Update dependency swagger-ui to v4 #16

staging-whitesource-for-github-com · 2024-05-23T08:11:43Z

This PR contains the following updates:

Package	Type	Update	Change
swagger-ui	dependencies	major	`3.2.2` -> `4.1.3`

By merging this PR, the issue #3 will be automatically resolved and closed:

Severity	CVSS Score	CVE
Critical	9.8	CVE-2018-3750
Critical	9.8	CVE-2019-17495
Critical	9.8	CVE-2022-37601
Critical	9.1	CVE-2019-10744
High	8.1	CVE-2022-1650
High	7.5	CVE-2018-14732
High	7.5	CVE-2021-23424
High	7.5	CVE-2021-33623
High	7.5	CVE-2022-24771
High	7.5	CVE-2022-24772
High	7.4	CVE-2020-8203
High	7.2	CVE-2021-23337
High	7.1	CVE-2022-46175
Medium	6.6	WS-2022-0008
Medium	6.5	CVE-2018-3721
Medium	6.5	CVE-2019-1010266
Medium	6.5	WS-2019-0172
Medium	6.1	CVE-2022-0122
Medium	6.1	CVE-2022-0235
Medium	6.1	WS-2017-3770
Medium	5.6	CVE-2018-16487
Medium	5.4	WS-2018-0593
Medium	5.3	CVE-2020-28469
Medium	5.3	CVE-2020-28500
Medium	5.3	CVE-2020-7608
Medium	5.3	CVE-2020-7693
Medium	5.3	CVE-2021-26539
Medium	5.3	CVE-2021-26540
Medium	5.3	CVE-2022-24773
Medium	5.3	CVE-2022-25887
Medium	5.3	WS-2019-0540
Medium	4.3	CVE-2018-25031
Medium	4.3	WS-2019-0171
Low	2.6	CVE-2020-15168

Release Notes

swagger-api/swagger-ui (swagger-ui)

`v4.1.3`: Swagger UI v4.1.3 Released!

Compare Source

Bug Fixes

security: disable reading config params from URL search params (#7697) (01a3e55), closes #4872, security advisory GHSA-qrmm-w75w-3wpx

Note: to re-enable the functionality of reading config params from URL, set new queryConfigEnabled core parameter to true. More info in documentation.

`v4.1.2`: Swagger UI v4.1.2 Released!

Compare Source

Bug Fixes

request JumpToPath component always as container (f3d3898)

`v4.1.1`: Swagger UI v4.1.1 Released!

Compare Source

Bug Fixes

introduce Error Boundaries to handle unexpected failures (#7671) (b299be7), closes #7647

`v4.1.0`: Swagger UI v4.1.0 Released!

Compare Source

Bug Fixes

add source map of css file to swagger-ui-react (#7601) (83021df)
highlight-code: fix regression code highlight behavior (7cc2657), closes #7603
swagger-ui-react: add showExtension propType (4a78313), closes #5892

Features

swagger-ui-react: add request snippets configuration (#7536) (3fea224), closes #7523
swagger-ui-react: add showExtensions option (#7563) (d7ec726), closes #5892
swagger-ui-react: add support of filter prop (#7547) (b71446c), closes #7546

`v4.0.1`: Swagger UI v4.0.1 Released!

Compare Source

Bug Fixes

servers: prevent UI crash when changing Server with variables (fb7e98a), closes #7525

`v4.0.0`: Swagger UI v4.0.0 Released!

Compare Source

Breaking changes

use React 17.x and Redux 4.x

Features

allow using functional components with hooks (c31cb30)

Bug Fixes

param-body: fix loosing focus in Try It when typing (#7548) (5a5a27e), closes #7477
root-inject: handle errors in functional components properly (e364073)
servers: compensate when server list contains a null value (1283f52), closes #7341
ui: eliminate copy button icon misaligned in Firefox (#7542) (f5b0446), closes #7481

Other changes

consolidate production and development dependencies

More information in: https://github.com/swagger-api/swagger-ui/issues/7341
Release article: https://swagger.io/blog/news/what-s-new-in-swaggerui-v4-and-swaggereditor-v4/

`v3.52.5`: Swagger UI v3.52.5 Released!

