kyy/swagger-ui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,538 Commits 1 Branch 0 Tags
97a198bc7671d16740be553f2d5bfed2f1afc2fd
Commit Graph

5538 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Vladimír Gorej
97a198bc76 chore(deps): update swagger-client to v3.19.0 (#8445) 2023-03-06 15:36:04 +01:00
Vladimír Gorej
a88f02bfef fix(docker): use vulnerability free Node.js=>18.14.1-r0 (#8440) 
Node.js@18.12.1-r0 got installed by default.
CVE-2023-24807 was manifesting in image security
scans.

Refs https://github.com/swagger-api/swagger-ui/actions/runs/4310624218/jobs/7519243077
 2023-03-02 15:56:54 +01:00
dependabot[bot]
f606c77ebf chore(deps-dev): bump cssnano from 5.1.12 to 5.1.15 (#8432) 2023-03-01 12:07:53 +00:00
swagger-bot
ea0ee85ee2 chore(release): cut the v4.17.0 release 2023-03-01 10:29:25 +00:00
Vladimír Gorej
1bb4daf784 feat: integrate swagger-client@3.19.0-beta.8 (#8431) 
Refs #8401
 2023-03-01 10:49:54 +01:00
dependabot[bot]
7bd7c46059 chore(deps-dev): bump sinon from 12.0.1 to 15.0.1 (#8429) 
Bumps [sinon](https://github.com/sinonjs/sinon) from 12.0.1 to 15.0.1.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v12.0.1...v15.0.1)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-01 10:43:58 +01:00
dependabot[bot]
17a4eafe98 chore(deps-dev): bump @jest/globals from 27.0.6 to 29.4.3 (#8428) 
Bumps [@jest/globals](https://github.com/facebook/jest/tree/HEAD/packages/jest-globals) from 27.0.6 to 29.4.3.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v29.4.3/packages/jest-globals)

---
updated-dependencies:
- dependency-name: "@jest/globals"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-01 10:34:30 +01:00
swagger-bot
cea6642894 chore(release): cut the v4.16.1 release 2023-02-25 18:18:34 +00:00
Vladimír Gorej
d3a1e9433f revert: integrate swagger-client@3.19.0-beta.7 (#8426) 
swagger-client has been reverted back to ^3.18.5,
because it introduces backward incompatible behavior
for yarn@2 package manager.

Refs 61642927b6
Refs d293555a8f
Refs #8418
 2023-02-25 18:30:28 +01:00
dependabot[bot]
136456be2a chore(deps-dev): bump jsdom from 20.0.0 to 21.1.0 (#8417) 
Bumps [jsdom](https://github.com/jsdom/jsdom) from 20.0.0 to 21.1.0.
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Changelog](https://github.com/jsdom/jsdom/blob/master/Changelog.md)
- [Commits](https://github.com/jsdom/jsdom/compare/20.0.0...21.1.0)

---
updated-dependencies:
- dependency-name: jsdom
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-25 18:24:56 +01:00
dependabot[bot]
cbeb9124b3 chore(deps-dev): bump @commitlint/config-conventional (#8423) 
Bumps [@commitlint/config-conventional](https://github.com/conventional-changelog/commitlint/tree/HEAD/@commitlint/config-conventional) from 16.2.4 to 17.4.4.
- [Release notes](https://github.com/conventional-changelog/commitlint/releases)
- [Changelog](https://github.com/conventional-changelog/commitlint/blob/master/@commitlint/config-conventional/CHANGELOG.md)
- [Commits](https://github.com/conventional-changelog/commitlint/commits/v17.4.4/@commitlint/config-conventional)

