-JS-JSYAML-13961110	372	No Known Exploit
	Relative Path Traversal SNYK-JS-VITE-12558116	372	Proof of Concept
	Prototype Pollution SNYK-JS-DEVALUE-12205530	372	Proof of Concept
	Predictable Value Range from Previous Values SNYK-JS-FORMDATA-10841150	372	Proof of Concept
	Symlink Following SNYK-JS-TARFS-13045213	372	No Known Exploit

Release notes

Package name: @fastify/multipart

• 9.3.0 - 2025-10-26
  

  What's Changed

  • chore(.npmrc): ignore scripts by @ Fdawgs in #589
  • build(deps-dev): remove @ fastify/pre-commit by @ Fdawgs in #590
  • docs: update README to remove EOL Node.js references by @ Mariam-Saeed in #592
  • ci(ci): add concurrency config by @ Fdawgs in #593
  • fix: prevent uncaught exception from malformed multipart requests by @ mcollina in #595
  • Fix test warnings by @ mcollina in #596

  New Contributors

  • @ Mariam-Saeed made their first contribution in #592

  Full Changelog: v9.2.1...v9.3.0

• 9.2.1 - 2025-09-04
  

  What's Changed

  • fix(deps): move c8 to devDependencies by @ marcalexiei in #588

  New Contributors

  • @ marcalexiei made their first contribution in #588

  Full Changelog: v9.2.0...v9.2.1

• 9.2.0 - 2025-09-04
  

  What's Changed

  • Migrate from tap to Node Test Runner by @ matteo-gobbo in #573

  New Contributors

  • @ matteo-gobbo made their first contribution in #573

  Full Changelog: v9.1.0...v9.2.0

• 9.1.0 - 2025-09-03
  

  What's Changed

  • chore: rename master to main by @ Fdawgs in #568
  • ci(ci): set job permissions by @ Fdawgs in #570
  • fix(typing): remove unused MultipartHandler by @ voxpelli in #572
  • ci: set permissions at workflow level by @ Fdawgs in #575
  • ci: restore job level permissions by @ Fdawgs in #576
  • chore(deps): bump @ fastify/deepmerge from 2.0.2 to 3.0.0 by @ dependabot[bot] in #578
  • chore(deps): bump secure-json-parse from 3.0.2 to 4.0.0 by @ dependabot[bot] in #577
  • chore(deps-dev): bump tsd from 0.31.2 to 0.32.0 by @ dependabot[bot] in #579
  • chore(license): update date ranges; standardise style by @ Fdawgs in #582
  • chore(deps-dev): bump @ types/node from 22.15.34 to 24.0.8 by @ dependabot[bot] in #583
  • Add example with fastify-type-provider-zod for docs by @ ViniciusLeviVL in #564
  • chore(deps-dev): bump tsd from 0.32.0 to 0.33.0 by @ dependabot[bot] in #585

  New Contributors

  • @ voxpelli made their first contribution in #572
  • @ ViniciusLeviVL made their first contribution in #564

  Full Changelog: v9.0.3...v9.1.0

• 9.0.3 - 2025-01-23
  

  What's Changed

  • build(dependabot): reduce npm updates to monthly by @ Fdawgs in #566
  • fix: delete file when user cancels request by @ IqbalLx in #567

  New Contributors

  • @ IqbalLx made their first contribution in #567

  Full Changelog: v9.0.2...v9.0.3

from @fastify/multipart GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs