comms-router
comms-router copied to clipboard
Nexmo
Update dependency org.webjars:swagger-ui to v3.44.0 (main)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| org.webjars:swagger-ui (source) | compile | minor | 3.13.0 -> 3.44.0 |
By merging this PR, the issue #118 will be automatically resolved and closed:
| Severity |  CVSS Score |
CVE | Reachability |
|---|---|---|---|
 Medium |
5.4 | WS-2018-0593 | |
| Medium |
4.3 | CVE-2018-25031 |
Release Notes
swagger-api/swagger-ui (org.webjars:swagger-ui)
v3.44.0: Swagger UI v3.44.0 Released!
Bug Fixes
- info: use externalDocsUrl check to render Link (#6997) (b7d3d1c)
- lint: use semicolons + closing link in html (#6951) (17093f2)
- lint: put
scripttag inbodyin oauth2-redirect.html (#6958)
Features
- models: collapsed schema content should be clickable (#6942) (0e6dc04)
- verbose Failed to fetch error (#6938) (4db2edc)
- docs: sample datepicker plugin with json schema components (#6939) (ba74c02)
v3.43.0: Swagger UI v3.43.0 Released!
Features
- use example gen for multiple example value retainer examples (#6920) (fad81f8)
- validate nullable (#6928) (a2a561e)
Bug Fixes
- support OAuth2 PKCE when using the OIDC authorization_code flow (#6914) (5e69d3c)
- sample-gen: enum without type should be handled by sample-gen (#6912) (7ead9ba)
Other
swagger-cllient: version bump to 3.13.1
v3.42.0: Swagger UI v3.42.0 Released!
Features
- enhance parameter validation (#6878) (5c4dfc2)
- sample-gen multi and form media-type (#6874) (8ed6c34)
Bug Fixes
v3.41.1: Swagger UI v3.41.1 Released!
Bug Fixes
v3.40.0: Swagger UI v3.40.0 Released!
Features
- doc: added introduction (#6806) (d80cc40)
- docker: add docker support for persist authorization variable (#6832) (a7ba55a)
- group / sort parameters by location (#6745) (ddaee4e)
Bug Fixes
- sample-gen: should render additionalProperties in example (#6821) (35cb925)
- sample-gen: should return json literal example (#6827) (a2f7917)
- sample-gen: should return xml literal example (#6822) (59b42bb)
- spec-selector: isMediaTypeSchemaPropertiesEqual should handle case where literal media-types are equal. (#6820) (25433c4)
- style: code should should wrap line (#6831) (7087210), closes #6764
v3.38.0: Swagger UI v3.38.0 Released!
Features
Bug Fixes
- components: fix keys rendering in React 16 using .entrySeq() (#6685) (20a8987)
- security fixes applied in
[email protected],[email protected], and[email protected]
v3.37.2: Swagger UI v3.37.2 Released!
- chore: update swagger-js to v3.12.1 which brings better support for $ref resolving (#4765) (#5625 )
- chore(release): fix release v3.37.1 release
- chore(package): allow auto-update of swagger-client (
d3fb9ab)
v3.37.0: Swagger UI v3.37.0 Released!
Features
Bug Fixes
- examples: properly update memoized value in non-schema case (#6641) (d2ef8f3), closes #6631
- xml: example generation if an array has an example (#6634) (24225e4), closes #6627
v3.36.2: Swagger UI v3.36.2 Released!
Bug Fixes
- duplicate labels in Servers UI (#6568) (1f10240)
- externalDocs url for tags when using swagger v2.0 (#6579) (6db4def)
- schema example: xml gen should follow json gen behavior (#6555) (288c89b), closes #6470 #6540 #4943
- cypress: oas3-request-body-required flakineess (#6583) (64ae7af)
v3.36.1: Swagger UI v3.36.1 Released!
- swagger-client: update to v3.12.0. Fixes
nested allOf/oneOf schema resolutionin #5194, #5923, #4672
Bug Fixes
v3.36.0: Swagger UI v3.36.0 Released!
Features
Bug Fixes
- auth: Allow PKCE for legacy AccessCode OAuth2 Grant Type (#6011) (5a87c8a), closes #6010
- auth: support for oauth2 relative url (#6546) (0a807d6)
- auth: add additional autoFocus for http-auth component (#6527) (8e3e059), closes #6483
- response examples should respect media-type (#6456) (87ab4e9)
- duplicate downloading of remote config (#6544) (50e5f65)
- oauth redirect HTML title tag (#6533) (17f140b)
v3.35.2: Swagger UI v3.35.2 Released!
