Update dependency swagger-ui to v3.26.0

[dev-mend-for-github-com]

This PR contains the following updates:

Package	Type	Update	Change
swagger-ui	dependencies	minor	3.2.2 -> 3.26.0

By merging this PR, the issue #1 will be automatically resolved and closed:

Severity	CVSS Score	CVE
Critical	9.8	CVE-2019-17495
Critical	9.8	CVE-2022-37601
High	7.5	CVE-2018-14732
High	7.5	CVE-2021-33623
High	7.3	CVE-2018-3750
High	7.1	CVE-2022-46175
Medium	6.5	CVE-2018-3721
Medium	6.5	CVE-2019-1010266
Medium	6.5	WS-2019-0172
Medium	6.1	WS-2017-3770
Medium	5.4	WS-2018-0593
Medium	5.3	CVE-2020-28500
Medium	5.3	CVE-2020-7693
Medium	5.3	CVE-2021-26540
Medium	5.3	WS-2019-0540
Medium	4.3	WS-2019-0171

---

Release Notes

swagger-api/swagger-ui (swagger-ui)

v3.26.0: Swagger UI 3.26.0 Released!

Compare Source

Features

• Allow to skip submitting empty values in form data (#​5830) (b9b32c9)
• Add empty data param to cURL if no POST request body was given (#​6017)

Bug Fixes

• set default supportedSubmitMethods (#​6030) (3b6942c)
• OAS3 upload file when array items are type=string format=binary (#​6040)
• support generated curl for PUT and PATCH requests (#​5960)
• flaky test: bugs/4641 use wait on route alias (#​6048) (5bbd3e7)

Housekeeping

• SwaggerClient version 3.10.6
• dependency updates

v3.25.5: Swagger UI 3.25.5 Released!

Compare Source

Bug Fixes

• entries can now be generally used again as a key name. special handling of non-FormData entries removed (#​6036) (68185dd), closes #​6033

v3.25.4: Swagger UI 3.25.4 Released!

Compare Source

Bug Fixes

• bump swagger-client to version 3.10.4 and return back compatibility with node.js >= 4
• allow entries as property name (#​6025) (3a65070)

v3.25.3: Swagger UI 3.25.3 Released!

Compare Source

Changelog

• housekeeping: update release-it config
• housekeeping: bump swagger-client version with package-lock (#​6008)
• housekeeping: update dev-e2e-cypress-open script name (#​6005)

Bug Fixes

• curl array support within multipart/form-data (#​3838) (#​5999) (96c7b4c)
• jsonSchemaComponent file/files (#​5997) (#​6000) (65597d1)

v3.25.2: Swagger UI 3.25.2 Released!

Compare Source

Changelog

• feature: JsonSchema components are now ImmutableJS compliant (#​5952)
• fix: remove clearValidation from onTryoutClick (#​5955)

v3.25.1: Swagger UI 3.25.1 Released!

Compare Source

No release summary included.

Changelog

• improvement: render OAS3 parameter type formats (#​5796)
• improvement: showCommonExtensions support for OAS3 parameters (#​5901)
• improvement: support for supportedSubmitMethods property in react component (#​5376)
• improvement: do not require basic password in UI (#​5812)
• improvement: add isShownKey prop to Operation to allow overriding (#​5196)
• fix(docker-image): send relative HTTP 301s from within container (#​5409)
• fix: expanding model when query param showExtensions=true exists (#​5918)
• fix: incorrect PropType in Model ImmutablePureComponent (#​5921)
• fix: OAS3 online validator badge (#​5909)
• housekeeping: add static distribution file documentation (#​5095)
• housekeeping: update plugin api component for failSilently (#​5953)

v3.25.0: Swagger UI 3.25.0 Released!

Compare Source

No release summary included.