Compare Source

Bug Fixes

highlight-code: handle mousewheel events properly (#7554) (0fc429f), closes #7497

`v3.52.4`: Swagger UI v3.52.4 Released!

Compare Source

Bug Fixes

fix issue with highlight code scrolling causing console error (#7497) (#7519) (24aaa53)
remove redundant whitespaces in API key auth popup (#7538) (a740f3d)
rename request snippets configuration props (#7535) (90c8a73), closes #7534
paths: break long paths with <wbr> (#7516) (f88334a), closes #7513
UI: correct width of HTTP request method names (#7527) (fc7cdb8), closes #7479
ux: update the buttons of the example tabs to be displayed as links (#7517) (ff5deb3), closes #7464 #7464

`v3.52.3`: Swagger UI v3.52.3 Released!

Compare Source

Bug Fixes

a11n: provide proper a11n for response example tabs (#7464) (8ffb1ae), closes #7463 #7350
sample-gen: generate the correct number of properties (#7432) (f1aab53)
try-it-out: fix the width of image responses (#7495) (cc700f0), closes #5578

`v3.52.2`: Swagger UI v3.52.2 Released!

Compare Source

Bug Fixes

Dockerfile: fix security issue in docker image (3c9061e), closes #7445
security: fix security issue in prismjs production dep (#7493) (2a1b710), closes #7492
security: fix security issue in url-parse production dep

`v3.52.1`: Swagger UI v3.52.1 Released!

Compare Source

Bug Fixes

build-security: do not expose hostname to build framents (#7491) (fdef4ea), closes #7446
security: bump swagger-client to v3.16.1 (5029b81), closes #7473

`v3.52.0`: Swagger UI v3.52.0 Released!

Compare Source

Features

js-yaml: update our main YAML parser to v4.1.0 (no esprima anymore in bundle) (3248428), closes #6804

`v3.51.2`: Swagger UI v3.51.2 Released!

Compare Source

Bug Fixes

deps: bump swagger-client to v3.14.1 (#7440) (8daf4e4), closes #7436
minimum runtime Node.js version is now => 12.4

`v3.51.1`: Swagger UI v3.51.1 Released!

Compare Source

Bug Fixes

sample-gen: parameter array missing items fallback (#7376) (de3d063), closes #7375

`v3.51.0`: Swagger UI v3.51.0 Released!

Compare Source

Features

oas3: Show file upload for schema binary format (#7325) (13c110a), closes #5636

Bug Fixes

sample-gen: oas3 form-data object should generate example (#7355) (87ded99)
try-it-out: button and inner text spacing (#7357) (14be45d)
ui: parameter placeholder should only display name (#7123) (3a0f72f)

Deprecation Warning

Swagger UI now requires Node.js v12. Node.js v10 has reached its EOL on 30-04-2021. Documentation has been updated in this PR #7359

`v3.50.0`: Swagger UI v3.50.0 Released!

Compare Source

Features

wrapComponents: new chain configuration option (#7236) (516e666)

Bug Fixes

system: allow wrapping selectors in chain (#7304) (96cdf00), closes #7157

Deprecation warning

wrapComponents: The new configuration option introduced in this version sets the default to legacy, with an opt-in setting for chain. In a future version, this configuration option will toggle to chain as default, as it is the intended fixed correct behavior. If your application expects and/or requires the legacy option, please update your application accordingly. If your application is agnostic towards the either chain or legacy, no change is needed.

`v3.49.0`: Swagger UI v3.49.0 Released!

Compare Source

Features

Accessibility improvements (#7224) (72811bd)

Bug Fixes

download button width (#7230) (9f62154)

`v3.48.0`: Swagger UI v3.48.0 Released!