Bug Fixes
-
oas3: switching media types should update schema properties (#6518) (3905fad), closes #6201 #6250 #6476
-
missing commas in response header values #6183 (#6515) (99fda81)
-
style: preventing long strings from overflowing (#5934) (#6507) (4b2fddd)
-
jest: add stub for errActions to prevent unhandled promise rejections #6365 (#6495) (537ad6d)
-
jest: unknown prop initialValue on input tag (#6506) (1af8678)
v3.35.1: Swagger UI v3.35.1 Released!
Bug Fixes
-
parameter-row: rendering of default/example values of 0 (#6454) (797929f)
-
syntax-highlighter: configuration for Examples (#6455) (b5e8081), closes #5259
-
examples multipart array sample generation for items (#6461) (f4bdf2f)
-
filter: avoid filtering by the strings "true/false" when enabled (#6477) (aa53ec2)
-
style: inconsistent background colors in code sections (#6472) (1b11d5c)
-
deprecate from "new Buffer" to "Buffer.from" (#6489) (6c5e91d)
v3.35.0: Swagger UI v3.35.0 Released!
Bug Fixes
- auth: both array and Im.List scopes can be added to redirectURL (#6416) (95fd3e7)
- swagger-ui-react: Use oneOfType in spec prop validation (fix #6399) (#6400) (52360a0)
- sample schema should stringify string values for content-type: text/json (#6431) (ad630cc), closes #6412
- try-it-out: required boolean default value set to empty string (#6449) (f5c709f), closes #6429
Features
- curl: configuration setting to pass additional options to curl command for "Try it out" (#6288) (cbe99c8)
- swagger-ui-react: add deeplinking as prop (#6424) (6b12f15)
v3.34.0: Swagger UI v3.34.0 Released!
Features
- Preserve authorization on browser refresh and close/reopen (#5939) (96aecc8)
- build: use core-js@3 (#6410) (ac41813)
Refactor
- build: increase maxEntrypointSize for core-js@3 (#6419)
- csp: Update how the JavaScript run function is invoked in oauth2-redirect.html (#6393)
v3.32.5: Swagger UI v3.32.5 Released!
Bug Fixes
v3.32.3: Swagger UI v3.32.3 Released!
This release is intended to enable npm to include es2015 bundle files. There are no source code changes in this release.
Bug Fixes
v3.32.1: Swagger UI 3.32.1 Released!
This release should properly include swagger-ui-es-bundle and swagger-ui-es-bundle-core in the /dist directory. There are no other source code changes in this release.
Bug Fixes
v3.31.1: Swagger UI 3.31.1 Released!
Bug Fixes
v3.30.0: Swagger UI 3.30.0 Released!
Features
Security
- housekeeping(deps): [email protected] [security] (#6230)
v3.28.0: Swagger UI 3.28.0 Released!
Bug Fixes
- avoid mapping Immutable.Map as React children (#6165) (93020e2)
- render Common Extensions properly in React 16 (#5930) (e1e4d5b)
Features
v3.27.0: Swagger UI 3.27.0 Released!
Features
- model view: hide applicable readOnly and writeOnly properties (#5832) (f8dd4e6)
- model view Added onLoad()s and tweaker onToggle() to support ScrollTo functionality for Models (#5237)
- Copy response to clipboard #4300 (#5278) (973e1f7)
- Display example value in Swagger ReadOnly documentation mode (#4422) (ca1b19a)
- swagger-ui-react: add
displayOperationIdconfig support (#5795) (bd1b297)
Bug Fixes
- remove clipboard inline svg from a file with SASS (#6148) (eeb0b73)
- curlify agnostic to order of header values (#6152) (b86e8e9), closes #6082
- Docker: case where SWAGGER_ROOT in conjunction with BASE_URL does not work (#6147)
- Call
DomPurify.addHookonly if it exists (#5428)
Docs
- Docs: Demonstrate a simple Webpack setup (#5185)
v3.26.1: Swagger UI 3.26.1 Released!
⚠️ This release includes a security update with Markdown render.
Features
- New
OAUTH_SCOPESconfiguration property to select all/none/user_list to OAuth scopes popup (#6037) (275c8f2) - Docker New
SWAGGER_JSON_URLoption to allow remote urls from Docker (#6122) - Docker
VALIDATOR_URLnow has options to disable the validation badge (#5994) - Various style improvements (#6014) (#5578) (#5478)
Bug Fixes
- Markdown: render markdown in more secure way (a616cb4)
- Docker allow local ref's to be served by nginx (#5565) (f353974)
- Docker support variables in auth urls (#5913) (21f5149)
v3.26.0: Swagger UI 3.26.0 Released!
