Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Fastify is a fast and low overhead web framework for Node.js. It is highly performant and provides an extensive plugin architecture, making it suitable for building a wide range of server-side applications and services.
Web Server
Fastify allows you to create a web server that can handle HTTP requests and send responses. The above code demonstrates setting up a simple server that responds with JSON when the root route is accessed.
const fastify = require('fastify')({ logger: true });
fastify.get('/', async (request, reply) => {
return { hello: 'world' };
});
fastify.listen(3000, (err, address) => {
if (err) throw err;
fastify.log.info(`server listening on ${address}`);
});
Route Shorthand Methods
Fastify provides shorthand methods for different HTTP methods like GET, POST, etc. This makes it easy to define routes for various request types.
fastify.get('/example', (request, reply) => {
reply.send({ message: 'This is a GET request' });
});
fastify.post('/example', (request, reply) => {
reply.send({ message: 'This is a POST request' });
});
Schema Validation
Fastify supports schema validation for request payloads, query strings, and parameters using JSON Schema. This ensures that the data received is in the expected format.
const schema = {
body: {
type: 'object',
required: ['name'],
properties: {
name: { type: 'string' },
age: { type: 'number' }
}
}
};
fastify.post('/user', { schema }, (request, reply) => {
// Handle request knowing that the body has been validated against the schema
});
Plugins
Fastify has a powerful plugin system that allows you to extend its core functionality. Plugins can add new features, routes, services, and decorators to the Fastify instance.
const myPlugin = async (fastify, options) => {
fastify.decorate('utility', () => {
return 'something useful';
});
};
fastify.register(myPlugin);
// Now you can use fastify.utility() in your application
Lifecycle Hooks
Fastify provides lifecycle hooks that can be used to execute code at various stages of the request/response cycle, such as onRequest, preHandler, onResponse, etc.
fastify.addHook('onRequest', (request, reply, done) => {
// Perform some operations before the request handler is executed
done();
});
Express is one of the most popular web frameworks for Node.js. It is known for its simplicity and minimalism. Compared to Fastify, Express has a larger ecosystem and community but may not be as performant due to its less optimized architecture.
Koa is a web framework designed by the creators of Express, aiming to be a smaller, more expressive, and more robust foundation for web applications and APIs. Koa uses async functions to eliminate callbacks and improve error handling. It is less opinionated than Fastify and has a smaller footprint.
Hapi is a rich framework for building applications and services, known for its powerful plugin system. It is designed to be more configurable and to provide a richer set of features out of the box compared to Fastify, which can make it heavier and potentially slower.
Restify is a Node.js web service framework optimized for building semantically correct RESTful web services ready for production use at scale. Restify is similar to Fastify in terms of performance but is more focused on API creation than being a general-purpose web framework.
An efficient server implies a lower cost of the infrastructure, a better responsiveness under load and happy users. How can you efficiently handle the resources of your server, knowing that you are serving the highest number of requests as possible, without sacrificing security validations and handy development?
Enter Fastify. Fastify is a web framework highly focused on providing the best developer experience with the least overhead and a powerful plugin architecture. It is inspired by Hapi and Express and as far as we know, it is one of the fastest web frameworks in town.
The main
branch refers to the Fastify v5
release, which is not released/LTS yet.
Check out the 4.x
branch for v4
.
Create a folder and make it your current working directory:
mkdir my-app
cd my-app
Generate a fastify project with npm init
:
npm init fastify
Install dependencies:
npm i
To start the app in dev mode:
npm run dev
For production mode:
npm start
Under the hood npm init
downloads and runs Fastify
Create, which in turn uses the
generate functionality of Fastify CLI.
To install Fastify in an existing project as a dependency:
Install with npm:
npm i fastify
Install with yarn:
yarn add fastify
// Require the framework and instantiate it
// ESM
import Fastify from 'fastify'
const fastify = Fastify({
logger: true
})
// CommonJs
const fastify = require('fastify')({
logger: true
})
// Declare a route
fastify.get('/', (request, reply) => {
reply.send({ hello: 'world' })
})
// Run the server!
fastify.listen({ port: 3000 }, (err, address) => {
if (err) throw err
// Server is now listening on ${address}
})
with async-await:
// ESM
import Fastify from 'fastify'
const fastify = Fastify({
logger: true
})
// CommonJs
const fastify = require('fastify')({
logger: true
})
fastify.get('/', async (request, reply) => {
reply.type('application/json').code(200)
return { hello: 'world' }
})
fastify.listen({ port: 3000 }, (err, address) => {
if (err) throw err
// Server is now listening on ${address}
})
Do you want to know more? Head to the Getting Started
.
Note
.listen
binds to the local host,localhost
, interface by default (127.0.0.1
or::1
, depending on the operating system configuration). If you are running Fastify in a container (Docker, GCP, etc.), you may need to bind to0.0.0.0
. Be careful when deciding to listen on all interfaces; it comes with inherent security risks. See the documentation for more information.
Machine: EX41S-SSD, Intel Core i7, 4Ghz, 64GB RAM, 4C/8T, SSD.
Method:: autocannon -c 100 -d 40 -p 10 localhost:3000
* 2, taking the
second average
Framework | Version | Router? | Requests/sec |
---|---|---|---|
Express | 4.17.3 | ✓ | 14,200 |
hapi | 20.2.1 | ✓ | 42,284 |
Restify | 8.6.1 | ✓ | 50,363 |
Koa | 2.13.0 | ✗ | 54,272 |
Fastify | 4.0.0 | ✓ | 77,193 |
- | |||
http.Server | 16.14.2 | ✗ | 74,513 |
Benchmarks taken using https://github.com/fastify/benchmarks. This is a synthetic, "hello world" benchmark that aims to evaluate the framework overhead. The overhead that each framework has on your application depends on your application, you should always benchmark if performance matters to you.
Getting Started
Guides
Server
Routes
Encapsulation
Logging
Middleware
Hooks
Decorators
Validation and Serialization
Fluent Schema
Lifecycle
Reply
Request
Errors
Content Type Parser
Plugins
Testing
Benchmarking
How to write a good plugin
Plugins Guide
HTTP2
Long Term Support
TypeScript and types support
Serverless
Recommendations
中文文档地址
Please visit Fastify help to view prior support issues and to ask new support questions.
Whether reporting bugs, discussing improvements and new ideas or writing code, we welcome contributions from anyone and everyone. Please read the CONTRIBUTING guidelines before submitting pull requests.
Fastify is the result of the work of a great community. Team members are listed in alphabetical order.
Lead Maintainers:
Great contributors on a specific area in the Fastify ecosystem will be invited to join this group by Lead Maintainers.
Past Collaborators
We are a At-Large Project in the OpenJS Foundation.
Support this project by becoming a SPONSOR! Fastify has an Open Collective page where we accept and manage financial contributions.
This project is kindly sponsored by:
Past Sponsors:
This list includes all companies that support one or more of the team members in the maintenance of this project.
Licensed under MIT.
For your convenience, here is a list of all the licenses of our production dependencies:
FAQs
Fast and low overhead web framework, for Node.js
The npm package fastify receives a total of 2,019,715 weekly downloads. As such, fastify popularity was classified as popular.
We found that fastify demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.