gofiber/fiber v3.0.0

on GitHub

For a detailed view of all changes and the migration guide, visit:
https://docs.gofiber.io/whats_new

Try our new migration tool to help you upgrade from v2 to v3:

go install github.com/gofiber/cli/fiber@latest
fiber migrate --to v3

What's Changed

🚀 New Features

• 🚀 App (Docs)
  • Rename WithTlsConfig method to WithTLSConfig in (#2570)
  • Use any as default Message type of Error struct in (#1925)
  • Add support for custom constraints in (#2807)
  • Add support for trusted origins in (#2910)
  • Add DialDualStack option for upstream IPv6 support in (#2900)
  • TrustedOrigins using https://*.example.com style subdomains in (#2925)
  • Add configuration support to c.SendFile() in (#3017)
  • Add CHIPS support to Cookie in (#3047)
  • Add TestConfig to app.Test() for configurable testing in (#3161)
  • Add buffered streaming support in (#3131)
  • Add support for AutoTLS / ACME in (#3201)
  • Add support for configuring TLS Min Version in (#3248)
  • Fix square bracket notation in Multipart FormData in (#3235)
  • Add support for application state management in (#3360)
  • Add support for NewErrorf in (#3463)
  • Add UNIX socket support in (#3535)
  • Add support for Msgpack in (#3565)
  • Add default UTF-8 charset in (#3583)
  • Support for SendEarlyHints in (#3483)
  • Add conditional copy helpers in (#3703)
  • Add request inspection helpers in (#3727)
  • Add support for redacting values in (#3759)
  • Add support for handling unsupported HTTP methods as HTTP 501 in (#3854)
  • Add support for ReloadViews() in (#3876)
  • Expose startup message customization hooks in (#3824)
  • Migrate from UUIDv4 to SecureToken for key generation in (#3946)
  • Add ExpirationFunc for dynamic expiration in (#3984)
  • Auto-enforce Secure=true for Partitioned cookies in Cookie() in (#3976)
• 📎 Binding (Docs)
  • Initial support for binding in (#1981)
  • Bind: add support for multipart file binding in (#3309)
  • Add All method to Bind in (#3373)
• 🌎 Client (Docs)
  • Client refactor in (#1986)
  • Add support for creating Fiber client from existing FastHTTP client in (#3214)
  • Add support for iterator methods to Fiber client in (#3228)
  • Add support for HostClient and LBClient in (#3774)
  • Add support for streaming response bodies in client and response handling in (#4014)
• 🧠 Context (Docs)
  • Convert fiber.Ctx type to interface in (#1928)
  • Add Drop method to DefaultCtx for silent connection termination in (#3257)
  • Add End() method to Ctx in (#3280)
  • Improve and Optimize ShutdownWithContext Func in (#3162)
  • Add support for context.Context in keyauth middleware in (#3287)
  • Fiber.Context implement context.Context in (#3382)
  • Add NewWithCustomCtx initialization helper in (#3476)
  • Add context methods to fiber.Storage interface in (#3566)
  • Add Fiber Context to BasicAuth Authorizer in (#3621)
  • Implement OverrideParam override behavior for DefaultCtx in (#3962)
  • Add context common request helpers in (#4007)
  • Adding GetReqHeaders and GetRespHeaders in (#2831)
  • Add Req and Res API in (#2894)
• 🔬 Extractors (Docs)
  • Introduce Extractor pattern for session ID retrieval in (#3625)
  • Enhance extractor functionality with metadata and security validation in (#3630)
  • Add extractors package in (#3725)
• 🧰 Generic (Docs)
  • Add QueryParser for get query using generic in (#2776)
  • Addition of Locals Function with Go Generics as an Alternative to c.Locals in (#2813)