Changelog

• feature(swagger-ui-react): defaultModelExpandDepth and plugins props (#​5594)
• improvement: clear auth information from memory when logging out (#​5316)
• improvement: use type 'password' instead of text for client secret (#​5262)
• housekeeping(docs): https path for unpkg link (#​5769)
• housekeeping: fix logo size (#​5702)
• housekeeping: fix npm run lint and npm test on Windows (#​5737)
• housekeeping: npm audit fix (#​5718, #​5772, #​5805)

v3.24.3: Swagger UI 3.24.3 Released!

Compare Source

Changelog

• housekeeping: npm audit fix (#​5718)

v3.24.2: Swagger UI 3.24.2 Released!

Compare Source

This release reverts Swagger UI's upgrade to redux@^4 (via #​5569), which was causing test failures in downstream projects.

v3.24.1: Swagger UI 3.24.1 Released!

Compare Source

⚠️ This release includes security updates. You should upgrade to this version if you use Swagger UI to render untrusted documents.

Specifically, this version updates Swagger UI's dompurify dependency to ^2.0.7, which mitigates our exposure to dompurify's mXSS vulnerability that was disclosed earlier this week.

Changelog

• fix: code highlight styles are now only applied pre.microlight (#​5673)
• housekeeping: npm audit resolutions (#​5681)
• housekeeping(deps): redux v4 (#​5569)
• housekeeping(deps): redux-immutable v4 (#​5639)
• housekeeping(dev-deps): babel monorepo (#​5682)
• housekeeping(dev-deps): [email protected] (#​5683)

v3.24.0: Swagger UI 3.24.0 Released!

Compare Source

Changelog

• feature: add PKCE support for OAuth2 Authorization Code flows (#​5361)
• fix: parameterMacro functionality for OAS3 (#​5617)
• fix(validateParam): validate JSON values + support Parameter.content (#​5657)
• fix: overweight dependencies in PKCE implementation (#​5658)

v3.23.11: Swagger UI 3.23.11 Released!

Compare Source

⚠️ This release contains a security fix that addresses a CSS-based input field value exfiltration vulnerability. If you use Swagger UI to display untrusted OpenAPI documents, you should upgrade to this version ASAP.

Changelog

• fix: mitigate "sequential @import chaining" vulnerability (via #​5616)

v3.23.10: Swagger UI 3.23.10 Released!

Compare Source

This release fixes two bugs: one visual issue within static documentation, and another within runtime validation for Array-typed parameters.

Changelog

• fix: <Select disabled> for type: string + enum schemas (#​5601)
• fix: accept string-represented values in required array runtime validation (#​5609)

v3.23.9: Swagger UI 3.23.9 Released!

Compare Source

This release changes the default value for the validatorUrl configuration option from https://online.swagger.io/validator to https://validator.swagger.io/validator.

v3.23.8: Swagger UI 3.23.8 Released!

Compare Source

This release fixes an issue with Swagger 2.0 required body parameter runtime validation (#​5583) that was introduced in v3.23.7.

v3.23.7: Swagger UI 3.23.7 Released!

Compare Source

This release includes new support for display and Try-It-Out functionality of OAS 3.0 Parameter.content values.

Changelog

• feature: support for Parameter.content (#​5571)
• housekeeping(dev-deps): [email protected]
• 43db164 2019-08-27 | docs: clarify that preauthorizeApiKey works for OAS3 Bearer auth too (#​5566)

v3.23.6: Swagger UI 3.23.6 Released!

Compare Source

This release fixes a React warning originating in Swagger UI and a CSS class name collision with Bootstrap 4.0.

It also includes several in-range updates to minimum dependency versions.

Changelog

• fix: React warning related to "true" used as boolean (via #​5497)
• fix: remove .col class that causes collision with Bootstrap (via #​5541)

v3.23.5: Swagger UI 3.23.5 Released!

Compare Source

This release includes a fix to our Markdown parsing implementation that should resolve display issues with certain Markdown strings.

Changelog

• fix: remove problematic Markdown optimization (via #​5520)

v3.23.4: Swagger UI 3.23.4 Released!

