issues
search
node-red
/
node-red-node-swagger
A set of tools for generating Swagger api documentation based on the HTTP nodes deployed in a flow
Apache License 2.0
63
stars
48
forks
source link
Bump swagger-ui from 2.1.4 to 3.24.0
#68
Closed
dependabot[bot]
closed
4 years ago
dependabot[bot]
commented
4 years ago
Bumps
swagger-ui
from 2.1.4 to 3.24.0.
Release notes
*Sourced from [swagger-ui's releases](https://github.com/swagger-api/swagger-ui/releases).* > ## Swagger UI 3.24.0 Released! > ##### Changelog > > * feature: add PKCE support for OAuth2 Authorization Code flows ([#5361](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5361)) > * fix: `parameterMacro` functionality for OAS3 ([#5617](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5617)) > * fix(validateParam): validate JSON values + support `Parameter.content` ([#5657](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5657)) > * fix: overweight dependencies in PKCE implementation ([#5658](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5658)) > > ## Swagger UI 3.23.11 Released! > ⚠️ **This release contains a security fix that addresses a CSS-based input field value exfiltration vulnerability.** If you use Swagger UI to display untrusted OpenAPI documents, you should upgrade to this version ASAP. > > ### Changelog > > * fix: mitigate "sequential `@import` chaining" vulnerability (via [#5616](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5616)) > > ## Swagger UI 3.23.10 Released! > This release fixes two bugs: one visual issue within static documentation, and another within runtime validation for Array-typed parameters. > > ### Changelog > > * fix: `
` for `type: string` + `enum` schemas ([#5601](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5601)) > * fix: accept string-represented values in required array runtime validation ([#5609](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5609)) > > ## Swagger UI 3.23.9 Released! > This release changes the default value for the `validatorUrl` configuration option from `https://online.swagger.io/validator` to `https://validator.swagger.io/validator`. > > ## Swagger UI 3.23.8 Released! > This release fixes an issue with Swagger 2.0 required body parameter runtime validation ([#5583](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5583)) that was introduced in v3.23.7. > > ## Swagger UI 3.23.7 Released! > This release includes new support for display and Try-It-Out functionality of OAS 3.0 `Parameter.content` values. > > ### Changelog > > * feature: support for `Parameter.content` ([#5571](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5571)) > * housekeeping(dev-deps): babel-plugin-transform-react-remove-prop-types@0.4.24 > * 43db164a 2019-08-27 | docs: clarify that preauthorizeApiKey works for OAS3 Bearer auth too ([#5566](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5566)) > > ## Swagger UI 3.23.6 Released! > This release fixes a React warning originating in Swagger UI and a CSS class name collision with Bootstrap 4.0. > > It also includes several in-range updates to minimum dependency versions. > > #### Changelog > * fix: React warning related to "true" used as boolean (via [#5497](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5497)) > * fix: remove `.col` class that causes collision with Bootstrap (via [#5541](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5541)) > > ## Swagger UI 3.23.5 Released! > This release includes a fix to our Markdown parsing implementation that should resolve display issues with certain Markdown strings. > > ... (truncated)
Commits
- [`7e5974c`](https://github.com/swagger-api/swagger-ui/commit/7e5974c14f95559642ebad5c4dd397a9d54b3602) release: v3.24.0 - [`25025cb`](https://github.com/swagger-api/swagger-ui/commit/25025cb092c7b84721d2bc13d6818fbea0b33f5a) fix: overweight dependencies in PKCE implementation ([#5658](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5658)) - [`75a0e5d`](https://github.com/swagger-api/swagger-ui/commit/75a0e5d5dcbf7446900f4065bb5f28deb03769f4) fix(validateParam): validate JSON parameter values + support `Parameter.conte... - [`71a17f8`](https://github.com/swagger-api/swagger-ui/commit/71a17f801e2390629bb04128f95861b70d2a3816) housekeeping: use HTTPS links in README.md ([#5651](https://github.com/swagger-api/swagger-ui/issues/5651)) - [`7317fff`](https://github.com/swagger-api/swagger-ui/commit/7317fffa3eb210679f4e016a7473af1e23ca1900) housekeeping: add homepage URL to package.json ([#5652](https://github.com/swagger-api/swagger-ui/issues/5652)) - [`9253c0b`](https://github.com/swagger-api/swagger-ui/commit/9253c0bf03ff83aac7b8a51dc83fe087502eef99) improvement: add `\
` tag to oauth2-redirect.html ([#5644](https://github.com/swagger-api/swagger-ui/issues/5644)) - [`139592e`](https://github.com/swagger-api/swagger-ui/commit/139592e353f47ef4f9c567a36624da386c661f17) feat: add PKCE support for OAuth2 Authorization Code flows ([#5361](https://github.com/swagger-api/swagger-ui/issues/5361)) - [`8cabcff`](https://github.com/swagger-api/swagger-ui/commit/8cabcffddf4b7f2d3b8d4890e6ca1267ef34fb34) housekeeping: document Docker `OAUTH2_REDIRECT_URL` option ([#5641](https://github.com/swagger-api/swagger-ui/issues/5641)) - [`fa351aa`](https://github.com/swagger-api/swagger-ui/commit/fa351aa18ddd8f8438dd39967999a6453b8bf605) housekeeping: `npm audit` concerns ([#5640](https://github.com/swagger-api/swagger-ui/issues/5640)) - [`93f7a82`](https://github.com/swagger-api/swagger-ui/commit/93f7a825f557401ed3fbdf4e7827a0495b4e9112) housekeeping(deps): dompurify v2 ([#5634](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5634)) - Additional commits viewable in [compare view](https://github.com/swagger-api/swagger-ui/compare/v2.1.4...v3.24.0) </details> <p><br /></p> <p><a rel="noreferrer nofollow" target="_blank" href="https://help.github.com/articles/configuring-automated-security-fixes"><img referrerpolicy="no-referrer" src="https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=swagger-ui&package-manager=npm_and_yarn&previous-version=2.1.4&new-version=3.24.0" alt="Dependabot compatibility score" /></a></p> <p>Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting <code>@dependabot rebase</code>.