Update dependency swagger-ui to v3.52.5

[dev-mend-for-github-com]

This PR contains the following updates:

Package	Type	Update	Change
swagger-ui	dependencies	minor	3.2.2 -> 3.52.5

This PR resolves the vulnerabilities described in Issue #15

---

Version 3.2.2

Risk Change	Critical	High	Medium	Low
N/A	3	6	14	0

Version 3.52.5

Risk Change	Critical	High	Medium	Low
-100%	0 (-3 )	0 (-6 )	0 (-14 )	0 (--)

Mend ensures you have the greatest risk reduction ("Recommended Fix"-highlighted in green) by removing as many vulnerabilities as possible. Click to see how we calculate risk reduction.

---

Release Notes

swagger-api/swagger-ui (swagger-ui)

v3.52.5: Swagger UI v3.52.5 Released!

Compare Source

Bug Fixes

• highlight-code: handle mousewheel events properly (#​7554) (0fc429f), closes #​7497

v3.52.4: Swagger UI v3.52.4 Released!

Compare Source

Bug Fixes

• fix issue with highlight code scrolling causing console error (#​7497) (#​7519) (24aaa53)
• remove redundant whitespaces in API key auth popup (#​7538) (a740f3d)
• rename request snippets configuration props (#​7535) (90c8a73), closes #​7534
• paths: break long paths with <wbr> (#​7516) (f88334a), closes #​7513
• UI: correct width of HTTP request method names (#​7527) (fc7cdb8), closes #​7479
• ux: update the buttons of the example tabs to be displayed as links (#​7517) (ff5deb3), closes #​7464 #​7464

v3.52.3: Swagger UI v3.52.3 Released!

Compare Source

Bug Fixes

• a11n: provide proper a11n for response example tabs (#​7464) (8ffb1ae), closes #​7463 #​7350
• sample-gen: generate the correct number of properties (#​7432) (f1aab53)
• try-it-out: fix the width of image responses (#​7495) (cc700f0), closes #​5578

v3.52.2: Swagger UI v3.52.2 Released!

Compare Source

Bug Fixes

• Dockerfile: fix security issue in docker image (3c9061e), closes #​7445
• security: fix security issue in prismjs production dep (#​7493) (2a1b710), closes #​7492
• security: fix security issue in url-parse production dep

v3.52.1: Swagger UI v3.52.1 Released!

Compare Source

Bug Fixes

• build-security: do not expose hostname to build framents (#​7491) (fdef4ea), closes #​7446
• security: bump swagger-client to v3.16.1 (5029b81), closes #​7473

v3.52.0: Swagger UI v3.52.0 Released!

Compare Source

Features

• js-yaml: update our main YAML parser to v4.1.0 (no esprima anymore in bundle) (3248428), closes #​6804

v3.51.2: Swagger UI v3.51.2 Released!

Compare Source

Bug Fixes

• deps: bump swagger-client to v3.14.1 (#​7440) (8daf4e4), closes #​7436
• minimum runtime Node.js version is now => 12.4

v3.51.1: Swagger UI v3.51.1 Released!

Compare Source

Bug Fixes

• sample-gen: parameter array missing items fallback (#​7376) (de3d063), closes #​7375

v3.51.0: Swagger UI v3.51.0 Released!

Compare Source

Features

• oas3: Show file upload for schema binary format (#​7325) (13c110a), closes #​5636

Bug Fixes

• sample-gen: oas3 form-data object should generate example (#​7355) (87ded99)
• try-it-out: button and inner text spacing (#​7357) (14be45d)
• ui: parameter placeholder should only display name (#​7123) (3a0f72f)

Deprecation Warning

Swagger UI now requires Node.js v12. Node.js v10 has reached its EOL on 30-04-2021. Documentation has been updated in this PR #​7359

v3.50.0: Swagger UI v3.50.0 Released!

Compare Source

Features

• wrapComponents: new chain configuration option (#​7236) (516e666)

Bug Fixes

• system: allow wrapping selectors in chain (#​7304) (96cdf00), closes #​7157

Deprecation warning

• wrapComponents: The new configuration option introduced in this version sets the default to legacy, with an opt-in setting for chain. In a future version, this configuration option will toggle to chain as default, as it is the intended fixed correct behavior. If your application expects and/or requires the legacy option, please update your application accordingly. If your application is agnostic towards the either chain or legacy, no change is needed.

v3.49.0: Swagger UI v3.49.0 Released!

Compare Source

Features

• Accessibility improvements (#​7224) (72811bd)

Bug Fixes

• download button width (#​7230) (9f62154)

v3.48.0: Swagger UI v3.48.0 Released!