Compare Source

Changelog

• housekeeping: @kyleshockey/js-yaml -> js-yaml (via #​5511)
• housekeeping: more npm audit resolutions (via #​5509)
• housekeeping: non-breaking dependency updates (via #​5515)

v3.23.3: Swagger UI 3.23.3 Released!

Compare Source

This release resolves an undeclared dependency issue visible in [email protected] due to usage of @babel/runtime-corejs2. No source changes were made.

See #​5505 for more information.

v3.23.2: Swagger UI 3.23.2 Released!

Compare Source

This release includes improvements to our Docker container permissions, bug fixes for OpenAPI 3.0 rendering of Responses and Request Bodies, and resolution of most npm audit warnings visible to consumers.

Channgelog

• improvement: allow Swagger UI Docker containers to run as non-root users (via #​5476)
• fix: empty ModelExample rendering in a Response w/o content (via #​5504)
• fix: use null as a notSetValue for examplesForMediaType (via #​5503)
• housekeeping: resolve (almost) all npm audit warnings (via #​5457)

v3.23.1: Swagger UI 3.23.1 Released!

Compare Source

This release fixes a couple of minor regressions introduced in v3.23.0, and also includes improvements to our module sizes and sourcemap quality.

Changelog

• fix: Swagger 2.0 Response.examples (via #​5464 + #​5465)
• fix: enum Select crashes when selecting the empty value (via #​5463)
• housekeeping: upgrade to webpack@4 (via #​5454)
• housekeeping: upgrade to babel@7 (via #​5450)

Note: [email protected] was unpublished due to a bad build being pushed to npm. It will be updated again with the next release of Swagger UI.

v3.23.0: Swagger UI 3.23.0 Released!

Compare Source

This release includes support for OpenAPI 3.0's Examples Object within Parameter, Request Body, and Response Objects.

Changelog

• feature: Multiple Examples for OpenAPI 3 Parameters, Request Bodies, and Responses (via #​5427)

Internal API notes

Several things have moved around internally.

If you make heavy use of the Plugin API, this may be of concern to you:

• the Parameterscomponent no longer has a wrapComponent in OpenAPI 3.0. Version-specific logic is now contained within one component.
• ParameterRow now needs oas3Actions and oas3Selectors as props.
• Response now needs path and method as props.
• Responses' shouldComponentUpdate check has been removed, it now re-renders as the Redux store changes.
• RequestBodyEditor has been heavily modified. It is no longer aware of the underlying request body or schema, and only concerns itself with the string value being edited. It will now also update its own internal state if the value prop given to it changes.

v3.22.3: Swagger UI 3.22.3 Released!

Compare Source

No source changes.

This release moves Swagger UI to [email protected].

v3.22.2: Swagger UI 3.22.2 Released!

Compare Source

Changelog

• improvement: OAS3 $ref friendly-name regex in model.jsx (via #​5334)
• improvement: add isShown check to 's prop expanded logic (via #​5331)
• improvement: relax schema description styling so Markdown can be effective (via #​5340)
• security: CVE-2018-20834 (non-user-facing, via #​5368)

v3.22.1: Swagger UI 3.22.1 Released!

Compare Source

[email protected] lacked the changes that were advertised for it in that version - specifically, docExpansion support was missing.

[email protected] is now available with the new changes. See #​5294 for more information.

Changelog

• improvement: error message when rendering XML example (via #​5253)
• fix: refuse to render non-string Markdown field values (via #​5295)

v3.22.0: Swagger UI 3.22.0 Released!

Compare Source

This release introduces a new configuration option (withCredentials) which allows control of Swagger UI's underlying Fetch/XHR instance's credential inclusion mode. You may find this option helpful if your API requires an authentication/authorization scheme that Swagger UI doesn't directly support, but can be handled out-of-band by your browser.

Also notable: GitHub Flavored Markdown table syntax is now supported in our OpenAPI 3 Markdown parser, swagger-ui-react's underlying UI system object is now exposed in the onComplete prop callback, react-addons-perf is removed from our dependencies to avoid BSD+Patents licensing, and we've improved how Markdown is rendered across Swagger UI.