Features
- Allow to skip submitting empty values in form data (#5830) (b9b32c9)
- Add empty data param to cURL if no POST request body was given (#6017)
Bug Fixes
- set default supportedSubmitMethods (#6030) (3b6942c)
- OAS3 upload file when array items are type=string format=binary (#6040)
- support generated curl for PUT and PATCH requests (#5960)
- flaky test: bugs/4641 use wait on route alias (#6048) (5bbd3e7)
Housekeeping
- SwaggerClient version 3.10.6
- dependency updates
v3.25.5: Swagger UI 3.25.5 Released!
Bug Fixes
entriescan now be generally used again as a key name. special handling of non-FormData entries removed (#6036) (68185dd), closes #6033
v3.25.4: Swagger UI 3.25.4 Released!
Bug Fixes
- bump swagger-client to version 3.10.4 and return back compatibility with node.js >= 4
- allow entries as property name (#6025) (3a65070)
v3.25.3: Swagger UI 3.25.3 Released!
Changelog
- housekeeping: update release-it config
- housekeeping: bump swagger-client version with package-lock (#6008)
- housekeeping: update dev-e2e-cypress-open script name (#6005)
Bug Fixes
- curl array support within multipart/form-data (#3838) (#5999) (96c7b4c)
- jsonSchemaComponent file/files (#5997) (#6000) (65597d1)
v3.25.2: Swagger UI 3.25.2 Released!
Changelog
- feature: JsonSchema components are now ImmutableJS compliant (#5952)
- fix: remove clearValidation from onTryoutClick (#5955)
v3.25.1: Swagger UI 3.25.1 Released!
No release summary included.
Changelog
- improvement: render OAS3 parameter type formats (#5796)
- improvement:
showCommonExtensionssupport for OAS3 parameters (#5901) - improvement: support for supportedSubmitMethods property in react component (#5376)
- improvement: do not require basic password in UI (#5812)
- improvement: add isShownKey prop to Operation to allow overriding (#5196)
- fix(docker-image): send relative HTTP 301s from within container (#5409)
- fix: expanding model when query param showExtensions=true exists (#5918)
- fix: incorrect PropType in Model ImmutablePureComponent (#5921)
- fix: OAS3 online validator badge (#5909)
- housekeeping: add static distribution file documentation (#5095)
- housekeeping: update plugin api component for failSilently (#5953)
v3.25.0: Swagger UI 3.25.0 Released!
No release summary included.
Changelog
- feature(swagger-ui-react):
defaultModelExpandDepthandpluginsprops (#5594) - improvement: clear auth information from memory when logging out (#5316)
- improvement: use type 'password' instead of text for client secret (#5262)
- housekeeping(docs): https path for unpkg link (#5769)
- housekeeping: fix logo size (#5702)
- housekeeping: fix
npm run lintandnpm teston Windows (#5737) - housekeeping:
npm audit fix(#5718, #5772, #5805)
v3.24.3: Swagger UI 3.24.3 Released!
Changelog
- housekeeping:
npm audit fix(#5718)
v3.24.2: Swagger UI 3.24.2 Released!
This release reverts Swagger UI's upgrade to redux@^4 (via #5569), which was causing test failures in downstream projects.
v3.24.0: Swagger UI 3.24.0 Released!
Changelog
- feature: add PKCE support for OAuth2 Authorization Code flows (#5361)
- fix:
parameterMacrofunctionality for OAS3 (#5617) - fix(validateParam): validate JSON values + support
Parameter.content(#5657) - fix: overweight dependencies in PKCE implementation (#5658)
v3.23.11: Swagger UI 3.23.11 Released!
⚠️ This release contains a security fix that addresses a CSS-based input field value exfiltration vulnerability. If you use Swagger UI to display untrusted OpenAPI documents, you should upgrade to this version ASAP.
Changelog
- fix: mitigate "sequential
@importchaining" vulnerability (via #5616)
v3.23.8: Swagger UI 3.23.8 Released!
This release fixes an issue with Swagger 2.0 required body parameter runtime validation (#5583) that was introduced in v3.23.7.
v3.23.5: Swagger UI 3.23.5 Released!