Compare Source

Bug Fixes

authorization: include oauth endpoint description (#7195) (5906dfa)
syntaxHighlighter: request and response examples for json cases (#7199) (92f1507)
try-it-out: required properties (#7206) (53829f1)

Features

docs: make webpack-getting-started more universal (#7191) (f239965)

`v3.47.1`: Swagger UI v3.47.1 Released!

Compare Source

[email protected] was a valid but incomplete release. This release should contain downstream release jobs.

`v3.47.0`: Swagger UI v3.47.0 Released!

Compare Source

Features

remove node_native option from request snippets plugin (#7181) (2373a83)
dev: migrate to local-web-server (#7174) (01c8de4)

Bug Fixes

update snippet generator map to support React 16 (#7154) (7fc2780)

`v3.46.0`: Swagger UI v3.46.0 Released!

Compare Source

Features

sample-gen: infer implicit type and validation constraint types (#7117) (032bd71)
download of text/csv now uses .csv extension (#7141) (75865f3)
markdown sanitization of form tag (#7146) (f5b84e5)

Bug Fixes

add aria label to select element for content types (#7133) (4abbc62)
array constraint validation only if value was provided (#7112) (4103e0f)

Other

swagger-client: bump to v3.13.2

`v3.45.1`: Swagger UI v3.45.1 Released!

Compare Source

Bug Fixes

response examples fallback (#7065) (9a2b646)
cypress: tweak to ensure an element exists before test (#7074) (d17a81e)

`v3.45.0`: Swagger UI v3.45.0 Released!

Compare Source

Features

request snippets plugin (#6910) (8405fa0)
sample gen should incorporate schema validation constraint (#7043) (3ead825)

Bug Fixes

auth: support pkce when using basic auth header (#7038) (f23a9d6)
auth: url change should flush auth (#7046) (219d886)
sample-gen: allOf, oneOf lifting should consider properties and items (#7041) (f9e54a2)
sample-gen: xml attr with media-type example value (#7045) (902241c)
ui: prevent example select from overflowing (#7060) (0723622)
preserve multipart file part position in requestData (#7008) (15b8c0c)

`v3.44.1`: Swagger UI v3.44.1 Released!

Compare Source

Bug Fixes

json schema array items (#7007) (2016c18)
multipart enum initial value not set (#7004) (68bd61a)
optional empty validation (#7003) (d32bd1a)

`v3.44.0`: Swagger UI v3.44.0 Released!

Compare Source

Bug Fixes

info: use externalDocsUrl check to render Link (#6997) (b7d3d1c)
lint: use semicolons + closing link in html (#6951) (17093f2)
lint: put script tag in body in oauth2-redirect.html (#6958)

Features

models: collapsed schema content should be clickable (#6942) (0e6dc04)
verbose Failed to fetch error (#6938) (4db2edc)
docs: sample datepicker plugin with json schema components (#6939) (ba74c02)

`v3.43.0`: Swagger UI v3.43.0 Released!

Compare Source

Features

use example gen for multiple example value retainer examples (#6920) (fad81f8)
validate nullable (#6928) (a2a561e)

Bug Fixes

support OAuth2 PKCE when using the OIDC authorization_code flow (#6914) (5e69d3c)
sample-gen: enum without type should be handled by sample-gen (#6912) (7ead9ba)

Other

swagger-cllient: version bump to 3.13.1

`v3.42.0`: Swagger UI v3.42.0 Released!

Compare Source

Features

enhance parameter validation (#6878) (5c4dfc2)
sample-gen multi and form media-type (#6874) (8ed6c34)

Bug Fixes

responseBody: json response highlighting (#6871) (13fea13), closes #6508

`v3.41.1`: Swagger UI v3.41.1 Released!

Compare Source

Bug Fixes

swagger-ui-react: src filename extension to transpile (#6876) (e538e26)

`v3.41.0`: Swagger UI v3.41.0 Released!

Compare Source

Features

sample-gen: yaml sample generation (#6858) (470e2fe)
ux: enhance media-type switching experience in RequestBodyEditor (#6837) (e877580)
config: add tryItOutEnabled configuration (#6865) (265bdc0)
swagger-client: bump to v3.12.2

Bug Fixes

buildUrl: relative url is invalid URL (OAS3) or non-url (OAS2) (#6864) (a5eb3dc)
sample-gen: case yaml parsed example is number but string schema (#6872) (5b2ad68)
ux: ensure that optional security schema is rendered without padlock. (#6839) (eddde95)
webpack: assets should not be treaded as esModule (#6861) (cdfb64f)

`v3.40.0`: Swagger UI v3.40.0 Released!

Compare Source

Features

doc: added introduction (#6806) (d80cc40)
docker: add docker support for persist authorization variable (#6832) (a7ba55a)
group / sort parameters by location (#6745) (ddaee4e)

Bug Fixes

sample-gen: should render additionalProperties in example (#6821) (35cb925)
sample-gen: should return json literal example (#6827) (a2f7917)
sample-gen: should return xml literal example (#6822) (59b42bb)
spec-selector: isMediaTypeSchemaPropertiesEqual should handle case where literal media-types are equal. (#6820) (25433c4)
style: code should should wrap line (#6831) (7087210), closes #6764

`v3.39.0`: Swagger UI v3.39.0 Released!

Compare Source

Features

ux: Disabled Execute button while request is in progress (#6776) (2bf39e0)

Bug Fixes

sample-gen: first oneOf or anyOf should be combined with schema (#6775) (0f541a1)
style: response data flows off the screen (#6764) (85a3ec9)
examples: Request Body examples should respect media-type (#6739) (68e9b1b)

`v3.38.0`: Swagger UI v3.38.0 Released!

Compare Source

Features

auth: Add OpenID Connect Discovery (OICD) support (#3517) (#6549) (0807687)

Bug Fixes

components: fix keys rendering in React 16 using .entrySeq() (#6685) (20a8987)
security fixes applied in [email protected], [email protected], and [email protected]

`v3.37.2`: Swagger UI v3.37.2 Released!

Compare Source

chore: update swagger-js to v3.12.1 which brings better support for $ref resolving (#4765) (#5625 )
chore(release): fix release v3.37.1 release
chore(package): allow auto-update of swagger-client (d3fb9ab)

`v3.37.1`: Swagger UI v3.37.1 Released!

Compare Source

Warning

This is a failed release which is identical to v3.37.0. Please install v3.37.2 instead.

`v3.37.0`: Swagger UI v3.37.0 Released!

Compare Source

Features

swagger-ui-react: add support for layout prop (#6639) (a6673d7)

Bug Fixes

examples: properly update memoized value in non-schema case (#6641) (d2ef8f3), closes #6631
xml: example generation if an array has an example (#6634) (24225e4), closes #6627

`v3.36.2`: Swagger UI v3.36.2 Released!

Compare Source

Bug Fixes

duplicate labels in Servers UI (#6568) (1f10240)
externalDocs url for tags when using swagger v2.0 (#6579) (6db4def)
schema example: xml gen should follow json gen behavior (#6555) (288c89b), closes #6470 #6540 #4943
cypress: oas3-request-body-required flakineess (#6583) (64ae7af)

`v3.36.1`: Swagger UI v3.36.1 Released!

Compare Source

swagger-client: update to v3.12.0. Fixes nested allOf/oneOf schema resolution in #5194, #5923, #4672

Bug Fixes

cypress: oas3-multiple-media-types flakiness (#6571) (3925b0c), closes #6570

`v3.36.0`: Swagger UI v3.36.0 Released!

Compare Source

Features

support for showExtensions on Response objects (#6535) (6a4e52a)

Bug Fixes

auth: Allow PKCE for legacy AccessCode OAuth2 Grant Type (#6011) (5a87c8a), closes #6010
auth: support for oauth2 relative url (#6546) (0a807d6)
auth: add additional autoFocus for http-auth component (#6527) (8e3e059), closes #6483
response examples should respect media-type (#6456) (87ab4e9)
duplicate downloading of remote config (#6544) (50e5f65)
oauth redirect HTML title tag (#6533) (17f140b)

`v3.35.2`: Swagger UI v3.35.2 Released!