Changelog

• feature: add withCredentials configuration key (via #​5149)
• improvement: expose system object in swagger-ui-react's onComplete callback (via #​5221)
• improvement: support GFM table syntax in OpenAPI 3.0 (via #​5224)
• improvement: expose docExpansion as a prop in swagger-ui-react (via #​5242)
• fix: Markdown styling nits and inconsistencies (via #​5235)
• fix: generate gzipped Docker assets at runtime (via #​5219)
• housekeeping: bump minimum Cypress version (via #​5233)
• housekeeping: remove react-addons-perf dependency (via #​5229)
• housekeeping: fix typo in README (via #​5246)

v3.21.0: Swagger UI 3.21.0 Released!

Compare Source

This release marks the introduction of a new flavor of Swagger UI: swagger-ui-react.

This new module exports a component for use in React applications, and allows you to use any React version you'd like, without fear of colliding with Swagger UI's internal React version.

We recommend that anyone using Swagger UI within a React application migrate to this module, instead of continuing to mount Swagger UI onto a React-created DOM node by ID.

This release also includes some fixes that improve Swagger UI's handling of rare edge cases in the resolver engine.

Note: this release was also erroneously pushed out as v3.20.10 - both versions' contents are identical.

Changelog

• feature: swagger-ui-react module (via #​5207)
• improvement(docker): gzip static files (via #​5199)
• improvement: gracefully render malformed and empty requestBodies (via #​5208)
• improvement: subtree resolver batch handling (via #​5193)

v3.20.10

Compare Source

v3.20.9: Swagger UI 3.20.9 Released!

Compare Source

This release contains a security fix that addresses a cross-site scripting vulnerability. If you use Swagger UI to display untrusted OpenAPI documents, you should upgrade to this version ASAP.

This release also changes Swagger UI's OperationSummary component to better tolerate badly-formed (i.e., non-string) summary fields.

Changelog:

• fix: gracefully handle non-string operation summaries (via #​5189, #​5191)
• fix: sanitize URLs used for OAuth auth flow (via #​5190)

v3.20.8: Swagger UI 3.20.8 Released!

Compare Source

Summary

This release contains styling fixes, support for x-www-form-urlencoded bodies without explicitly-defined request properties, and non-material security fixes from upstream modules.

In order to take advantage of the new X-Requested-With header in OAuth2 token requests, cross-origin APIs (which require CORS configuration) needs to send Access-Control-Allow-Headers: X-Requested-With as part of the OPTIONS response for your token endpoint. A CORS library will handle this for you - visit https://enable-cors.org for more guidance.

Changelog

• improvement: better operation path + summary overflow styling (via #​5184)
• improvement: set X-Requested-With to prevent browser authentication dialog (via #​4934)
• fix: provide JSON editor for x-www-form-urlencoded bodies lacking properties (via #​5180)
• housekeeping: bump minimum lodash version (via #​5156)

v3.20.7: Swagger UI 3.20.7 Released!

Compare Source

Interface changes: none.

Changelog:

• improvement: generate non-smart Markdown quotes (via #​5162)
• improvement(docker): smaller images via no-cache option (via #​5157)
• fix: coerce multipart initial property values to string (via #​5166)
• fix: gracefully handle malformed global tags array in taggedOperations selector (via #​5159)
• fix: don't trigger url remote document load if urls is provided (via #​5161)
• housekeeping: corresponding changes for swagger-api/swagger-editor#1935 (via #​5170)
• housekeeping: losslessly crush PNG images with pingo (via #​5158)

v3.20.6: Swagger UI 3.20.6 Released!

Compare Source

Interface changes: none.

Changelog:

• improvement(docker): avoid caching mounted json/yml/yaml assets (via #​5151)
• bug: parameter allowEmptyValue + required interactions (via #​5142)
• housekeeping: add React compatibility issue to readme (via #​5141)

v3.20.5: Swagger UI 3.20.5 Released!

Compare Source

Interface changes: None.

