search

feathersjs-ecosystem / feathers-swagger

Add documentation to your FeatherJS services and feed them to Swagger UI.
MIT License
225 stars 63 forks source link

[Snyk] Upgrade swagger-ui-dist from 3.22.2 to 3.25.0 #190

Closed snyk-bot closed 2 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to upgrade swagger-ui-dist from 3.22.2 to 3.25.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Release notes
Package name: swagger-ui-dist
  • 3.25.0 - 2020-01-17

    No release summary included.

    Changelog

    • feature(swagger-ui-react): defaultModelExpandDepth and plugins props (#5594)
    • improvement: clear auth information from memory when logging out (#5316)
    • improvement: use type 'password' instead of text for client secret (#5262)
    • housekeeping(docs): https path for unpkg link (#5769)
    • housekeeping: fix logo size (#5702)
    • housekeeping: fix npm run lint and npm test on Windows (#5737)
    • housekeeping: npm audit fix (#5718, #5772, #5805)
  • 3.24.3 - 2019-11-18

    Changelog

    • housekeeping: npm audit fix (#5718)
  • 3.24.2 - 2019-11-04

    This release reverts Swagger UI's upgrade to redux@^4 (via #5569), which was causing test failures in downstream projects.

  • 3.24.1 - 2019-11-04

    ⚠️ This release includes security updates. You should upgrade to this version if you use Swagger UI to render untrusted documents.

    Specifically, this version updates Swagger UI's dompurify dependency to ^2.0.7, which mitigates our exposure to dompurify's mXSS vulnerability that was disclosed earlier this week.

    Changelog

    • fix: code highlight styles are now only applied pre.microlight (#5673)
    • housekeeping: npm audit resolutions (#5681)
    • housekeeping(deps): redux v4 (#5569)
    • housekeeping(deps): redux-immutable v4 (#5639)
    • housekeeping(dev-deps): babel monorepo (#5682)
    • housekeeping(dev-deps): cypress@3.6.0 (#5683)
  • 3.24.0 - 2019-10-12
    Changelog
    • feature: add PKCE support for OAuth2 Authorization Code flows (#5361)
    • fix: parameterMacro functionality for OAS3 (#5617)
    • fix(validateParam): validate JSON values + support Parameter.content (#5657)
    • fix: overweight dependencies in PKCE implementation (#5658)
  • 3.23.11 - 2019-09-20

    ⚠️ This release contains a security fix that addresses a CSS-based input field value exfiltration vulnerability. If you use Swagger UI to display untrusted OpenAPI documents, you should upgrade to this version ASAP.

    Changelog

    • fix: mitigate "sequential @import chaining" vulnerability (via #5616)
  • 3.23.10 - 2019-09-15

    This release fixes two bugs: one visual issue within static documentation, and another within runtime validation for Array-typed parameters.

    Changelog

    • fix: <Select disabled> for type: string + enum schemas (#5601)
    • fix: accept string-represented values in required array runtime validation (#5609)
  • 3.23.9 - 2019-09-10

    This release changes the default value for the validatorUrl configuration option from https://online.swagger.io/validator to https://validator.swagger.io/validator.

  • 3.23.8 - 2019-09-02

    This release fixes an issue with Swagger 2.0 required body parameter runtime validation (#5583) that was introduced in v3.23.7.

  • 3.23.7 - 2019-09-01

    This release includes new support for display and Try-It-Out functionality of OAS 3.0 Parameter.content values.

    Changelog

    • feature: support for Parameter.content (#5571)
    • housekeeping(dev-deps): babel-plugin-transform-react-remove-prop-types@0.4.24
    • 43db164 2019-08-27 | docs: clarify that preauthorizeApiKey works for OAS3 Bearer auth too (#5566)
  • 3.23.6 - 2019-08-24
  • 3.23.5 - 2019-08-10
  • 3.23.4 - 2019-08-03
  • 3.23.3 - 2019-07-30
  • 3.23.2 - 2019-07-30
  • 3.23.1 - 2019-07-13
  • 3.23.0 - 2019-06-29
  • 3.22.3 - 2019-06-08
  • 3.22.2 - 2019-05-22
from swagger-ui-dist GitHub release notes

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs