kyy/swagger-ui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,668 Commits 1 Branch 0 Tags
f464ba2d31674570d462f4e1c17ab58636d4c211
Commit Graph

5 Commits

Author SHA1 Message Date
kyy
f464ba2d31 Update swagger-ui
Some checks failed
Node.js CI / build (push) Failing after 2s
Details
Node.js CI / e2e-tests (+(a11y|security|bugs)/**/*cy.js) (push) Failing after 2s
Details
Node.js CI / e2e-tests (features/**/!(o|d|m)*.cy.js) (push) Failing after 2s
Details
Node.js CI / e2e-tests (features/**/+(o|d)*.cy.js) (push) Failing after 2s
Details
Node.js CI / e2e-tests (features/**/m*.cy.js) (push) Failing after 2s
Details
CodeQL / Analyze (javascript) (push) Failing after 2m49s
Details
Security scan for docker image / build (push) Failing after 54s
Details
2025-06-24 13:40:26 +09:00
Vladimir Gorej
01a3e55960 fix(security): disable reading config params from URL search params (#7697) 
Reading configuration parameters from URL search params 
is by default no longer enabled. To re-enable it, set queryConfigEnabled
configuration parameter to true.

Functionally, this is a breaking change, but given we're just providing
a security vulnerability patch we're considering this a PATCH version bump
only.

Refs #4872
Refs https://github.com/swagger-api/swagger-ui/security/advisories/GHSA-qrmm-w75w-3wpx
 2021-12-09 17:28:17 +01:00
kyle
02758b8125 bugfix: legacy Docker variables being overridden by default values (via #5006) 
* add `onFound` callback to schemas

* add warning to method docs (for #4957)

* implement Docker OAuth2 init block support

* update docs

* add OAUTH_SCOPE_SEPARATOR

* drop OAuth env from Dockerfile and run script

* don't indent the first oauth block line

* drop unused `dedent` import

* touch up warning message

* add more test cases

* return an empty block if no OAuth content is generated

* fix broken doc line

* allow legacy values to override base values
 2018-11-06 01:57:20 +00:00
kyle
c6eb8edb5f feature: Docker OAuth block support (via #4987) 
* add `onFound` callback to schemas
* add warning to method docs (for #4957)
* implement Docker OAuth2 init block support
* update docs
* add OAUTH_SCOPE_SEPARATOR
* drop OAuth env from Dockerfile and run script
* don't indent the first oauth block line
* drop unused `dedent` import
* touch up warning message
* add more test cases
* return an empty block if no OAuth content is generated
* fix broken doc line
 2018-11-01 18:52:13 -04:00
kyle
31a8b13777 feature: full-spectrum runtime Docker configuration (via #4965) 
* reorganize docker things

* Configurator WIP

* implement Docker runtime config generator

* add tests

* update documentation

* fix Markdown tables

* Move Docker section

* add note to README

* move up `nodejs` install for more aggressive caching

* drop exclusive test

* fix missing `DISPLAY_OPERATION_ID`
 2018-11-01 14:53:29 -04:00