chore(go.mod): bump github.com/valyala/fasthttp from 1.33.0 to 1.34.0

[dependabot]

Bumps github.com/valyala/fasthttp from 1.33.0 to 1.34.0.

Release notes

Sourced from github.com/valyala/fasthttp's releases.

v1.34.0

• 59f94a3 Update github.com/klauspost/compress (#1237) (Mikhail Faraponov)
• 62c15a5 Don't reset RequestCtx.s (#1234) (Erik Dubbelboer)
• 7670c6e Fix windows tests (#1235) (Erik Dubbelboer)
• f54ffa1 feature: Keep the memory usage of the service at a stable level (#1216) (Rennbon)
• 15262ec Warn about unsafe ServeFile usage (#1228) (Erik Dubbelboer)
• 1116d03 Fix panic while reading invalid trailers (Erik Dubbelboer)
• 856ca8e Update dependencies (#1230) (Mikhail Faraponov)
• 6b5bc7b Add windows support to normalizePath (Erik Dubbelboer)
• f0b0cfe Don't log ErrBadTrailer by default (Erik Dubbelboer)
• 6937fee fix: (useless check), skip Response body if http method HEAD (#1224) (Pavel Burak)
• b85d2a2 Fix http proxy behavior (#1221) (Aoang)
• ad8a07a RequestHeader support set no default ContentType (#1218) (Jack.Ju)
• c94581c support configure HostClient (#1214) (lin longhjui)
• 632e222 Client examples (#1208) (Sergey Ponomarev)
• 6a3cc23 uri_test.go use example.com for clearness (#1212) (Sergey Ponomarev)
• 9d665e0 Update dependencies (#1204) (Mikhail Faraponov)
• 8d7953e Fix scheme check for not yet parsed requests (#1203) (ArminBTVS)

Commits

• 59f94a3 Update github.com/klauspost/compress (#1237)
• 62c15a5 Don't reset RequestCtx.s (#1234)
• 7670c6e Fix windows tests (#1235)
• f54ffa1 feature: Keep the memory usage of the service at a stable level (#1216)
• 15262ec Warn about unsafe ServeFile usage (#1228)
• 1116d03 Fix panic while reading invalid trailers
• 856ca8e Update dependencies (#1230)
• 6b5bc7b Add windows support to normalizePath
• f0b0cfe Don't log ErrBadTrailer by default
• 6937fee fix: (useless check), skip Response body if http method HEAD (#1224)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[soohoowoohoo]

Hi @thoas and @novln, a dependency scanning tool for a project I'm working on has marked the ulule/limiter package as vulnerable due to the fasthttp dependency being below 1.34.0. Will this PR be merged anytime soon and is there a timeline for releasing a new version of the package with the dependency update to 1.34.0? Thanks in advance!

[thoas]

done, thks @soohoowoohoo