Swagger-UI 3.4.3 Released!

Interface changes: validatorUrl: null configuration works again. Pardon the interruption!

• Improvement: raised minimum react and react-dom versions to 15.6.2, ensuring that we always use an MIT-licensed version (via #3805)
• Improvement: added pattern validator to validateParameter (via #3798)
• Improvement: modified validateParameter's logic so that its output is more helpful (via #3839
• Improvement: switched to a new XML beautifier that fixes a large XML response rendering bottleneck (via #3862)
• Improvement: added CSS property to Execute button animation that should lighten the animation's CPU impact (via #3807)
• Improvement: exposed configuration value management to Redux state (via #3813)
• Improvement: refactored SCSS color values into variables (via #3769)
• Improvement: refactored Primitive and Array Model property display into a new Property component, which will be useful for extending model display (via #3861)
• Improvement: added hasHost spec selector for OAS 3.0 (via #3815)
• Bugfix: corrected a sanitizer issue that caused validatorUrl: null configurations to break (via #3852)
• Bugfix: removed extraneous in field for OAS 3.0 Bearer authorizations (via #3844)
• Housekeeping: updated version checking documentation for clarity (via #3854)
• Housekeeping: started caching node_modules for CI builds (via #3845)

Version Diff

Swagger-UI 3.4.2 Released!

Interface changes: none.

⚠️ This UI release includes a security fix. If you use Swagger-UI to load untrusted API definitions, we recommend upgrading to this version.

• Bugfix: filter out malicious schemes in user-supplied hrefs (via #3848)

Swagger-UI 3.4.1 Released!

Interface changes: none.

• Bugfix: Authorize button is no longer displayed within an OAS 3.0 definition if no security schemes are defined (via #3831)
• Bugfix: interceptors are now being handed off to resolver calls correctly, allowing $ref fetches to be intercepted by UI's interceptor options (via #3830)
• Bugfix: Docker image now references SWAGGER_JSON location with a relative reference (via #3810)
• Bugfix: parameter enums now set the first possible value by default when trying out an OAS 3.0 operation (via #3833)
• Bugfix: authorizable definitions are now updated correctly when a different definition is loaded (via #3834)
• Housekeeping: linter no longer allows exclusive tests (describe.only, it.only) which could have resulted in merging bad code (via #3799)
• Housekeeping: added a Pull Request template (via #3829)

Version Diff

Swagger-UI 3.4.0 Released!

Interface changes: none.

• Feature: many OpenAPI 3.0 authentication schemes are now supported (via #3780)
• Improvement: display on mobile is now bearable (via #3746)
• Bugfix: Markdown links are no longer stripped of their hrefs (via #3768)
• Bugfix: response text is no longer the same color as its background (via #3790)
• Bugfix: OpenAPI 3.0 array parameter inputs are now displayed correctly (via #3796)
• Bugfix: requestInterceptor and responseInterceptor options now intercept definition and $ref download requests (via swagger-api/swagger-js#1161)
• Housekeeping: source maps are MOAR helpful (via #3793)

Known issue: OAuth2 security schemes with multiple flows display their state jointly - authorizing one appears to authorize them all. This should not affect your ability to use the flows to authorize requests.

Version Diff

Swagger-UI 3.3.2 Released!

Interface changes: none.

• Improvement: requestInterceptor and responseInterceptor now intercept API definition fetches, and provide a req.loadSpec flag for isolating those requests (via #3738)
• Improvement: empty Try-It-Out responses no longer render as Unknown response type (via #3736)
• Bugfix: rendered Markdown no longer has a margin around it, allowing better alignment of the Responses table (via #3646)
• Bugfix: improved OpenAPI 3.0 parameter value validation (via #3751)
• Bugfix: Authorization locks now display correctly, fixing a regression first present in v3.3.0, released two weeks ago (via #3755)

Version Diff

Swagger-UI 3.3.1 Released!

This hotfix release patches an issue with OpenAPI 3.0 requestBody rendering (see #3718).

Swagger-UI 3.3.0 Released!

Interface changes: added defaultModelRendering and defaultModelExpandDepth configuration options.

• Feature: added ability to control whether "Example Value" or "Model" tab is shown by default, and default model expansion depth (via #3628)
• Feature: added Request URL display for live responses (via #3421)
• Improvement: added Try-It-Out validation for minLength and maxLength (via #3701)
• Improvement: added Try-It-Out validation for minimum and maximum (via #3703)
• Improvement: addressed some Operation styling issues on smaller devices (via #3647)
• Improvement: added Markdown rendering for array model descriptions (via #3531)
• Improvement: disabled Swagger2-specific authentication features for OpenAPI 3.0 definitions, in order to minimize confusion (via #3705)
• Bugfix: file download eligibility is now computed correctly (via #3709)
• Bugfix: path parameters with enums are now injected correctly during Try-It-Out (via #3706)
• Bugfix: Markdown sanitization is now less aggressive, allowing reserved and special characters to pass through (via #3712)

Version Diff

Swagger-UI 3.2.2 Released!

Interface changes: None.

• Improvement: parameters with identical names and different in values can now be controlled correctly (#3511 via #3516)
• Improvement: DateTimes and Guid formatted parameter values are now validated (#993 via #3695)
• Bugfix: primitive model titles are now displayed correctly and styled more consistently (#3633 via #3676)
• Bugfix: tag descriptions are now displayed as Markdown (#3636 via #3690)
• Bugfix: $$ref values are no longer displayed in response examples (#3638 via #3691)
• Bugfix: OAuth2 authorization URLs with query strings are now processed correctly (#3697 via #3666)

Version Diff

Swagger-UI 3.2.1 Released!

Interface changes: None

• Feature: OAS3 API definitions can now control the Accept header for Try-It-Out requests (via #3669)
• Bugfix: model properties are now displayed in the order that they are defined (via #3655)
• Bugfix: models using allOf inheritance now display their names correctly (via #3650)
• Bugfix: deep linking now handles tag names with spaces and special characters (via #3661)

Swagger-UI 3.2.0 Released!

Interface changes: None

• Feature: added basic support for Try-It-Out with OAS 3.0 API definitions (via #3648)
• Bugfix: OAuth redirection now handles location.hash (via #3632)