Compare Source

Bug Fixes

• authorization: include oauth endpoint description (#​7195) (5906dfa)
• syntaxHighlighter: request and response examples for json cases (#​7199) (92f1507)
• try-it-out: required properties (#​7206) (53829f1)

Features

• docs: make webpack-getting-started more universal (#​7191) (f239965)

v3.47.1: Swagger UI v3.47.1 Released!

Compare Source

[email protected] was a valid but incomplete release. This release should contain downstream release jobs.

v3.47.0: Swagger UI v3.47.0 Released!

Compare Source

Features

• remove node_native option from request snippets plugin (#​7181) (2373a83)
• dev: migrate to local-web-server (#​7174) (01c8de4)

Bug Fixes

• update snippet generator map to support React 16 (#​7154) (7fc2780)

v3.46.0: Swagger UI v3.46.0 Released!

Compare Source

Features

• sample-gen: infer implicit type and validation constraint types (#​7117) (032bd71)
• download of text/csv now uses .csv extension (#​7141) (75865f3)
• markdown sanitization of form tag (#​7146) (f5b84e5)

Bug Fixes

• add aria label to select element for content types (#​7133) (4abbc62)
• array constraint validation only if value was provided (#​7112) (4103e0f)

Other

• swagger-client: bump to v3.13.2

v3.45.1: Swagger UI v3.45.1 Released!

Compare Source

Bug Fixes

• response examples fallback (#​7065) (9a2b646)
• cypress: tweak to ensure an element exists before test (#​7074) (d17a81e)

v3.45.0: Swagger UI v3.45.0 Released!

Compare Source

Features

• request snippets plugin (#​6910) (8405fa0)
• sample gen should incorporate schema validation constraint (#​7043) (3ead825)

Bug Fixes

• auth: support pkce when using basic auth header (#​7038) (f23a9d6)
• auth: url change should flush auth (#​7046) (219d886)
• sample-gen: allOf, oneOf lifting should consider properties and items (#​7041) (f9e54a2)
• sample-gen: xml attr with media-type example value (#​7045) (902241c)
• ui: prevent example select from overflowing (#​7060) (0723622)
• preserve multipart file part position in requestData (#​7008) (15b8c0c)

v3.44.1: Swagger UI v3.44.1 Released!

Compare Source

Bug Fixes

• json schema array items (#​7007) (2016c18)
• multipart enum initial value not set (#​7004) (68bd61a)
• optional empty validation (#​7003) (d32bd1a)

v3.44.0: Swagger UI v3.44.0 Released!

Compare Source

Bug Fixes

• info: use externalDocsUrl check to render Link (#​6997) (b7d3d1c)
• lint: use semicolons + closing link in html (#​6951) (17093f2)
• lint: put script tag in body in oauth2-redirect.html (#​6958)

Features

• models: collapsed schema content should be clickable (#​6942) (0e6dc04)
• verbose Failed to fetch error (#​6938) (4db2edc)
• docs: sample datepicker plugin with json schema components (#​6939) (ba74c02)

v3.43.0: Swagger UI v3.43.0 Released!

Compare Source

Features

• use example gen for multiple example value retainer examples (#​6920) (fad81f8)
• validate nullable (#​6928) (a2a561e)

Bug Fixes

• support OAuth2 PKCE when using the OIDC authorization_code flow (#​6914) (5e69d3c)
• sample-gen: enum without type should be handled by sample-gen (#​6912) (7ead9ba)

Other

swagger-cllient: version bump to 3.13.1

v3.42.0: Swagger UI v3.42.0 Released!

Compare Source

Features

• enhance parameter validation (#​6878) (5c4dfc2)
• sample-gen multi and form media-type (#​6874) (8ed6c34)

Bug Fixes

• responseBody: json response highlighting (#​6871) (13fea13), closes #​6508

v3.41.1: Swagger UI v3.41.1 Released!

Compare Source

Bug Fixes

• swagger-ui-react: src filename extension to transpile (#​6876) (e538e26)

v3.41.0: Swagger UI v3.41.0 Released!

Compare Source

Features

• sample-gen: yaml sample generation (#​6858) (470e2fe)
• ux: enhance media-type switching experience in RequestBodyEditor (#​6837) (e877580)
• config: add tryItOutEnabled configuration (#​6865) (265bdc0)
• swagger-client: bump to v3.12.2

Bug Fixes

• buildUrl: relative url is invalid URL (OAS3) or non-url (OAS2) (#​6864) (a5eb3dc)
• sample-gen: case yaml parsed example is number but string schema (#​6872) (5b2ad68)
• ux: ensure that optional security schema is rendered without padlock. (#​6839) (eddde95)
• webpack: assets should not be treaded as esModule (#​6861) (cdfb64f)

v3.40.0: Swagger UI v3.40.0 Released!

