build(deps): bump fastify-reply-from from 3.5.0 to 4.0.2

[dependabot]

Bumps fastify-reply-from from 3.5.0 to 4.0.2.

Release notes

Sourced from fastify-reply-from's releases.

v4.0.2

Security Fix, CVE-2021-21321

v4.0.0

📚 PR:

• Bump form-data from 2.5.1 to 3.0.0
• Merge pull request #123 from fastify/dependabot/npm_and_yarn/form-data-3.0.0
• Bump msgpack5 from 4.5.0 to 5.0.0
• Merge pull request #127 from fastify/dependabot/npm_and_yarn/msgpack5-5.0.0
• fix: sanitize url to avoid attack
• fix: throw when source url is invalid
• Merge pull request #128 from fastify/sanitize-url
• Fixes a typo in the README (#124)
• Fixes another typo in README.md (#125)

Commits

• e158d9b Bumped v4.0.2
• 641be75 Merge pull request from GHSA-qmw8-3v4g-gwj4
• 18f1de2 Bumped v4.0.1
• 0a62aaa fix: add port to host header if available (#146)
• 7fb8dfe ci: specify version of coveralls github action to use (#142)
• d472980 Bump fastify-multipart from 3.3.1 to 4.0.0 (#139)
• 9a4e735 Merge pull request #138 from fastify/dependabot/github_actions/actions/setup-...
• 18d7fc4 Bump fastify/github-action-merge-dependabot from v1 to v1.1.1 (#137)
• 3bacb68 Bump actions/setup-node from v1 to v2.1.4
• ae16b10 chore: documentation and ci updates (#134)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Superseded by #13.