  • Implement new generic functions: Params, Get and Convert in (#2850)
  • Support generic configurable logger in (#3705)
• 🚀 Listen (Docs)
  • Merge Listen methods & ListenConfig in (#1930)
  • Add support for graceful shutdown timeout in ListenConfig in (#3220)
  • Add TLSConfig to ListenConfig in (#4024)
• 🔌 Addons/retry (Docs)
  • Add retry mechanism in (#1972)
• 🧬 Middleware – adaptor (Docs)
  • Add BodyStream() logic to adaptor.FiberHandler middleware in (#3799)
  • Add local context support to adaptor middleware in (#3975)
• 🧬 Middleware – basicauth (Docs)
  • Add HeaderLimit option to BasicAuth middleware in (#3620)
  • Support hashed BasicAuth passwords in (#3631)
• 🧬 Middleware – cache (Docs)
  • Add Cache Invalidation Option to Cache Middleware in (#3036)
  • Add Max Func to Limiter Middleware in (#3070)
  • Support for disabling response headers in Limiter Middleware in (#3618)
• 🧬 Middleware – compression (Docs)
  • Add support for zstd compression in (#3041)
  • Add support for CBOR encoding in (#3173)
• 🧬 Middleware – cors (Docs)
  • Add support for Access-Control-Allow-Private-Network in (#2908)
• 🧬 Middleware – csrf (Docs)
  • Add support for Sec-Fetch-Site header in CSRF middleware in (#3913)
• 🧬 Middleware – encryptcookie (Docs)
  • Add cookie name authentication for EncryptCookie middleware in (#3788)
• 🧬 Middleware – favicon (Docs)
  • Add MaxBytes to favicon middleware in (#4016)
• 🧬 Middleware – earlydata (Docs)
  • Add earlydata middleware in (#2270)
• 🧬 Middleware – healthcheck (Docs)
  • Migrate HealthChecker to v3 in (#2884)
  • Add Startup Probe to Healthcheck Middleware in (#3069)
• 🧬 Middleware – idempotency (Docs)
  • Add idempotency middleware in (#2253)
• 🧬 Middleware – keyauth (Docs)
  • Add support for custom KeyLookup functions in the Keyauth middleware in (#3028)
• 🧬 Middleware – logger (Docs)
  • Refactor logger middleware in (#1979)
  • Add AllLogger to Config in (#3153)
  • Add Skip function to logger middleware in (#3333)
  • Add predefined log formats in (#3359)
  • Add support for ForceColors in Logger middleware in (#3428)
• 🧬 Middleware – proxy (Docs)
  • Add support for TrustProxy in (#3170)
  • Add KeepConnectionHeader option to Proxy middleware in (#3662)
• 🧬 Middleware – requestid (Docs)
  • Add Context Support to RequestID Middleware in (#3200)
  • Validate HTTP headers in RequestID middleware in (#3919)
• 🧬 Middleware – responsetime (Docs)
  • Add response time middleware in (#3891)
• 🧬 Middleware – session (Docs)
  • Re-write session middleware with handler in (#3016)
  • Add support for Keys() in session middleware in (#3517)
• 🧬 Middleware – static (Docs)
  • Add static middleware in (#3006)
• 🧬 Middleware – timeout (Docs)
  • Add config for Timeout middleware in (#3604)
• 🔄️ Redirect (Docs)
  • New redirection methods in (#2014)
• 🗺️ Router (Docs)
  • Router interface changes in (#2176)
  • Native support for net/http and fasthttp handlers in (#3769)
  • New Route method in (#2065)
  • New mounting system in (#2022)
  • Add support for RebuildTree in (#3074)
  • Add support for Express.js style req/res handlers in (#3809)
  • Add support for DisableAutoRegister of HEAD routes in (#3817)
  • Enhance CheckConstraint method for improved error handling in (#3356)
  • Add Support for Removing Routes in (#3230)
  • Add support for embedded Koa-Style Req and Res structs in (#3533)
  • Support Express-style next callback handlers in (#4029)
• 🧩 Services (Docs)
  • Add Support for service dependencies in (#3434)