Compare Source

Features

• doc: added introduction (#​6806) (d80cc40)
• docker: add docker support for persist authorization variable (#​6832) (a7ba55a)
• group / sort parameters by location (#​6745) (ddaee4e)

Bug Fixes

• sample-gen: should render additionalProperties in example (#​6821) (35cb925)
• sample-gen: should return json literal example (#​6827) (a2f7917)
• sample-gen: should return xml literal example (#​6822) (59b42bb)
• spec-selector: isMediaTypeSchemaPropertiesEqual should handle case where literal media-types are equal. (#​6820) (25433c4)
• style: code should should wrap line (#​6831) (7087210), closes #​6764

v3.39.0: Swagger UI v3.39.0 Released!

Compare Source

Features

• ux: Disabled Execute button while request is in progress (#​6776) (2bf39e0)

Bug Fixes

• sample-gen: first oneOf or anyOf should be combined with schema (#​6775) (0f541a1)
• style: response data flows off the screen (#​6764) (85a3ec9)
• examples: Request Body examples should respect media-type (#​6739) (68e9b1b)

v3.38.0: Swagger UI v3.38.0 Released!

Compare Source

Features

• auth: Add OpenID Connect Discovery (OICD) support (#​3517) (#​6549) (0807687)

Bug Fixes

• components: fix keys rendering in React 16 using .entrySeq() (#​6685) (20a8987)
• security fixes applied in [email protected], [email protected], and [email protected]

v3.37.2: Swagger UI v3.37.2 Released!

Compare Source

• chore: update swagger-js to v3.12.1 which brings better support for $ref resolving (#​4765) (#​5625 )
• chore(release): fix release v3.37.1 release
• chore(package): allow auto-update of swagger-client (d3fb9ab)

v3.37.1: Swagger UI v3.37.1 Released!

Compare Source

Warning

This is a failed release which is identical to v3.37.0. Please install v3.37.2 instead.

v3.37.0: Swagger UI v3.37.0 Released!

Compare Source

Features

• swagger-ui-react: add support for layout prop (#​6639) (a6673d7)

Bug Fixes

• examples: properly update memoized value in non-schema case (#​6641) (d2ef8f3), closes #​6631
• xml: example generation if an array has an example (#​6634) (24225e4), closes #​6627

v3.36.2: Swagger UI v3.36.2 Released!

Compare Source

Bug Fixes

• duplicate labels in Servers UI (#​6568) (1f10240)
• externalDocs url for tags when using swagger v2.0 (#​6579) (6db4def)
• schema example: xml gen should follow json gen behavior (#​6555) (288c89b), closes #​6470 #​6540 #​4943
• cypress: oas3-request-body-required flakineess (#​6583) (64ae7af)

v3.36.1: Swagger UI v3.36.1 Released!

Compare Source

• swagger-client: update to v3.12.0. Fixes nested allOf/oneOf schema resolution in #​5194, #​5923, #​4672

Bug Fixes

• cypress: oas3-multiple-media-types flakiness (#​6571) (3925b0c), closes #​6570

v3.36.0: Swagger UI v3.36.0 Released!

Compare Source

Features

• support for showExtensions on Response objects (#​6535) (6a4e52a)

Bug Fixes

• auth: Allow PKCE for legacy AccessCode OAuth2 Grant Type (#​6011) (5a87c8a), closes #​6010
• auth: support for oauth2 relative url (#​6546) (0a807d6)
• auth: add additional autoFocus for http-auth component (#​6527) (8e3e059), closes #​6483
• response examples should respect media-type (#​6456) (87ab4e9)
• duplicate downloading of remote config (#​6544) (50e5f65)
• oauth redirect HTML title tag (#​6533) (17f140b)

v3.35.2: Swagger UI v3.35.2 Released!

Compare Source

Bug Fixes

• oas3: switching media types should update schema properties (#​6518) (3905fad), closes #​6201 #​6250 #​6476

• requestBody: hide read only properties (#​6490) (5065613)

• missing commas in response header values #​6183 (#​6515) (99fda81)

• add autofocus to auth fields (#​6483) (65ea764)

• style: preventing long strings from overflowing (#​5934) (#​6507) (4b2fddd)

• jest: add stub for errActions to prevent unhandled promise rejections #​6365 (#​6495) (537ad6d)

• jest: unknown prop initialValue on input tag (#​6506) (1af8678)

v3.35.1: Swagger UI v3.35.1 Released!

Compare Source

Bug Fixes

• parameter-row: rendering of default/example values of 0 (#​6454) (797929f)

• syntax-highlighter: configuration for Examples (#​6455) (b5e8081), closes #​5259

• examples multipart array sample generation for items (#​6461) (f4bdf2f)

• filter: avoid filtering by the strings "true/false" when enabled (#​6477) (aa53ec2)

• style: inconsistent background colors in code sections (#​6472) (1b11d5c)

• deprecate from "new Buffer" to "Buffer.from" (#​6489) (6c5e91d)

v3.35.0: Swagger UI v3.35.0 Released!