Changelog:

• improvement: support Markdown in header descriptions (via #​5120)
• improvement: add individual CSS classes to info items (via #​5051)
• improvement: show description fields in form-data request bodies (via #​5073)
• improvement: render request body description as Markdown (via #​5078)
• fix: non-typesafe spec selector (via #​5121)
• fix: tag-level deep link escaping inconsistencies (via #​5117)
• fix: Immutable property access pattern (via #​5112)
• fix: only apply instance-strip transformer to schema errors (via #​5110)

v3.20.4: Swagger UI 3.20.4 Released!

Compare Source

Interface changes: none.

Changelog:

• fix: urls.primaryName functionality regression (via #​5097)

v3.20.3: Swagger UI 3.20.3 Released!

Compare Source

Interface changes: none.

Changelog:

• improvement: generate default oauth2RedirectUrl based on page location (via #​5085)
• improvement: add Schema/Model switching to ModelExample component (via #​5080)
• housekeeping: branding updates (via #​5084)

v3.20.2: Swagger UI 3.20.2 Released!

Compare Source

Interface changes: none.

Changelog:

• improvement: OAuth2 UI and test suite (via #​5066)
• fix: fall back to default configuration options in subtree resolver calls (via #​5063)
• fix: label models section as Schemas in OpenAPI 3 (via #​5065)

v3.20.1: Swagger UI 3.20.1 Released!

Compare Source

Private interface changes:

• specSelectors.operationConsumes was removed in favor of the new specSelectors.consumesOptionsFor selector.

Changelog:

• improvement: hide Servers/Schemes/Authorize section when it's empty (via #​4950)
• bugfix: only append type flag to curl if type is defined (via #​5041)
• bugfix: apply css only on first child label and span for section header (via #​4970)
• bugfix: path-item $ref produces/consumes inheritance (via #​5049)

v3.20.0: Swagger UI 3.20.0 Released!

Compare Source

Interface changes: none.

Changelog:

• feature: sample value generation for uuid, hostname, ipv4, & ipv6 formats (via #​5033)
• feature: sample value generation for date formats (via #​5024)
• improve(docker): bail out + provide helpful error if injection fails (via #​5007)
• bugfix: legacy Docker variables being overridden by default values (via #​5006)
• bugfix: prevent object inheritance mutations in recursive sampleXmlFromSchema calls (via #​5034)
• bugfix: resolve referenced securitySchemes (via #​5028)
• docs(installation): fix link to configuration.md (via #​5009)
• housekeeping: remove Topbar CWM & unneeded empty lines (via #​5018)
• housekeeping: .js -> .jsx file extensions (via #​5014)

v3.19.5: Swagger UI 3.19.5 Released!

Compare Source

Interface changes: A handful of Docker environment variables were added and deprecated, see #​4965 and #​4987 for more information.

Changelog:

• feature: full-spectrum runtime Docker configuration (via #​4965)
• feature: Docker OAuth block support (via #​4987)
• fix(packaging): move webpack-dev-server to devDependencies (via #​4984)
• housekeeping: move to browser-compatible xml fork (via #​4985)

v3.19.4: Swagger UI 3.19.4 Released!

Compare Source

Interface changes: whitespaced tags and operation IDs are now percent-encoded when included in deep links. Links generated by older 3.x versions of Swagger UI should continue to work as before, but support for them will be dropped in the next major version of Swagger UI.

Changelog:

• improve(deeplinking): support utf16 tags and IDs (via #​4921)
• improve(try-it-out): support RFC5987 Content-Disposition formats (via #​4952)
• bug(deeplinking): properly handle whitespaced & underscored tags/ids (via #​4953)

Additional work around deep linking was also made in #​4960 and #​4958.

v3.19.3: Swagger UI 3.19.3 Released!

Compare Source

This release was made specifically to fix inconsistent plugin behavior related to multiple invocations of Swagger UI, which was patched in #​4923.

v3.19.2: Swagger UI 3.19.2 Released!

Compare Source

This release fixes a regression (#​4912), in which some OpenAPI 3 definitions would not have their Servers block rendered.

v3.19.1: Swagger UI 3.19.1 Released!