</p> <hr /> <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/node-red/node-red-node-swagger/network/alerts). </details> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/jsf-clabot"><img src="https://avatars.githubusercontent.com/u/23005875?v=4" />jsf-clabot</a> commented <strong> 4 years ago</strong> </div> <div class="markdown-body"> <p><a href="https://cla.js.foundation/node-red/node-red-node-swagger?pullRequest=68"><img src="https://cla.js.foundation/pull/badge/not_signed" alt="CLA assistant check" /></a> <br/>Thank you for your submission, we really appreciate it. Like many open source projects, we ask that you sign our <a href="https://cla.js.foundation/node-red/node-red-node-swagger?pullRequest=68">Contributor License Agreement</a> before we can accept your contribution.<br/></p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/dceejay"><img src="https://avatars.githubusercontent.com/u/5375409?v=4" />dceejay</a> commented <strong> 4 years ago</strong> </div> <div class="markdown-body"> <p>Being worked on as part of PR from @JonSilver</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/JonSilver"><img src="https://avatars.githubusercontent.com/u/8831106?v=4" />JonSilver</a> commented <strong> 4 years ago</strong> </div> <div class="markdown-body"> <p>I'll try bumping <code>swagger-ui</code> but there may have been breaking changes in that library... I'll report back once it's been tried.</p> </div> </div> <div class="comment"> <div class="user"> <a rel="noreferrer nofollow" target="_blank" href="https://github.com/dependabot[bot]"><img src="https://avatars.githubusercontent.com/in/29110?v=4" />dependabot[bot]</a> commented <strong> 4 years ago</strong> </div> <div class="markdown-body"> <p>Superseded by #70.</p> </div> </div> <div class="page-bar-simple"> </div> <div class="footer"> <ul class="body"> <li>© <script> document.write(new Date().getFullYear()) </script> Githubissues.</li> <li>Githubissues is a development platform for aggregating issues.</li> </ul> </div> <script src="https://cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.min.js"></script> <script src="/githubissues/assets/js.js"></script> <script src="/githubissues/assets/markdown.js"></script> <script src="https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.4.0/build/highlight.min.js"></script> <script src="https://cdn.jsdelivr.net/gh/highlightjs/cdn-release@11.4.0/build/languages/go.min.js"></script> <script> hljs.highlightAll(); </script> </body> </html>
Bumps swagger-ui from 2.1.4 to 3.24.0.
Release notes
*Sourced from [swagger-ui's releases](https://github.com/swagger-api/swagger-ui/releases).* > ## Swagger UI 3.24.0 Released! > ##### Changelog > > * feature: add PKCE support for OAuth2 Authorization Code flows ([#5361](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5361)) > * fix: `parameterMacro` functionality for OAS3 ([#5617](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5617)) > * fix(validateParam): validate JSON values + support `Parameter.content` ([#5657](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5657)) > * fix: overweight dependencies in PKCE implementation ([#5658](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5658)) > > ## Swagger UI 3.23.11 Released! > ⚠️ **This release contains a security fix that addresses a CSS-based input field value exfiltration vulnerability.** If you use Swagger UI to display untrusted OpenAPI documents, you should upgrade to this version ASAP. > > ### Changelog > > * fix: mitigate "sequential `@import` chaining" vulnerability (via [#5616](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5616)) > > ## Swagger UI 3.23.10 Released! > This release fixes two bugs: one visual issue within static documentation, and another within runtime validation for Array-typed parameters. > > ### Changelog > > * fix: `Commits
- [`7e5974c`](https://github.com/swagger-api/swagger-ui/commit/7e5974c14f95559642ebad5c4dd397a9d54b3602) release: v3.24.0 - [`25025cb`](https://github.com/swagger-api/swagger-ui/commit/25025cb092c7b84721d2bc13d6818fbea0b33f5a) fix: overweight dependencies in PKCE implementation ([#5658](https://github-redirect.dependabot.com/swagger-api/swagger-ui/issues/5658)) - [`75a0e5d`](https://github.com/swagger-api/swagger-ui/commit/75a0e5d5dcbf7446900f4065bb5f28deb03769f4) fix(validateParam): validate JSON parameter values + support `Parameter.conte... - [`71a17f8`](https://github.com/swagger-api/swagger-ui/commit/71a17f801e2390629bb04128f95861b70d2a3816) housekeeping: use HTTPS links in README.md ([#5651](https://github.com/swagger-api/swagger-ui/issues/5651)) - [`7317fff`](https://github.com/swagger-api/swagger-ui/commit/7317fffa3eb210679f4e016a7473af1e23ca1900) housekeeping: add homepage URL to package.json ([#5652](https://github.com/swagger-api/swagger-ui/issues/5652)) - [`9253c0b`](https://github.com/swagger-api/swagger-ui/commit/9253c0bf03ff83aac7b8a51dc83fe087502eef99) improvement: add `\