Compare Source

Bug Fixes

oas3: switching media types should update schema properties (#6518) (3905fad), closes #6201 #6250 #6476
requestBody: hide read only properties (#6490) (5065613)
missing commas in response header values #6183 (#6515) (99fda81)
add autofocus to auth fields (#6483) (65ea764)
style: preventing long strings from overflowing (#5934) (#6507) (4b2fddd)
jest: add stub for errActions to prevent unhandled promise rejections #6365 (#6495) (537ad6d)
jest: unknown prop initialValue on input tag (#6506) (1af8678)

`v3.35.1`: Swagger UI v3.35.1 Released!

Compare Source

Bug Fixes

parameter-row: rendering of default/example values of 0 (#6454) (797929f)
syntax-highlighter: configuration for Examples (#6455) (b5e8081), closes #5259
examples multipart array sample generation for items (#6461) (f4bdf2f)
filter: avoid filtering by the strings "true/false" when enabled (#6477) (aa53ec2)
style: inconsistent background colors in code sections (#6472) (1b11d5c)
deprecate from "new Buffer" to "Buffer.from" (#6489) (6c5e91d)

`v3.35.0`: Swagger UI v3.35.0 Released!

Compare Source

Bug Fixes

auth: both array and Im.List scopes can be added to redirectURL (#6416) (95fd3e7)
swagger-ui-react: Use oneOfType in spec prop validation (fix #6399) (#6400) (52360a0)
sample schema should stringify string values for content-type: text/json (#6431) (ad630cc), closes #6412
try-it-out: required boolean default value set to empty string (#6449) (f5c709f), closes #6429

Features

curl: configuration setting to pass additional options to curl command for "Try it out" (#6288) (cbe99c8)
swagger-ui-react: add deeplinking as prop (#6424) (6b12f15)

`v3.34.0`: Swagger UI v3.34.0 Released!

Compare Source

Features

Preserve authorization on browser refresh and close/reopen (#5939) ([96aecc8](https://redirect.github.com/swagger-api/swagger-ui/commit/96aecc8860a906d2

Update dependency swagger-ui to v4

35576bc

staging-whitesource-for-github-com bot added the security fix Security fix generated by Mend label May 23, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependency swagger-ui to v4 #16

Update dependency swagger-ui to v4 #16

staging-whitesource-for-github-com bot commented May 23, 2024 •

edited

Loading

Update dependency swagger-ui to v4 #16

Are you sure you want to change the base?

Update dependency swagger-ui to v4 #16

Conversation

staging-whitesource-for-github-com bot commented May 23, 2024 • edited Loading

Release Notes

v4.1.3: Swagger UI v4.1.3 Released!

Bug Fixes

v4.1.2: Swagger UI v4.1.2 Released!

Bug Fixes

v4.1.1: Swagger UI v4.1.1 Released!

Bug Fixes

v4.1.0: Swagger UI v4.1.0 Released!

Bug Fixes

Features

v4.0.1: Swagger UI v4.0.1 Released!

Bug Fixes

v4.0.0: Swagger UI v4.0.0 Released!

Breaking changes

Features

Bug Fixes

Other changes

v3.52.5: Swagger UI v3.52.5 Released!

Bug Fixes

v3.52.4: Swagger UI v3.52.4 Released!

Bug Fixes

v3.52.3: Swagger UI v3.52.3 Released!

Bug Fixes

v3.52.2: Swagger UI v3.52.2 Released!

Bug Fixes

v3.52.1: Swagger UI v3.52.1 Released!

Bug Fixes

v3.52.0: Swagger UI v3.52.0 Released!

Features

v3.51.2: Swagger UI v3.51.2 Released!

Bug Fixes

v3.51.1: Swagger UI v3.51.1 Released!

Bug Fixes

v3.51.0: Swagger UI v3.51.0 Released!

Features

Bug Fixes

Deprecation Warning

v3.50.0: Swagger UI v3.50.0 Released!

