From 16084013eb14de9e1c78f0d0e59827d536adcde3 Mon Sep 17 00:00:00 2001
From: James Sumners <321201+jsumners@users.noreply.github.com>
Date: Wed, 3 Jul 2024 16:28:49 -0400
Subject: [PATCH] Merge `next` into `master` (#291)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* set sameSite: lax by default (#277)

* update for Fastify v5 (#276)

* update for v5

* Update .github/workflows/ci.yml

Co-authored-by: Frazer Smith <frazer.dev@outlook.com>
Signed-off-by: Gürgün Dayıoğlu <gurgun.dayioglu@icloud.com>

* Revert "Update .github/workflows/ci.yml"

This reverts commit b7a38002570369af3ff015502ebe7bd45765902e.

* use replaceAll

* Revert "use replaceAll"

This reverts commit c691788f62b04f505870f3565e08271f519b94fb.

---------

Signed-off-by: Gürgün Dayıoğlu <gurgun.dayioglu@icloud.com>
Co-authored-by: Frazer Smith <frazer.dev@outlook.com>

* set sameSite: lax by default (#277)

* update for Fastify v5 (#276)

* update for v5

* Update .github/workflows/ci.yml

Co-authored-by: Frazer Smith <frazer.dev@outlook.com>
Signed-off-by: Gürgün Dayıoğlu <gurgun.dayioglu@icloud.com>

* Revert "Update .github/workflows/ci.yml"

This reverts commit b7a38002570369af3ff015502ebe7bd45765902e.

* use replaceAll

* Revert "use replaceAll"

This reverts commit c691788f62b04f505870f3565e08271f519b94fb.

---------

Signed-off-by: Gürgün Dayıoğlu <gurgun.dayioglu@icloud.com>
Co-authored-by: Frazer Smith <frazer.dev@outlook.com>

* update fastify deps

* Update .github/workflows/ci.yml

Co-authored-by: Gürgün Dayıoğlu <gurgun.dayioglu@icloud.com>
Signed-off-by: Matteo Collina <matteo.collina@gmail.com>

---------

Signed-off-by: Gürgün Dayıoğlu <gurgun.dayioglu@icloud.com>
Signed-off-by: Matteo Collina <matteo.collina@gmail.com>
Co-authored-by: Gürgün Dayıoğlu <gurgun.dayioglu@icloud.com>
Co-authored-by: Frazer Smith <frazer.dev@outlook.com>
Co-authored-by: Matteo Collina <hello@matteocollina.com>
---
 .github/workflows/ci.yml |  2 +-
 .gitignore               |  3 +++
 package.json             | 16 ++++++++--------
 plugin.js                |  4 ++--
 test/cookie.test.js      |  6 +++---
 5 files changed, 17 insertions(+), 14 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 7b00276..4026310 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -17,7 +17,7 @@ on:
 
 jobs:
   test:
-    uses: fastify/workflows/.github/workflows/plugins-ci.yml@v3
+    uses: fastify/workflows/.github/workflows/plugins-ci.yml@v4.2.1
     with:
       license-check: true
       lint: true
diff --git a/.gitignore b/.gitignore
index 14b2b1c..01167d9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -23,6 +23,9 @@ lib-cov
 coverage
 *.lcov
 
+# tap test output
+.tap
+
 # nyc test coverage
 .nyc_output
 
diff --git a/package.json b/package.json
index 4815fb2..0167524 100644
--- a/package.json
+++ b/package.json
@@ -40,19 +40,19 @@
   },
   "homepage": "https://github.com/fastify/fastify-cookie#readme",
   "devDependencies": {
-    "@fastify/pre-commit": "^2.0.2",
-    "@types/node": "^20.1.0",
+    "@fastify/pre-commit": "^2.1.0",
+    "@types/node": "^20.11.6",
     "benchmark": "^2.1.4",
-    "fastify": "^4.0.0",
+    "fastify": "^5.0.0-alpha.3",
     "sinon": "^18.0.0",
     "snazzy": "^9.0.0",
-    "standard": "^17.0.0",
-    "tap": "^16.0.0",
-    "tsd": "^0.31.0"
+    "standard": "^17.1.0",
+    "tap": "^18.6.1",
+    "tsd": "^0.30.4"
   },
   "dependencies": {
-    "fastify-plugin": "^4.0.0",
-    "cookie-signature": "^1.1.0"
+    "fastify-plugin": "^5.0.0-pre.fv5.1",
+    "cookie-signature": "^1.2.1"
   },
   "tsd": {
     "directory": "test"
diff --git a/plugin.js b/plugin.js
index c33003f..bd264ef 100644
--- a/plugin.js
+++ b/plugin.js
@@ -11,7 +11,7 @@ const kReplySetCookiesHookRan = Symbol('fastify.reply.setCookiesHookRan')
 function fastifyCookieSetCookie (reply, name, value, options) {
   parseCookies(reply.server, reply.request, reply)
 
-  const opts = Object.assign({}, options)
+  const opts = Object.assign({ sameSite: 'lax' }, options)
 
   if (opts.expires && Number.isInteger(opts.expires)) {
     opts.expires = new Date(opts.expires)
@@ -25,7 +25,6 @@ function fastifyCookieSetCookie (reply, name, value, options) {
     if (reply.request.protocol === 'https') {
       opts.secure = true
     } else {
-      opts.sameSite = 'lax'
       opts.secure = false
     }
   }
@@ -45,6 +44,7 @@ function fastifyCookieClearCookie (reply, name, options) {
     signed: undefined,
     maxAge: undefined
   })
+
   return fastifyCookieSetCookie(reply, name, '', opts)
 }
 
diff --git a/test/cookie.test.js b/test/cookie.test.js
index 1965dd5..7f277f1 100644
--- a/test/cookie.test.js
+++ b/test/cookie.test.js
@@ -127,8 +127,8 @@ test('should set multiple cookies', (t) => {
     t.equal(cookies[2].name, 'wee')
     t.equal(cookies[2].value, 'woo')
 
-    t.equal(res.headers['set-cookie'][1], 'bar=test; Partitioned')
-    t.equal(res.headers['set-cookie'][2], 'wee=woo; Secure; Partitioned')
+    t.equal(res.headers['set-cookie'][1], 'bar=test; Partitioned; SameSite=Lax')
+    t.equal(res.headers['set-cookie'][2], 'wee=woo; Secure; Partitioned; SameSite=Lax')
   })
 })
 
@@ -957,7 +957,7 @@ test('result in an error if hook-option is set to an invalid value', (t) => {
   const fastify = Fastify()
 
   t.rejects(
-    () => fastify.register(plugin, { hook: true }),
+    async () => fastify.register(plugin, { hook: true }),
     new Error("@fastify/cookie: Invalid value provided for the hook-option. You can set the hook-option only to false, 'onRequest' , 'preParsing' , 'preValidation' or 'preHandler'")
   )
 })