This release includes a fix to our Markdown parsing implementation that should resolve display issues with certain Markdown strings.
Changelog
- fix: remove problematic Markdown optimization (via #5520)
v3.23.4: Swagger UI 3.23.4 Released!
Changelog
- housekeeping:
@kyleshockey/js-yaml->js-yaml(via #5511) - housekeeping: more
npm auditresolutions (via #5509) - housekeeping: non-breaking dependency updates (via #5515)
v3.23.2: Swagger UI 3.23.2 Released!
This release includes improvements to our Docker container permissions, bug fixes for OpenAPI 3.0 rendering of Responses and Request Bodies, and resolution of most npm audit warnings visible to consumers.
Channgelog
- improvement: allow Swagger UI Docker containers to run as non-root users (via #5476)
- fix: empty ModelExample rendering in a Response w/o
content(via #5504) - fix: use
nullas a notSetValue for examplesForMediaType (via #5503) - housekeeping: resolve (almost) all
npm auditwarnings (via #5457)
v3.23.0: Swagger UI 3.23.0 Released!
This release includes support for OpenAPI 3.0's Examples Object within Parameter, Request Body, and Response Objects.
Changelog
- feature: Multiple Examples for OpenAPI 3 Parameters, Request Bodies, and Responses (via #5427)
Internal API notes
Several things have moved around internally.
If you make heavy use of the Plugin API, this may be of concern to you:
- the
Parameterscomponent no longer has awrapComponentin OpenAPI 3.0. Version-specific logic is now contained within one component. ParameterRownow needsoas3Actionsandoas3Selectorsas props.Responsenow needspathandmethodas props.Responses'shouldComponentUpdatecheck has been removed, it now re-renders as the Redux store changes.RequestBodyEditorhas been heavily modified. It is no longer aware of the underlying request body or schema, and only concerns itself with the string value being edited. It will now also update its own internal state if thevalueprop given to it changes.
v3.22.2: Swagger UI 3.22.2 Released!
Changelog
- improvement: OAS3 $ref friendly-name regex in model.jsx (via #5334)
- improvement: add
isShowncheck to <ModelCollapse />'s propexpandedlogic (via #5331) - improvement: relax schema description styling so Markdown can be effective (via #5340)
- security: CVE-2018-20834 (non-user-facing, via #5368)
v3.22.1: Swagger UI 3.22.1 Released!
[email protected] lacked the changes that were advertised for it in that version - specifically, docExpansion support was missing.
[email protected] is now available with the new changes. See #5294 for more information.
Changelog
- improvement: error message when rendering XML example (via #5253)
- fix: refuse to render non-string Markdown field values (via #5295)
v3.22.0: Swagger UI 3.22.0 Released!
This release introduces a new configuration option (withCredentials) which allows control of Swagger UI's underlying Fetch/XHR instance's credential inclusion mode. You may find this option helpful if your API requires an authentication/authorization scheme that Swagger UI doesn't directly support, but can be handled out-of-band by your browser.
Also notable: GitHub Flavored Markdown table syntax is now supported in our OpenAPI 3 Markdown parser, swagger-ui-react's underlying UI system object is now exposed in the onComplete prop callback, react-addons-perf is removed from our dependencies to avoid BSD+Patents licensing, and we've improved how Markdown is rendered across Swagger UI.
Changelog
- feature: add
withCredentialsconfiguration key (via #5149) - improvement: expose system object in swagger-ui-react's onComplete callback (via #5221)
- improvement: support GFM table syntax in OpenAPI 3.0 (via #5224)
- improvement: expose docExpansion as a prop in swagger-ui-react (via #5242)
- fix: Markdown styling nits and inconsistencies (via #5235)
- fix: generate gzipped Docker assets at runtime (via #5219)
- housekeeping: bump minimum Cypress version (via #5233)
- housekeeping: remove react-addons-perf dependency (via #5229)
- housekeeping: fix typo in README (via #5246)
v3.20.9: Swagger UI 3.20.9 Released!
This release contains a security fix that addresses a cross-site scripting vulnerability. If you use Swagger UI to display untrusted OpenAPI documents, you should upgrade to this version ASAP.
This release also changes Swagger UI's OperationSummary component to better tolerate badly-formed (i.e., non-string) summary fields.
Changelog:
- fix: gracefully handle non-string operation summaries (via #5189, #5191)
- fix: sanitize URLs used for OAuth auth flow (via #5190)
v3.20.8: Swagger UI 3.20.8 Released!