Features

Bug Fixes

Deprecation warning

v3.49.0: Swagger UI v3.49.0 Released!

Features

Bug Fixes

v3.48.0: Swagger UI v3.48.0 Released!

Bug Fixes

Features

v3.47.1: Swagger UI v3.47.1 Released!

v3.47.0: Swagger UI v3.47.0 Released!

Features

Bug Fixes

v3.46.0: Swagger UI v3.46.0 Released!

Features

Bug Fixes

Other

v3.45.1: Swagger UI v3.45.1 Released!

Bug Fixes

v3.45.0: Swagger UI v3.45.0 Released!

Features

Bug Fixes

v3.44.1: Swagger UI v3.44.1 Released!

Bug Fixes

v3.44.0: Swagger UI v3.44.0 Released!

Bug Fixes

Features

v3.43.0: Swagger UI v3.43.0 Released!

Features

Bug Fixes

Other

v3.42.0: Swagger UI v3.42.0 Released!

Features

Bug Fixes

v3.41.1: Swagger UI v3.41.1 Released!

Bug Fixes

v3.41.0: Swagger UI v3.41.0 Released!

staging-whitesource-for-github-com bot commented May 23, 2024 •

edited

Loading

`v4.1.3`: Swagger UI v4.1.3 Released!

`v4.1.2`: Swagger UI v4.1.2 Released!

`v4.1.1`: Swagger UI v4.1.1 Released!

`v4.1.0`: Swagger UI v4.1.0 Released!

`v4.0.1`: Swagger UI v4.0.1 Released!

`v4.0.0`: Swagger UI v4.0.0 Released!

`v3.52.5`: Swagger UI v3.52.5 Released!

`v3.52.4`: Swagger UI v3.52.4 Released!

`v3.52.3`: Swagger UI v3.52.3 Released!

`v3.52.2`: Swagger UI v3.52.2 Released!

`v3.52.1`: Swagger UI v3.52.1 Released!

`v3.52.0`: Swagger UI v3.52.0 Released!

`v3.51.2`: Swagger UI v3.51.2 Released!

`v3.51.1`: Swagger UI v3.51.1 Released!

`v3.51.0`: Swagger UI v3.51.0 Released!

`v3.50.0`: Swagger UI v3.50.0 Released!

`v3.49.0`: Swagger UI v3.49.0 Released!

`v3.48.0`: Swagger UI v3.48.0 Released!

`v3.47.1`: Swagger UI v3.47.1 Released!

`v3.47.0`: Swagger UI v3.47.0 Released!

`v3.46.0`: Swagger UI v3.46.0 Released!

`v3.45.1`: Swagger UI v3.45.1 Released!

`v3.45.0`: Swagger UI v3.45.0 Released!

`v3.44.1`: Swagger UI v3.44.1 Released!

`v3.44.0`: Swagger UI v3.44.0 Released!

`v3.43.0`: Swagger UI v3.43.0 Released!

`v3.42.0`: Swagger UI v3.42.0 Released!

`v3.41.1`: Swagger UI v3.41.1 Released!

`v3.41.0`: Swagger UI v3.41.0 Released!

`v3.40.0`: Swagger UI v3.40.0 Released!

`v3.39.0`: Swagger UI v3.39.0 Released!

`v3.38.0`: Swagger UI v3.38.0 Released!

`v3.37.2`: Swagger UI v3.37.2 Released!

`v3.37.1`: Swagger UI v3.37.1 Released!

`v3.37.0`: Swagger UI v3.37.0 Released!

`v3.36.2`: Swagger UI v3.36.2 Released!

`v3.36.1`: Swagger UI v3.36.1 Released!

`v3.36.0`: Swagger UI v3.36.0 Released!

`v3.35.2`: Swagger UI v3.35.2 Released!

`v3.35.1`: Swagger UI v3.35.1 Released!

`v3.35.0`: Swagger UI v3.35.0 Released!

`v3.34.0`: Swagger UI v3.34.0 Released!