Compare Source

Bug Fixes

• auth: both array and Im.List scopes can be added to redirectURL (#​6416) (95fd3e7)
• swagger-ui-react: Use oneOfType in spec prop validation (fix #​6399) (#​6400) (52360a0)
• sample schema should stringify string values for content-type: text/json (#​6431) (ad630cc), closes #​6412
• try-it-out: required boolean default value set to empty string (#​6449) (f5c709f), closes #​6429

Features

• curl: configuration setting to pass additional options to curl command for "Try it out" (#​6288) (cbe99c8)
• swagger-ui-react: add deeplinking as prop (#​6424) (6b12f15)

v3.34.0: Swagger UI v3.34.0 Released!

Compare Source

Features

• Preserve authorization on browser refresh and close/reopen (#​5939) (96aecc8)
• build: use core-js@3 (#​6410) (ac41813)

Refactor

• build: increase maxEntrypointSize for core-js@3 (#​6419)
• csp: Update how the JavaScript run function is invoked in oauth2-redirect.html (#​6393)

v3.33.0: Swagger UI v3.33.0 Released!

Compare Source

Bug Fixes

• curlify: for -d, handle Immutable vs non-Immutable cases (#​6349) (0c60696)
• curlify: replace all occurrences of $ (#​6354) (89d57fc)
• Add entrySeq() to bodyProperties.map() (#​6267) (0199b47)
• Allowing servers dropdown to change when oas3Actions.setSelectedServer is called (#​6358) (5123b47), closes #​6351
• Updating select to pass in a better prop; updating test to do a better check (#​6385) (6ad418d), closes #​6372
• models view when object key contains deprecated:true (#​6371) (d4eea4d), closes #​6369
• style: servers environment select (#​6367) (7a63ba3)
• style: restore wrapping of long text in pre blocks (#​6377)

Features

• migrate unit tests to Jest (#​6353) (1a27c0a)

v3.32.5: Swagger UI v3.32.5 Released!

Compare Source

Bug Fixes

• operationTag: verify selectedServer exists before invoking (#​6335) (580e906)

v3.32.4: Swagger UI v3.32.4 Released!

Compare Source

Bug Fixes

• remove unused and redux@4 non-compliant system method inside 'err' reducer (#​6330) (6742cbd)
• deps: revert to redux@3 and react-redux@4 (#​6331) (e82aaae)

v3.32.3: Swagger UI v3.32.3 Released!

Compare Source

This release is intended to enable npm to include es2015 bundle files. There are no source code changes in this release.

Bug Fixes

• build: add es-bundle to .npmignore non-exclusion list (#​6328) (560b428)

v3.32.2: Swagger UI v3.32.2 Released!

Compare Source

Bug Fixes

• Models: onLoad should check this.props.layoutSelectors method (#​6307) (168d0ae), closes #​6305
• cypress: deep-linking tests should use cy.location (#​6309) (02e0515)
• cypress: tests should fail on uncaught exception (#​6308) (471c24d), closes #​6305
• cypress: use less restrictive 'include.text' assertion (#​6312)
• build: css stylesheets bundle config and dependency updates (#​6315) (20b32d8)

Security Update

• deps: update react-syntax-highlighter from 12.2.1 to 13.5.0, which includes dependency security update fixed by [email protected] (#​6312)

Additional dependency updates via #​6317, #​6316, #​6313, #​6310

v3.32.1: Swagger UI 3.32.1 Released!

Compare Source

This release should properly include swagger-ui-es-bundle and swagger-ui-es-bundle-core in the /dist directory. There are no other source code changes in this release.

Bug Fixes

• build: initialize new es-bundle files (#​6304) (c362329)

v3.32.0: Swagger UI 3.32.0 Released!

Compare Source

Features

• build: SwaggerUI now also has an es2015 bundle artifact (#​6291) (2eaa6c1)
• swagger-ui-react: SwaggerUI-React now also includes an es2015 module (#​6303) (c575324)

Bug Fixes

• Models: use specPath for isShownKey to toggle models (#​6200) (084b236)
• curl: escape $ in curl request bodies and headers (#​6245) (225a915), closes #​5390
• OAS3: relative urls is now supported (#​5341) (d9f5691)
• OAS3: servers component update on definition change (#​6280) (22668ee)
• requestInterceptor: use async/await to support return new Promise (#​6279) (abcc383), closes #​4778
• html specify charset utf-8 in html script declaration (#​6278) (d7d166d), closes #​5311

v3.31.1: Sw

[dev-mend-for-github-com]

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: package-lock.json