---
updated-dependencies:
- dependency-name: "@commitlint/config-conventional"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-25 18:13:32 +01:00
dependabot[bot]
7b47886b38 chore(deps): bump @braintree/sanitize-url from 6.0.0 to 6.0.2 (#8422) 2023-02-24 12:15:44 +00:00
dependabot[bot]
d95428eed2 chore(deps-dev): bump @babel/core from 7.14.6 to 7.21.0 (#8421) 2023-02-24 12:08:42 +00:00
dependabot[bot]
7a6b9244d2 chore(deps-dev): bump react-refresh from 0.11.0 to 0.14.0 (#8420) 2023-02-24 12:01:53 +00:00
dependabot[bot]
fe6ebc68a8 chore(deps-dev): bump json-server from 0.17.0 to 0.17.2 (#8419) 2023-02-24 11:53:15 +00:00
dependabot[bot]
b6648c5493 chore(deps-dev): bump @babel/cli from 7.16.8 to 7.21.0 (#8416) 2023-02-24 11:29:05 +00:00
swagger-bot
e00fefde4e chore(release): cut the v4.16.0 release 2023-02-24 09:38:46 +00:00
Vladimír Gorej
d293555a8f feat: integrate swagger-client@3.19.0-beta.7 (#8415) 
Refs #8401
 2023-02-24 10:11:32 +01:00
Vladimír Gorej
81e7eda996 chore(deps-dev): update dependencies (#8412) 
- bump @commitlint/cli from 16.2.1 to 17.4.4
- bump jest-environment-jsdom from 28.1.3 to 29.4.3

Closes #8399
Closes #8388
 2023-02-23 16:58:03 +01:00
dependabot[bot]
fd0b0a215a chore(deps-dev): bump jest from 28.1.3 to 29.4.3 (#8395) 
Bumps [jest](https://github.com/facebook/jest/tree/HEAD/packages/jest) from 28.1.3 to 29.4.3.
- [Release notes](https://github.com/facebook/jest/releases)
- [Changelog](https://github.com/facebook/jest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/facebook/jest/commits/v29.4.3/packages/jest)

---
updated-dependencies:
- dependency-name: jest
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-23 16:40:57 +01:00
Vladimír Gorej
11957fb868 chore: regenerate package-lock.json (#8411) 
package-lock.json was regenerated using Node@16.13.2
and npm@8.1.2. Along with that, these Node.js and npm
versions were set to .nvmrc file.

Given that the dependency tree now changed,
webpack config resolve aliases needed to be
amended to reflect the current dependency tree.
 2023-02-23 16:34:17 +01:00
Vladimír Gorej
21cfda392f test(cypress): fix tests flakiness by stubbing httpbin.org requests (#8410) 
Closes #8409
 2023-02-23 16:15:44 +01:00
Vladimír Gorej
61642927b6 feat: integrate swagger-client@3.19.0-beta.6 (#8405) 
Refs #8401
 2023-02-23 12:28:43 +01:00
Tim Lai
aaf4843f69 ci(ga): add next branch to build and dependabot workflows (#8394) 2023-02-15 16:01:29 -08:00
Tim Lai
f9240717d7 ci(ga): copy ga workflows from next (#8393) 2023-02-15 15:54:56 -08:00
Tim Lai
33f2a0b804 ci(release): update npm token (#8385) 
* ci(release): update github action for npm package