🧹 Updates

• ⚙️ Core & API
  • Replace string functions in (#3923)
  • Update conditional instructions for startup skip in (#3475)
  • Update AGENTS startup instructions in (#3474)
  • Add []byte support to utils.EqualFold in (#2029)
  • Change startup message in (#2041)
  • Update to use gofiber/utils/v2 in (#2184)
  • Router: return status 501 instead of 400 on unknown method in (#2220)
  • Cleanup in (#2255)
  • Fix ContextKey collisions in (#2781)
  • Update Ctx.Format to match Express's res.format in (#2766)
  • Update handler signature for v3 in (#2794)
  • Change interface{} to any in (#2796)
  • Added respects body immutability to ctx.Body() and ctx.BodyRaw() functions. in (#2812)
  • Print to stderr if log fails for default format in (#2830)
  • Clean up errcheck config in (#2841)
  • Update startup message formatting in (#2847)
  • Simplify content negotiation code in (#2865)
  • Rename "ClientNew" Function to "New" in (#2896)
  • Remove repetitive words in (#2917)
  • Improper query/body parsing with embedded structs in (#2906)
  • Improve and simplify logic of ctx.Next() in (#3063)
  • Use Named Fields Instead of Positional and Align Structures to Reduce Memory Usage in (#3079)
  • Use utils Trim functions instead of the strings/bytes functions in (#3087)
  • Consolidate Logic of Handling the Request Body in (#3093)
  • Use msgp for flash message encoding/decoding in (#3099)
  • Replace vendored gorilla/schema package in (#3152)
  • Improve naming convention for Context returning functions in (#3193)
  • Nil pointer dereference with Must Bind binding in (#3171)
  • Mark go1.23 as minimum go version in (#3226)
  • Rename the Method Names of FormData and FormDatas (#3251) in (#3255)
  • Reduce the Memory Usage of ignoreHeaders in (#3322)
  • Migrate randString to rand v2 in (#3329)
  • Sorting error in sortAcceptedTypes in (#3331)
  • Reduce the memory usage of RoutePatternMatch in (#3335)
  • Replace findLastCharsetPosition with strings.LastIndexByte in (#3338)
  • Replace isInCharset with bytes.IndexByte in (#3342)
  • Remove two string fields in DefaultCtx to save 32 bytes in (#3353)
  • Replace treePath with treePathHash in DefaultCtx to reduce memory usage in (#3368)
  • Remove redundant field method in DefaultCtx in (#3372)
  • Add findNextNonEscapedCharPosition for single-byte charset cases in (#3378)
  • Change c.Redirect() default status in (#3415)
  • Improve routing treeBuild flow in (#3456)
  • Make genericParseType return error in (#3473)
  • Update minimum go version to 1.24 in (#3481)
  • Use slices.Contains to simplify code in (#3486)
  • Use maps.Copy to simplify code in (#3490)
  • Update loop syntax for retry mechanism in (#3516)
  • Update codecov configuration in (#3528)
  • Use GetState to reduce duplicate code in (#3542)
  • Improve Cookie() validation in (#3546)
  • Improve Accept* compliance with RFC 9110 in (#3548)
  • Refactor fasthttp iter calls to range loops in (#3559)
  • Add iterator helpers for client types in (#3560)
  • Update utils dependency in (#3576)
  • Refactor Opt-in support for CBOR in (#3580)
  • Simplify generic function calls in (#3578)
  • Replace math/rand with crypto/rand in (#3508)
  • Add sync pool and release helpers for Bind in (#3660)
  • Add CBOR support to AutoFormat() in (#3665)
  • Fix AcceptsLanguages() RFC compliance in (#3672)
  • Respect immutable config in Params(), Protocol(), and Body() in (#3676)
  • Delay routing error creation in (#3683)
  • Using reflect.TypeAssert in (#3698)
  • Handle Transfer-Encoding bodies in HasBody in (#3748)
  • Improve error handling when using storage drivers in (#3754)
  • Use sync.Pool for Client hooks in (#3758)
  • Avoid locking in gc() if nothing to delete in (#3765)
  • Cleanup return error logic in Bind() in (#3764)
  • Update RouteChain function in (#3761)
  • Make boundary a const in (#3783)
  • Preallocate slice size in Client::Param() in (#3782)
  • Skip locking garbage collector if nothing to delete in (#3787)