Compare Source

Interface changes: none.

Changelog:

• improvement: nest Servers within Schemes container (via #​4911)
• improvement: multipart + formencoded rendering (via #​4910)
• fix: add client_id and client_secret to form when type is request-body (via #​4213)

v3.19.0: Swagger UI 3.19.0 Released!

Compare Source

Interface changes: added CONFIG_URL option for Docker image.

Changelog:

• feat(docker): allow configUrl to be used in Docker (via #​4881)
• fix(docker): make shell script executable (via #​4876)
• fix: tolerate callback parameter values in ParameterRow (via #​4873)
• fix: safeguard Models from non-object schema content (via #​4868)

v3.18.3: Swagger UI 3.18.3 Released!

Compare Source

Interface changes: none.

Changelog:

• bugfix: gracefully handle empty request bodies (via #​4859)
• bugfix: resolved model data invalidation (via #​4858)
• bugfix: remove remaining reference to Titillium webfont (via #​4840)
• housekeeping: integrate Cypress in main test script (via #​4847)
• fix(deeplinking): expand containing tag when expanding an operation (via #​4837)

v3.18.2: Swagger UI 3.18.2 Released!

Compare Source

Interface changes: none.

Changelog:

• improvement: omit deprecated fields in examples (via #​4758)
• improvement: use nginx base Docker image (via #​4796)
• improvement: urlencoded Request Body rendering (via #​4823)
• fix: deep link fragment escaping (via #​4832)
• fix: invalid Operation element IDs for multi-word tags & operationIds (via #​4538, #​4828)
• fix: incorrect usage of lodash.lowerCase (via #​4200)
• meta: introduce Cypress end-to-end testing (via #​4827)

v3.18.1: Swagger UI 3.18.1 Released!

Compare Source

Interface changes: none.

Changelog:

• improvement: slim down Docker build context (via #​4799)
• improvement: move operation JumpToPath (via #​4760)
• improvement: include more error data from authorization call (via #​4801)

v3.18.0: [Security release] Swagger UI 3.18.0 Released!

Compare Source

⚠️ This release contains security fixes. If your OpenAPI documents link to untrusted external URLs, you should upgrade.

Interface changes:

• You may experience issues with this version if you're importing Swagger UI in a non-browser environment (which we don't officially support). Consider loading JSDom beforehand, so that Swagger UI has the DOM APIs it needs access to.
• Links throughout Swagger UI now render with rel="noopener noreferrer", which blocks linked pages from accessing window.opener and the Referrer header.

Changelog:

• feature: "Send empty value" controls for allowEmptyValue parameters (via #​4788)
• bugfix(security): anchor tag safety (via #​4789)
• bugfix: default to empty object for pathItems in updateJsonSpec wrap-action (via #​4785)

v3.17.6: Swagger UI 3.17.6 Released!

Compare Source

Interface changes: none.

Changelog:

• improvement: allow viewing model when Try-It-Out is enabled (via #​4723)
• bugfix(try-it-out): stringify numerical initial values in ParameterRow (via #​4767)

v3.17.5: Swagger UI 3.17.5 Released!

Compare Source

Interface changes: none.

Changelog:

• improvement: refactor Operation component structure (via #​4686)
• improvement: bundle size reductions (#​4713)
• housekeeping: add http-server as a dev-dependency, need for serve-static. (via #​4728)

v3.17.3: Swagger-UI 3.17.3 Released!

Compare Source

Interface changes: none.

Changelog:

• improvement: stop loading resources from third party CDN (via #​4598)
• improvement: handle more invalid Swagger/OpenAPI version values gracefully (via #​4699)
• bugfix: exchange function name of component Try-it-out (via #​4687)
• bugfix: handle formencoded array data correctly (via #​4704)
• bugfix: don't stringify non-object sample values (via #​4704)
• bugfix: support multimedia media types for file upload (#​4705)
• housekeeping: add extraneous module linting (via #​4697)
• housekeeping: migrate back to reselect@2 (via #​4696)
• housekeeping: use bundlesize for status checks (via #​4701)

v3.17.2: Swagger-UI 3.17.2 Released!