Summary
This release contains styling fixes, support for x-www-form-urlencoded bodies without explicitly-defined request properties, and non-material security fixes from upstream modules.
In order to take advantage of the new X-Requested-With header in OAuth2 token requests, cross-origin APIs (which require CORS configuration) needs to send Access-Control-Allow-Headers: X-Requested-With as part of the OPTIONS response for your token endpoint. A CORS library will handle this for you - visit https://enable-cors.org for more guidance.
Changelog
- improvement: better operation path + summary overflow styling (via #5184)
- improvement: set
X-Requested-Withto prevent browser authentication dialog (via #4934) - fix: provide JSON editor for x-www-form-urlencoded bodies lacking properties (via #5180)
- housekeeping: bump minimum lodash version (via #5156)
v3.20.5: Swagger UI 3.20.5 Released!
Interface changes: None.
Changelog:
- improvement: support Markdown in header descriptions (via #5120)
- improvement: add individual CSS classes to info items (via #5051)
- improvement: show description fields in form-data request bodies (via #5073)
- improvement: render request body description as Markdown (via #5078)
- fix: non-typesafe spec selector (via #5121)
- fix: tag-level deep link escaping inconsistencies (via #5117)
- fix: Immutable property access pattern (via #5112)
- fix: only apply instance-strip transformer to schema errors (via #5110)
v3.20.3: Swagger UI 3.20.3 Released!
Interface changes: none.
Changelog:
- improvement: generate default oauth2RedirectUrl based on page location (via #5085)
- improvement: add Schema/Model switching to ModelExample component (via #5080)
- housekeeping: branding updates (via #5084)
v3.20.2: Swagger UI 3.20.2 Released!
Interface changes: none.
Changelog:
- improvement: OAuth2 UI and test suite (via #5066)
- fix: fall back to default configuration options in subtree resolver calls (via #5063)
- fix: label models section as
Schemasin OpenAPI 3 (via #5065)
v3.20.1: Swagger UI 3.20.1 Released!
Private interface changes:
specSelectors.operationConsumeswas removed in favor of the newspecSelectors.consumesOptionsForselector.
Changelog:
- improvement: hide Servers/Schemes/Authorize section when it's empty (via #4950)
- bugfix: only append type flag to curl if type is defined (via #5041)
- bugfix: apply css only on first child label and span for section header (via #4970)
- bugfix: path-item $ref produces/consumes inheritance (via #5049)
v3.20.0: Swagger UI 3.20.0 Released!
Interface changes: none.
Changelog:
- feature: sample value generation for uuid, hostname, ipv4, & ipv6 formats (via #5033)
- feature: sample value generation for date formats (via #5024)
- improve(docker): bail out + provide helpful error if injection fails (via #5007)
- bugfix: legacy Docker variables being overridden by default values (via #5006)
- bugfix: prevent object inheritance mutations in recursive sampleXmlFromSchema calls (via #5034)
- bugfix: resolve referenced securitySchemes (via #5028)
- docs(installation): fix link to configuration.md (via #5009)
- housekeeping: remove Topbar CWM & unneeded empty lines (via #5018)
- housekeeping:
.js->.jsxfile extensions (via #5014)
v3.19.5: Swagger UI 3.19.5 Released!
Interface changes: A handful of Docker environment variables were added and deprecated, see #4965 and #4987 for more information.
Changelog:
- feature: full-spectrum runtime Docker configuration (via #4965)
- feature: Docker OAuth block support (via #4987)
- fix(packaging): move webpack-dev-server to devDependencies (via #4984)
- housekeeping: move to browser-compatible
xmlfork (via #4985)
v3.19.4: Swagger UI 3.19.4 Released!
Interface changes: whitespaced tags and operation IDs are now percent-encoded when included in deep links. Links generated by older 3.x versions of Swagger UI should continue to work as before, but support for them will be dropped in the next major version of Swagger UI.
Changelog:
- improve(deeplinking): support utf16 tags and IDs (via #4921)
- improve(try-it-out): support RFC5987 Content-Disposition formats (via #4952)
- bug(deeplinking): properly handle whitespaced & underscored tags/ids (via #4953)
Additional work around deep linking was also made in #4960 and #4958.
v3.19.0: Swagger UI 3.19.0 Released!
Interface changes: added CONFIG_URL option for Docker image.
Changelog:
![mend-for-github-com[bot] avatar](https://avatars.githubusercontent.com/in/30796?v=4 "Published by a pub.dev verified publisher"){kind=small}