  • Enhance Body handling in setConfigToRequest for better type su… in (#3820)
  • Improve propagation of context.Context in (#3822)
  • Inline Request state wrappers in (#3827)
  • Remove unneeded "utils" alias in (#3834)
  • Add FullPath() helper to context in (#3837)
  • Handle nil map targets in Binder in (#3839)
  • Extracted generic releasePooledBinder function in (#3841)
  • Return error during EncryptCookie failure in (#3842)
  • Fix gocritic httpNoBody and hugeParam issues in (#3855)
  • Refactor internal errors to use sentinel values in (#3864)
  • Improve byte-range handling for SendFile() in (#3870)
  • Use int64 when dealing with HTTP Ranges in (#3874)
  • Replace strings.TrimSpace with utils.TrimSpace in (#3918)
  • Replace strings.Index with strings.Cut for improved readallity in (#3956)
  • Validate constraint by bit operation in (#3963)
  • Use sync.Pool for form and multipart binding in (#3967)
  • Use sync.Pool for redirect old input map in (#3971)
  • Replace anonymous struct key with named type in (#4020)
• 🧬 Middleware & Addons
  • Document "null" origin handling in CORS middleware in (#4001)
    (Docs)
  • Refactor CSRF middleware and enhance documentation in (#3598)
  • Fix pprof middleware docs and default config in (#3642)
  • Fix CORS docs and comments in (#3637)
  • Fix CSRF error message mismatch with documentation in (#3636)
  • Refactor filesystem middleware with io/fs in (#2027) (Docs)
  • Remove mutex lock in logger middleware in (#2840)
  • Update CSRF and Limiter to remove repetitive names in (#2846)
  • Refactor(middleware/cors): Config, lists as list types. in (#2962)
  • Enforce key length for EncryptCookie middleware default functions in (#3056)
  • Middleware/CORS Remove Scheme Restriction in (#3163)
  • Unify and enhance timeout middleware in (#3275)
  • Simplify HealthCheck middleware in (#3380)
  • Improve proxy middleware in (#3468)
  • Enhance KeyAuth middleware to better comply with RFC 6750 in (#3482)
  • Enhance BasicAuth middleware to better comply with RFC 6750 in (#3484)
  • Improve cache middleware RFC compliance in (#3488)
  • Enhance config validation in EncryptCookie middleware in (#3491)
  • Refactor EnvVar middleware in (#3513)
  • Improve CORS middleware response headers in (#3505)
  • Improve BasicAuth middleware default security in (#3522)
  • Improve static middleware security in (#3595)
  • Remove SHA-1/MD5 support in BasicAuth middleware in (#3634)
  • Remove support for PasswordFromContext from BasicAuth middleware in (#3638)
  • Refactor KeyAuth Middleware: Extractor-Based Configuration and Enhanced Flexibility in (#3685)
  • Return generic errors in KeyAuth middleware in (#3692)
  • Fix CSRF subdomain wildcard boundary in (#3694)
  • Improve Cache middleware defaults in (#3740)
  • Migrate Session middleware to new extractors package in (#3744)
  • Improve Compress middleware RFC compliance in (#3745)
  • Improve KeyAuth middleware RFC compliance in (#3742)
  • Update CSRF middleware to use shared extractors in (#3746)
  • Update keyauth middleware to use shared extractors in (#3747)
  • Fix cache cleanup and redact token values in (#3757)
  • Ensure middleware prefix matching requires slash boundary in (#3755)
  • Reduce the memory usage of cacheableStatusCodes in (#3789)
  • Refactor configuration management for favicon and envvar middlewares in (#3898)
  • Improve Cache middleware compliance in (#3973)
  • Further improvements to Cache middleware in (#3989)
  • Skip caching oversized responses in idempotency middleware in (#4018)
• ⚡️ Performance & Benchmarks
  • Optimize the menu item text in (#3267)
  • Remove utils.Trim* because stdlib has same performance in go1.19 in (#2030)
  • Performance improvements in (#2838)
  • Add parallel benchmarks to adaptor middleware in (#2870)
  • Expand Tests and Benchmarks for Log package in (#2886)
  • Performance optimizations in (#2947)
  • Add Benchmarks for IsProxyTrusted() in (#2933)
  • Optimize Cache middleware handler in (#3031)