Compare Source

Interface changes: none.

Changelog:

• improvement: hash-keyed Try-It-Out parameter value storage (via #​4670)
• improvement: re-enable and improve Models jump-to-path (via #​4671)
• bugfix: respect null values in examples (via #​4679)
• housekeeping: update & clean up various dependencies (via #​4543)

v3.17.1: Swagger UI 3.17.1 Released!

Compare Source

Interface changes: BaseLayout was changed - if you've copied it into your application, you can copy over the new, simplified version.

Changelog:

• improvement: use HTTPS for Petstore (via #​4652)
• bugfix: nested object schema sample generation (via #​4648)
• housekeeping: simplify BaseLayout by creating new container components (via #​4604)
• reverted: dev-only performance tracking (via #​4636)

v3.17.0: Swagger-UI 3.17.0 Released!

Compare Source

Interface changes: none.

Changelog:

• feature: helpful render gating based on document version (via #​4614)
• fix: disable empty values for required + enumerated params (via #​4615)
• fix: initially unset required booleans (via #​4613)
• fix: don't nest urls configuration via docker (via #​4601)
• housekeeping: refactor deep linking into <OperationTag> (via #​4349)

v3.16.0: Swagger-UI 3.16.0 Released!

Compare Source

Interface changes: none.

Changelog:

• feature: OAS3 form and binary media support (via #​4592)
• improvement: disable mangling in the npm module build (via #​4583)
• improvement: resolve URLs for validation service against the page location (via #​4580)
• improvement: add npm start script (via #​4572)

v3.15.0: Swagger-UI 3.15.0 Released!

Compare Source

Interface changes: Docker images are now tagged without a leading v, e.g. 3.15.0 instead of v3.15.10.

Changelog:

• feature: OAS3 object parameter Try-It-Out support (via #​4563)
• improvement: drop leading v from Docker image names (via #​4567)
• bugfix: remove href from Swagger logo (via #​4566)
• bugfix: respect OAS3 parameter default values (via $4561)

v3.14.2: Swagger-UI 3.14.2 Released!

Compare Source

Interface changes: none.

Changelog:

• bugfix: allow Safari browsers to attempt downloading Blob data in Try-It-Out (via #​4541)
• bugfix(a11y): increase model text contract (via #​4540)
• bugfix: always display locally-available title prpoerty as the name for a model, if it is available (via #​4542)

v3.14.1: Swagger-UI 3.14.1 Released!

Compare Source

Interface changes: none.

Changelog:

• improvement: sanitize Markdown via dompurify (via #​4513)
• improvement: timestamps and intelligent file extensions for downloadable live responses (via #​4508)
• meta: multiple issue templates, to encourage higher-quality reports (via #​4519)

v3.14.0: Swagger-UI 3.14.0 Released!

Compare Source

Interface changes: added showCommonExtensions option.

Changelog:

• feature: showCommonExtensions option to show pattern, minLength, maxLength, minimum, and maximum fields for Parameters (via #​4245)
• feature: request and response interceptors can now control remote configuration connections (via #​4489)
• bugfix: path item $ref'd operations are now able to store their metadata correctly (via #​4489)

v3.13.6: Swagger-UI 3.13.6 Released!

Compare Source

Fixes a regression related to parameter normalization that was causing an infinite loop; see https://github.com/swagger-api/swagger-ui/issues/4466 and https://github.com/swagger-api/swagger-ui/issues/4467.

v3.13.5: Swagger-UI v3.13.5 Released!

Compare Source

Interface changes: none.

Changelog:

• enhancement: don't block scrolling if HighlightCode is not scrollable (via #​4463)
• bugfix: Callbacks now render correctly when provided by reference (via #​4454)
• bugfix: HTTP auth form no longer incorrectly retains ol

[dev-mend-for-github-com]

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: package-lock.json