* feat: add tryItOutEnabled configuration
allow users to set tryItOutEnabled: true to display
the "Try it out" section by default
tryItOutEnabled to take === "true" for the
query string value or === true if someone
implements query string type parsing in the query
* Add default configuration `preserveAuthorization`
* Add localStorage to auth plugin
* Add persistAuthorization unit tests
* Refactor persistAuthorization to use wrapped actions
* Upgrade unit tests to be compatible with jest
* Add persistAuthorization documentation
Co-authored-by: Tim Lai <timothy.lai@gmail.com>
* config(jest): updated setup
* config(jest): update testMatch to include jsx files
* config(jest): add transformIgnorePatterns
* config(jest): update ignore files that do not work in jest yet
* config: add test:unit-jest to test script
* fix(jest): lint with eslint-plugin-jest
* refactor(jest): move unit test directory
* refactor(mocha): restore mocha tests that fail in jest
* docs(jest): update helpful scripts with test:unit-jest
This commit changes markdown sanitization behaviour in following way:
class, style and data-* attributes are removed by default. These attributes
open possible vulnerability vectors to attackers.
The original behavior of sanitizer (before this commit) can be enabled by *useUnsafeMarkdown* configuration option.
Use this configuration option with caution and only in cases when you know
what you're doing.
* add `security-audit` script
* npm audit fix
* remove nyc
* nightwatch@1
this breaks the test suite, but it appears to have already regressed. leaving it for another day, TODO: open a backlog ticket
* add `security-audit` script
* disable mocha exclusivity
* update package-lock.json
* cypress@3.4.0
* `npm audit fix`
* @release-it/conventional-changelog@1.1.0
* release-it@12
* Add the withCredentials configuration key
It enables passing credentials in CORS requests. e.g. Cookies and
Authorization headers.
* Improve withCredentials documentation
* Add unit tests for the withCredentials config
* Update configuration.md
* Update configuration.md
* only set `withCredentials` Fetch flag if the config value is truthy
there are some workarounds in the wild today that involve setting `withCredentials` on `system.fn.fetch` directly.
this approach avoids mangling those existing workarounds!
* add more test cases
* Update configs-wrap-actions.js
* Update index.js
* add `onFound` callback to schemas
* add warning to method docs (for #4957)
* implement Docker OAuth2 init block support
* update docs
* add OAUTH_SCOPE_SEPARATOR
* drop OAuth env from Dockerfile and run script
* don't indent the first oauth block line
* drop unused `dedent` import
* touch up warning message
* add more test cases
* return an empty block if no OAuth content is generated
* fix broken doc line
* Updated 'urls' (An array of API definition objects) description.
Updated 'urls' (An array of API definition objects) description to show an actual object array containing two (2) urls, clarifying this configuration-option.
* urls is an array, not a string
* extend getExtensions
Add optional param to getExtensions that can retrieve more stuff
* Add getCommonExtensions
* Trim trailing spaces
* Remove unused parameter
* Move the format inline with the param type
* correction to UnitTest