  • Update benchmarks for Logger Middleware in (#3061)
  • Improve performance of Adaptor Middleware in (#3078)
  • Refactor Benchmark Results Workflow in (#3082)
  • Improve performance of helper functions in (#3086)
  • Improve Performance of c.Body() by 125% in (#3090)
  • Add Benchmarks for Rewrite Middleware in (#3092)
  • Optimize IsFromLocal() performance in (#3140)
  • Improve Performance of Fiber Router in (#3261)
  • Improve Performance of getSplicedStrList in (#3318)
  • Optimize routeParser by using sync.Pool in (#3343)
  • Add Immutable benchmarks for default case in (#3374)
  • Performance optimizations in (#3477)
  • Improve performance for "equalFieldType" function in (#3479)
  • Fix compression benchmarks in (#3561)
  • Improve iterator performance. in (#3562)
  • Improve sanitizePath performance in (#3601)
  • Skip unstable GenericParseType benchmarks in (#3614)
  • Reduce allocation in AutoFormat in (#3652)
  • Optimize Fresh header parsing for fasthttp 1.65 in (#3687)
  • Improve Req/Res Benchmarks in (#3693)
  • Improve performance analyseConstantPart in (#3753)
  • Improve allocations for Request Params() in (#3766)
  • Reduce allocations in Request (saves ~16% B/op) in (#3768)
  • Benchmark for cache miss case in (#3836)
  • Improve performance of RebuildTree() by 68% in (#3895)
  • Optimize string handling and memory allocations in (#3922)
  • Improve performance (reduce allocations) in (#3964)
• 🛠️ Testing & Tooling
  • Use testify for assertion in (#2036)
  • Generate msgp tests in (#2263)
  • V3 Feature: Make app.Test accept a time.Duration timeout in (#2269)
  • Speed up addon/retry tests in (#2800)
  • Re-enable tparallel linter in (#2801)
  • Fix testifylint errors in middleware in (#2805)
  • Fix remaining testifylint errors in (#2806)
  • Fix force type assertions in session_test.go in (#2815)
  • Address multiple lint rules in (#2869)
  • Do not retry flaky tests in (#2875)
  • Enabling shuffling, cleanup and consistency across tests in (#2931)
  • Adding a generator to generate the CTX interface in (#3024)
  • Test(middleware/session): Remove extra release and acquire ctx calls in session_test.go in (#3044)
  • Test(ctx_test): Fix race condition in (#3081)
  • The value of map is unused in uniqueRouteStack in (#3320)
  • Mark unused tests with t.SkipNow in (#3366)
  • Fix proxy middleware tests for offline environments in (#3467)
  • Add unit-test for header injection in (#3470)
  • Add URI Test case for Test_Ctx_Binders in (#3480)
  • Test: Enhance CSRF tests to address unsafe header value issue (#2045) in (#3485)
  • Improve EarlyData middleware tests coverage in (#3520)
  • Improve Idempotency middleware tests coverage in (#3521)
  • Improve Helmet middleware tests coverage in (#3523)
  • Improve Retry addon tests coverage in (#3526)
  • Add missing CSRF token extractor tests in (#3527)
  • Improve hooks test coverage in (#3524)
  • Improve Binder tests coverage in (#3529)
  • Improve CORS tests coverage in (#3530)
  • Improve CSRF tests coverage in (#3531)
  • Improve Router tests coverage in (#3550)
  • Add tests for quoteRawString in (#3613)
  • Fix Makefile to install tools before running them in (#3612)
  • Fix Cookie SameSite constants to Pascal case per RFC specification in (#3608)
  • Fix timing for streaming test in (#3628)
  • Add missing checks in Ctx tests in (#3670)
  • Stabilize interrupted stream writer test in (#3669)
  • Use ephemeral ports in unit tests in (#3686)
  • Use project toolchain for go run tools in (#3709)
  • Expand Binder tests coverage in (#3714)
  • Prevent CopyContextToFiberContext panic and add comprehensive test coverage in (#3770)
  • Add flushing-related unit tests for net/http adaptor in (#3807)
  • Fix fatal error calls in adapter_test.go in (#3810)
  • Test HEAD request compliance in (#3868)
  • Improve OPTIONS wildcard regression test in (#3869)
  • Add table-driven integration tests in (#3894)
  • Improve timing robustness in flaky cache and session tests in (#3994)