* ci(release): update npm token
 2023-02-14 14:58:00 -08:00
Tim Lai
e2e2920eda ci(release): update github action for npm package (#8384) 2023-02-14 14:44:33 -08:00
Tim Lai
812403e08f ci(release): update ga for swagger-ui-react to npm publish (#8382) 2023-02-13 12:08:04 -08:00
Tim Lai
9fd26cdb83 ci(release): github actions to release next branch (#8380) 
* swagger-ui
* swagger-ui-react
 2023-02-13 11:09:59 -08:00
dependabot[bot]
fb2eefcaf6 chore(deps): bump @sideway/formula from 3.0.0 to 3.0.1 (#8375) 2023-02-09 00:46:32 +00:00
Vladimír Gorej
773a372f76 chore(SCA): remove all whitesource configs (#8371) 
We've stopped using Whitesource as of 1st January 2023.
 2023-02-06 11:14:23 +01:00
dependabot[bot]
718924bfde chore(deps): bump json5 and babel-plugin-module-resolver (#8369) 2023-02-03 05:17:10 +00:00
dependabot[bot]
b9d8668baf chore(deps): bump http-cache-semantics from 4.1.0 to 4.1.1 (#8368) 2023-02-03 05:04:51 +00:00
dependabot[bot]
f3c6a2552d chore(deps): bump nginx from 1.23.2-alpine to 1.23.3-alpine (#8327) 2022-12-19 11:11:22 +00:00
Vladimír Gorej
f8f674004a ci(dependabot-merge): replace non-functioning merge action (#8306) 
Refs https://github.com/ahmadnassri/action-dependabot-auto-merge/issues/166
 2022-11-24 11:38:01 +01:00
dependabot[bot]
ab36a82b9f chore(deps): bump loader-utils from 1.4.1 to 1.4.2 (#8300) 2022-11-18 00:36:51 +00:00
swagger-bot
118ea1329c chore(release): cut the v4.15.5 release 2022-11-09 06:53:40 +00:00
Tim Lai
c858a266f4 chore: manually bump version from failed release (#8290) 2022-11-08 22:02:32 -08:00
Tim Lai
34b429744e fix(deps): move patch-package to prod deps for ci (#8288) 2022-11-08 19:34:30 -08:00
Tim Lai
6cbee7e80e revert(patch-package): temporarily remove postinstall hook (#8287) 2022-11-08 17:10:21 -08:00
dependabot[bot]
56b671d7d7 chore(deps): bump loader-utils from 1.4.0 to 1.4.1 (#8286) 2022-11-08 23:58:43 +00:00
swagger-bot
aea7886ed1 chore(release): cut the v4.15.3 release 2022-11-08 23:52:46 +00:00
Mathias Spanhove
ffe24d5a83 fix(try-it-out): reset of oas3 requestBody should use default values (#8265) 
Co-authored-by: Mathias Spanhove <mathias.spanhove@katoennatie.com>
 2022-11-08 15:23:19 -08:00
dependabot[bot]
0b8de2c179 chore(deps-dev): bump @babel/preset-env from 7.16.8 to 7.20.2 (#8279) 2022-11-07 19:14:21 +00:00
Florian Dreier
073c31a36a fix: remove IE7 star property hack in tachyons-sass via patch-package (#8266) 
Fixes #8243

Co-authored-by: Tim Lai <timothy.lai@smartbear.com>
 2022-11-07 11:06:02 -08:00
Andreas Born
7b0ac1ae28 fix: show client secret input for PKCE auth code flow (#8268) 
* fix: show client secret input for PKCE auth code flow

PKCE and Client Secrets are allowed to coexist and neither is designed
as a replacement for the other. [1] It is wrong to assume that a client
secret must not or cannot be used in combination with PKCE. Quite the
opposite, when possible both PKCE and client secret should be used. [2]
So the premises of #6290 and #8146 are not correct.

Admittedly, for users of the PKCE mechanism WITHOUT a client secret it
might be a minor nuisance to see the client secret input in the Swagger
UI. But they can just leave it empty. On the other hand, for users of
the PKCE mechanism WITH a client secret it is more than just a nuisance
if the client secret input is not shown. The Swagger UI becomes unusable
for them (unless they've set a default value for the client secret,
which will be used hiddenly without being shown to the user).

Therefore the right course of action for now would be to revert #7438 to
show the client secret input always regardless of PKCE. In the future a
new flag could be introduced to hide the client secret input regardless
of the PKCE flag.

[1] https://oauth.net/2/pkce/
[2] https://www.oauth.com/oauth2-servers/pkce/

* docs: explain why client secret input is shown despite PKCE
 2022-11-04 15:46:38 -07:00
dependabot[bot]
cced547006 chore(deps): bump react-syntax-highlighter from 15.4.5 to 15.5.0 (#8261) 2022-10-27 11:22:15 +00:00
dependabot[bot]
f346cfaeb9 chore(deps-dev): bump @babel/plugin-proposal-object-rest-spread (#8259) 2022-10-26 19:54:26 +00:00
swagger-bot
6ce623329e chore(release): cut the v4.15.2 release 2022-10-26 19:47:11 +00:00
Guillaume Tassery
b010b558f1 fix(ui): handle missing schema reference case for discriminant definitions (#8257) 
Co-authored-by: Tim Lai <timothy.lai@gmail.com>
 2022-10-26 12:14:28 -07:00