🐛 Bug Fixes

• Fix logger benchmarks in (#2074)
• Fix benchmark results related to handler, next in (#2130)
• Testifylint failure that fell through the cracks in (#2821)
• Inconsistent and flaky unit-tests in (#2892)
• CORS handling in (#2938)
• Fix some struct names in comments in (#2974)
• Fixes #3038 "v3 Flash Message with redirect is not working" in (#3046)
• Mutex for thread safety in (#3049)
• Fix data-race with sync.Pool in (#3051)
• Fasthttp errors cause panic when Params is used in (#3055)
• Use Content-Length for bytesReceived and bytesSent tags in Logger Middleware in (#3066)
• Cache middleware: runtime error: "index out of range [0] with length 0" in (#3075)
• Error check in Form binder in (#3110)
• Client: fix SetProxyURL functionality in (#3109)
• Fix handle un-matched open brackets in the query params in (#3126)
• Fix issue with default logger when creating RequestCtx in (#3134)
• Fix typo in (#3145)
• Behavior of DefaultCtx.Fresh when 'Last-Modified' and 'If-Modified-Since' are equal in (#3150)
• Adaptor middleware duplicates cookies in (#3151)
• Close File After SaveFileToStorage in (#3197)
• Make SetValWithStruct set zero values and support more types #3167 in (#3227)
• Fix EnableSplittingOnParsers is not functional in (#3231)
• Memory leak removal in the idempotency middleware in (#3263)
• Make Render bind parameter type any again in (#3270)
• Fix app.Test() auto-failing when a connection is closed early in (#3279)
• Align cache middleware with RFC7231 in (#3283)
• Goroutine leakage in (#3306)
• GenericParseType parsing large uint leads to overflow in (#3315)
• Fix handler order in routing in (#3321)
• Update binder in form_test in (#3336)
• Fix client iterators when using break statement in (#3357)
• Fix: Logger Middleware tests to use regex for time validation in (#3392)
• Handling of next param position in (#3418)
• Fix redirection flash messages violate cookie structure in (#3457)
• Fix AGENTS markdown lint in (#3460)
• Parsing of IPv6 addresses in (#3466)
• Middlewares immutable config handling in (#3494)
• Subdomains offset handling in (#3495)
• Fix Cache-Control header parsing in (#3534)
• Fix Content-Type comparison in Is() in (#3536)
• Fix Subdomains() parsing for IDNs in (#3538)
• Fix Range() parsing of bytes unit in (#3541)
• Fix Etag validation per RFC 9110 in (#3554)
• Fix Range() handling of HTTP 416 per RFC 9110 in (#3552)
• Fix Accept-Language matching per RFC 4647 in (#3553)
• Fix Cache middleware handling of Age in (#3547)
• Fix Content-Disposition header per RFC 6266 in (#3551)
• Fix Body() handling of Content-Encoding per RFC 9110 in (#3543)
• Fix multipart boundary for Client per RFC 2046 in (#3563)
• Fix address parsing for leading/trailing spaces in (#3569)
• Fix missing Allow header in EnvVar middleware per RFC 9110 in (#3570)
• Fix static/favicon middlewares file descriptor leaks in (#3579)
• Fix CookieJar domain logic in (#3564)
• Fix handling of negative BodyLimit in (#3599)
• Fix MIME type equality checks in (#3602)
• Fix retry config handling in (#3609)
• Fix limiter middleware not counting fiber.NewErrorf responses as failed requests in (#3623)
• Fix race in cookie tests in (#3629)
• Fix bind All() merging logic in (#3659)
• Fix Static middleware browser support for subdirectories in (#3673)
• Fix CORS subdomain wildcard boundary in (#3690)
• Fix support for context.Context in (#3720)
• Improve BasicAuth middleware RFC compliance in (#3743)
• Handle Unix sockets in adaptor middleware in (#3760)
• Fix usage of runtime RO data for ppc64 and s390x platforms in (#3772)
• Respect DisablePathNormalizing during client requests in (#3773)
• Always close form file in (#3786)
• Fix recover middleware panic output formatting in (#3816)
• Correct fresh flag logic in getSession in (#3825)
• Prevent memory corruption in internal memory storage from pooled buffers in (#3828)
• Avoid writing into released Response in core::execFunc() in (#3830)
• Remove Flash Cookie from Response headers after parsing in (#3840)
• Fix binder splitting for pointer-backed slice fields in (#3844)
• Fix typos in some files in (#3847)
• Execute middleware routes when handling errors in (#3846)
• Fix copying of key/values in internal/memory in (#3829)
• Fix maintain CustomCtx across middlewares in (#3852)
• Fix default value for MaxFunc in Limiter middleware in (#3871)
• Fix handling of wildcard matching in acceptsOffer in (#3880)
• Fix handling of no-body HTTP statuses in (#3883)
• Fix and improvements for the sliding window Limiter in (#3893)
• Improve suffix range normalization in (#3902)
• Enhance Origin and Referer Validation in CSRF middleware in (#3904)
• Respect Authorization when caching responses in (#3905)
• Fprint to use format instead of fmtArgs in (#3925)
• Enforce body limits in SaveFileToStorage in (#3929)
• V3 fix custom errorhandler invokation in (#3930)
• Fix example in whats_new.md in (#3949)
• Ensure flash messages are consumed after retrieval in (#3936)
• Fix FIPS-140 compliance for EncryptCookie middleware in (#3955)
• Guard Binds decoder sync.Pool in (#3969)
• Fix Early-Data trusted proxy handling in (#3974)
• Preserve session data map across resets in (#3968)
• Improve cookie decryption handling by deleting invalid cookies after iteration in (#3988)
• Respect body limit configuration in adaptor middleware in (#3990)
• Security: Enforce case-sensitive null origin validation in CORS in (#3995)
• Optimize CORS origin validation to avoid unnecessary processing in (#3996)
• Validate CORS origins before using AllowOriginsFunc in (#3991)
• Trim forwarded host values in (#4012)
• Normalize forwarded scheme parsing in (#4011)
• Return immediately on timeout and propagate context correctly in (#4009)
• Trim values from getSplicedStrList in (#4026)
• Return bytes read from readContent in (#4027)
• Reload mounted view engines in ReloadViews in (#4031)
• Handle typed-nil http handler funcs in (#4030)

🛠️ Maintenance

• Bump github.com/valyala/fasthttp from 1.51.0 to 1.69.0 in (#2857, #3000, #3037, #3146, #3183, #3244, #3314, #3391, #3440, #3557, #3586, #3684, #3790, #3819, #3992)
• Updated fasthttp to 1.54.0 release in (#3010)
• Bump github.com/gofiber/schema from 1.2.0 to 1.6.0 in (#3308, #3462, #3504, #3574)
• Bump github.com/gofiber/utils/v2 from 2.0.0-beta.3 to 2.0.0-rc.6 in (#2935, #3062, #3174, #3389, #3540, #3568, #3689, #3853, #3914, #3926, #3997)
• Bump github.com/tinylib/msgp from 1.1.8 to 1.6.3 in (#3147, #3182, #3185, #3240, #3447, #3716, #3823, #3920, #3977, #3978)
• Bump github.com/shamaton/msgpack/v2 from 2.2.3 to 2.4.0 in (#3678, #3719, #3808)
• Bump github.com/klauspost/compress from 1.18.1 to 1.18.3 in (#3911, #4013)
• Bump github.com/google/uuid from 1.5.0 to 1.6.0 in (#2810)
• Bump golang.org/x/crypto from 0.28.0 to 0.45.0 in (#3243, #3247, #3274, #3305, #3327, #3341, #3395, #3438, #3506, #3737, #3796, #3863, #3882)
• Bump golang.org/x/net from 0.31.0 to 0.47.0 in (#3293, #3544, #3572, #3738, #3791, #3795, #3861)
• Bump golang.org/x/text from 0.29.0 to 0.33.0 in (#3797, #4003)
• Bump golang.org/x/sys from 0.39.0 to 0.40.0 in the golang-modules group in (#4000)
• Bump github.com/mattn/go-colorable from 0.1.13 to 0.1.14 in (#3277)
• Bump github.com/fxamacker/cbor/v2 from 2.7.0 to 2.9.0 in (#3384, #3581)
• Upgrade shamaton/msgpack from v2.4.0 to v3.0.0 in (#4023)
• Bump minimum version of Go to 1.21 in (#2911)
• Bump golangci-lint from v1.56.1 to v1.62.0 in (#2842, #2862, #3029, #3119, #3135, #3196)
• Make golangci-lint config stricter in (#2874)
• Add support for longtests during CI in (#3054)
• Bump nick-fields/retry from 2 to 3 in (#2824)
• Bump benchmark-action/github-action-benchmark from 1.16.2 to 1.20.7 in (#2827, #2950, #3008, #3177, #3730, #3736)
• Bump release-drafter/release-drafter from 5 to 6.2.0 in (#2826, #4022, #4025)
• Bump golangci/golangci-lint-action from 3 to 9.2.0 in (#2855, #2986, #2994, #3896, #3916)
• Bump github.com/stretchr/testify from 1.8.4 to 1.11.1 in (#2888, #3217, #3712, #3715)
• Bump codecov/codecov-action from 4.0.1 to 5.5.2 in (#2901, #2941, #2959, #2993, #2999, #3009, #3035, #3154, #3207, #3209, #3210, #3213, #3234, #3256, #3292, #3295, #3334, #3413, #3459, #3701, #3734, #3935)
• Bump actions/setup-go from 4 to 6.2.0 in (#2789, #3732, #3886, #4006)
• Bump github/codeql-action from 2 to 4.32.0 in (#2788, #3792, #3866, #3878, #3897, #3910, #3927, #3945, #3950, #4004, #4034, #4036)
• Bump actions/cache from 3 to 5.0.3 in (#2803, #3944, #3947, #4017, #4040)
• Bump fuxingloh/multi-labeler from 2 to 4 in (#2856)
• Bump DavidAnson/markdownlint-cli2-action from 16 to 22.0.0 in (#3128, #3208, #3266, #3453, #3873, #3932)
• Bump streetsidesoftware/cspell-action from 8.0.0 to 8.2.0 in (#3938, #3993, #4039)
• Bump kenchan0130/actions-system-info from 1.3.0 to 1.4.0 in (#3492, #3679)
• Bump actions/setup-node from 4 to 6.2.0 in (#3733, #3804, #3915, #4008)
• Bump actions/checkout from 3 to 6.0.2 in (#3083, #3681, #3877, #3887, #3917, #4028)
• Bump lewagon/wait-on-check-action from 1.4.1 to 1.5.0 in (#4033)
• Bump the golang-modules group with 4 updates in (#3931)
• Bump the golang-modules group with 2 updates in (#4005)
• Add go1.22 to test matrix in (#2835)
• Replace release-drafter autolabel with fuxingloh/multi-labeler in (#3872)
• Add CODEOWNERS file in (#2851)
• Update golangci-lint to v1.55.2 in (#2817)
• Update golangci-lint to enable more lint rules in (#2923)
• Add support for go1.23 and golangci-lint v1.60.1 in (#3101)
• Add go1.24 to CI matrix in (#3325)
• Add modernize lint in (#3590)
• Add inamedparam linter in (#2848)
• Remove repo codecov.yml in (#3525)
• Enable govet shadow in (#3617)
• Fix benchmark results in (#1982)
• Fix spelling issues in (#3813)
• Golangci-lint issue for go1.25.0 in (#3775)
• Require Go 1.25 in (#3682)
• Run tests against Apple M1 platform in (#2852)
• Update AGENTS.md in (#3901)

📚 Documentation

• Update Version Numbers in Docs in (#2853)
• Updates to fiberlog benchmarks and documentation in (#3059)
• Remove deprecated comments and documenting recent changes in (#3498)
• Update godoc for fiber.New() in (#3928)
• Undocumented function in session.md in (#2795)
• Fix typo in documentation in (#2802)
• Fix a misspelled comment in (#2809)
• Update Typo documentation in (#2820)
• Typo in routing.md in (#2836)
• Fix code snippet indentation in /docs/api/middleware/keyauth.md in (#2868)
• Fix TrustedProxies documentation related to IP ranges in (#2887)
• Update docs to reflect fiber.Ctx struct to interface change in (#2880)
• Improve translation in (#2899)
• Update Copilot docs and setup in (#3585)
• Refactor Documenation for HealthCheck in (#2905)
• Fixed a typo in app.go in (#2912)
• Cleanup and updates to README files in (#2914)
• Fix merge conflict in documentation in (#2957)
• Fix broken link to slim template in FAQ in (#2969)
• Update config TrustedOrigin comments in (#2963)
• Consolidate and Document Core Changes in v3 in (#2934)
• Fix some comments in (#2983)
• CORS middleware in (#2979)
• Add docs for new client in (#2991)
• Update intro.md to make clear fiber.Ctx is not thread-safe. in (#3014)
• Improve ctx.Locals method description, godoc and example in (#3032)
• Add zero-allocation section to README in (#3039)
• Add support for consistent documentation using markdownlint in (#3064)
• Update example in middleware/cors to v3 in (#3116)
• Update recover docs to not use reserved keyword in (#3129)
• Fix typos in client hooks documentation in (#3133)
• Replaced link to russian mozilla docs in (#3142)
• Removed zero width white space from logger docs in (#3144)
• Fix typo on comment in (#3158)
• Typo in hooks documentation in (#3164)
• Update README.md in (#3165)
• Update What's New documentation in (#3181)
• Clarify SendFile Docs in (#3172)
• Update intro documentation in (#3204)
• Updates to API documentation and README in (#3205)
• Updates to Context documentation in (#3206)
• Update documentation for Fiber client in (#3249)
• Fix static middleware CacheDuration data type typo in (#3273)
• Add ctx.Drop() to whats_new.md in (#3284)
• Add c.Drop() example to whats_new.md in (#3285)
• Update intro.md Static Files section in (#3303)
• Update adapter middleware documentation in (#3317)
• Add Retry Addon documentation in (#3330)
• Update Helmet Middleware default values in (#3348)
• Update helmet.md default values in (#3350)
• Add more validation examples in (#3369)
• Update docs for State Management in (#3388)
• Fix CSRF handler example in (#3412)
• Adjust Funding Custom URL in (#3432)
• Fix examples in middleware/session in (#3435)
• Idempotency add more detailed description for next method in (#3443)
• Document usage of Custom Tags in Logger middleware in (#3446)
• Fix typos in (#3464)
• Fix more typos across code base in (#3465)
• Fix typos in code and docs in (#3507)
• Enhance CORS middleware documentation with preflight request details and infrastructure considerations in (#3509)
• Add custom constraint example in (#3539)
• Incorrect usage of backslash characters in the constraint … in (#3549)
• Add net/http compatiblity section in (#3556)
• Add documentation for Stale() in (#3555)
• Update utils guide documentation in (#3575)
• Fix EarlyData middleware docs in (#3646)
• Fix Skip middleware docs in (#3649)
• Fix context changes doc in (#3650)
• Fix RequestID docs in (#3648)
• Fix Proxy middleware docs in (#3647)
• Fix Compress middleware docs in (#3645)
• Fix Cache middleware docs in (#3644)
• Fix Favicon middleware documentation in (#3640)
• Fix Static middleware docs in (#3643)
• Fix Healthcheck middleware documentation in (#3657)
• Fix KeyAuth middleware docs in (#3641)
• Improve Timeout middleware documentation in (#3675)
• Add context guide in (#3677)
• Add Learning Resources section with Go Interview Practice platform in (#3691)
• Fix typos in documentation in (#3695)
• Add early hints documentation in (#3697)
• Document utils package migration in (#3704)
• Note CSRF ContextKey removal in (#3706)
• Note removal of context keys in (#3707)
• Add migration tool info in (#3708)
• Improve wording and fix typos in (#3713)
• Full audit of documentation in (#3717)
• Add RoutePatternMatch documentation in (#3722)
• Clarify context interface implementation in (#3729)
• Ensure all exported elements are documented in (#3752)
• Document usage of reverse proxies for SendEarlyHints in (#3778)
• Fix broken link in the Routing guide in (#3831)
• Update docs/whats_new.md in (#3889)
• Clarify handler execution order and usage in Add() in (#3890)
• Update cache migration guidance in (#3908)
• Clarify client migration examples in (#3921)
• Add goroutine cancellation example using context.WithTimeout in (#3884)
• Fix some comments to improve readability in (#3943)
• Update logger middleware format constants in (#3951)
• Refresh adaptor middleware guidance in (#3981)
• Update Services icon and prefork warning for State Management in (#4002)

Thank you to all contributors:
@ad3n, @akilesh1706, @alequilesl, @alexandear, @Alijeyrad, @aliziyacevik, @andradei, @arturmelanchyk, @asyslinux, @AuroraTea, @axrav, @balcieren, @Behzad-Khokher, @BigJoe17, @brunodmartins, @canks69, @ckoch786, @cuiweixie, @darwin808, @dave-gray101, @deferdeter, @devhaozi, @devhsoj, @Dishank-Sen, @dockercui, @dojutsu-user, @dozheiny, @dreamscached, @duhnnie, @edvardsanta, @efectn, @emirhansirkeci, @ErfanMomeniii, @Fenny, @findfluctuate, @gaby, @gandaldf, @glensargent, @gopkg-dev, @gozeloglu, @grivera64, @guerzon, @haikalSusanto, @haochunchang, @hcancelik, @hotrungnhan, @hungthai1401, @imsk17, @ItsMeSamey, @JIeJaitt, @jsoref, @K0ng2, @KatzuYoru, @khanhkhanhlele, @kianmeng, @kirankumar-grootan, @kiuber, @KrisCarr, @ksw2000, @ktat, @LaptopCat, @Larinax999, @Lars-Schumann, @laughing-nerd, @leonklingele, @linogomez, @luk3skyw4lker, @mazyaryousefinia, @mdelapenya, @mitulagr2, @miyamo2, @MonkyMars, @negrel, @nexovec, @nickajacks1, @nnnkkk7, @oktayozkan0, @omaskery, @omer-cengel, @orvillesimba, @pjebs, @rabarar, @racerole, @ReneWerner87, @RezaSi, @ryanbekhen, @s19835, @SantiagoBobrik, @sebytza23, @shamaton, @sigmundxia, @SivaPA08, @sixcolors, @StrawHatHacker, @sunnyyssh, @techerfan, @the-hotmann, @TheAspectDev, @theleeeo, @tongjicoder, @trim21, @vhespanha, @wangjq4214, @xEricL, @yinheli, @yorickdewid, @ZihxS, @zingi

Full Changelog: v2.52.11...v3.0.0

For a detailed view of all changes and the migration guide, visit:
https://docs.gofiber.io/whats_new