thibaud-lclr/api-client
1
0
Fork 0
Code Packages Activity Actions
6123 commits 1 branch 0 tags 94 MiB
Commit graph

2482 commits

Author SHA1 Message Date
Anwarul Islam
088ea9f4dc
feat(common): remove functions to utilize ref_id when IDs are not provided (#5898) 
Co-authored-by: nivedin <nivedinp@gmail.com>
 2026-03-27 18:22:31 +05:30
Nahid Hasan
60c607c185
fix: validate device-login redirect_uri to prevent token theft via DNS wildcard bypass (#6012) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-03-27 14:45:46 +05:30
Shreyas
c690937fd1
fix(desktop): add missing backport changes (#6047) 
read_log Tauri command (path.rs + lib.rs registration) and
 plugin-appload ref (168ff95 → 0d58d53) were missed during
 the initial SHC backport.
 2026-03-26 23:26:21 +05:30
Shekhu☺️
b728f5da24
fix(common): handle File objects in HAR postData text resolution (#5917) 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-03-26 20:56:36 +05:30
Gadam Jumayev
744f434698
fix(common): use operation title as fallback in OpenAPI import (#5950) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-03-26 20:51:30 +05:30
James George
37b06fb07e fix(selfhost-web): restore numpad support for first/last tab shortcuts 
Follow-up for #6009: restore `Ctrl+Alt+Numpad9/0` tab switching in Desktop App.
Add `Numpad9/Numpad0` with the same NumLock guard used in `keybindings.ts`.
 2026-03-26 19:38:14 +05:30
Shreyas
ce0fdeccfb
fix: keyboard shortcuts on non-English layouts (#6009) 
Co-authored-by: sahilkhan09k <181699039+sahilkhan09k@users.noreply.github.com>
Co-authored-by: 04cb <111667698+04cb@users.noreply.github.com>
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-03-26 19:06:00 +05:30
Shreyas
8aac537c7a
feat(desktop): cloud for orgs support - phase 3 (#6043) 2026-03-26 18:00:51 +05:30
Nivedin
f690d5969a
refactor(common): route mock server and published docs operations through platform backend (#6036) 2026-03-26 00:41:36 +05:30
Mir Arif Hasan
59c1b595a6
feat: show user workspace memberships in admin dashboard (#5968) 
Co-authored-by: Anwarul Islam <anwaarulislaam@gmail.com>
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-03-26 00:28:36 +05:30
Mir Arif Hasan
06bdd7ca6a
feat: add MAILER_SMTP_IGNORE_TLS and optional SMTP auth (#5972) 
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-03-25 23:30:46 +05:30
Mir Arif Hasan
da3b8c5d37
fix(backend): prevent stored XSS via mock server responses and cross-team request moves (#6006) 
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-03-25 16:16:38 +05:30
Mir Arif Hasan
2fcf5b7a5f
chore: security patch for the dependency chain v2026.3.0 (#6013) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-03-24 16:34:36 +05:30
James George
e03ffc5d85
fix(common): prevent open redirect in enter page (#5982) 2026-03-20 12:41:31 +05:30
Umut Keltek
402955d55f
fix(desktop): add native Edit menu to enable clipboard shortcuts on Linux (#5920) 
Co-authored-by: curiouscorrelation <curiouscorrelation@gmail.com>
 2026-03-19 23:30:22 +05:30
Daniel Bates
4a61e3464d
fix(common): prevent infinite auth refresh retry loop on permanent token failure (#5893) 
Co-authored-by: nivedin <nivedinp@gmail.com>
 2026-03-19 23:09:01 +05:30
Nikhil
08921786e7
fix: restore tooltips on icon-only buttons inside popover triggers (#5935) 
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-03-18 15:11:15 +05:30
Chhavi Goyal
f012c31ba2
fix(common): fetch full team collection tree on workspace import (#5792) 
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Nivedin <53208152+nivedin@users.noreply.github.com>
 2026-03-17 16:14:51 +05:30
James George
e418a51432
fix(common): prevent stored XSS in team member overflow tooltip (#5984) 2026-03-14 17:26:44 +05:30
Denny Jiang
0bb4824cfa
chore(common): update Chinese translations (#5979) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-03-13 23:59:14 +05:30
Umut Keltek
be536f0ca3
fix(common): persist OAuth2 code challenge method selection (#5921) 
Co-authored-by: Anwarul Islam <anwaarulislaam@gmail.com>
 2026-03-13 23:11:13 +05:30
James George
4cbe23cf00 chore: bump version to 2026.2.1 2026-03-04 19:09:52 +05:30
Mir Arif Hasan
a91acdd6bf
fix(backend): bump Prisma packages to 7.4.2 (#5932) 2026-03-04 11:42:59 +05:30
Shekhu☺️
3876fa9682
fix(common): update documentation link for mock server (#5929) 2026-03-03 15:28:24 +05:30
Mir Arif Hasan
1f4ae3dd88
fix(backend): enforce user ownership when deleting PAT (#5916) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-03-02 23:35:19 +05:30
Mir Arif Hasan
d6ea86dcca
fix(backend): prevent request payload from overriding id and name (#5913) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-03-02 21:50:43 +05:30
Hypo
4594e838d4
fix(common): hide horizontal scrollbar in Firefox for URL input (#5906) 
Co-authored-by: nivedin <nivedinp@gmail.com>
 2026-03-02 16:58:40 +05:30
James George
1119a2209c chore(common): add no_active_orgs_found locale string 2026-02-26 12:38:51 +05:30
Mir Arif Hasan
57be05cdcb
fix(backend): prevent IDOR in user collection and request endpoints (#5902) 2026-02-24 23:32:43 +05:30
Shreyas
02b3dbcf5c
feat(desktop): cloud for orgs platform contract (#5903) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-02-24 23:21:48 +05:30
iDschepe
5ae9639901
fix(common): increase modal dialog width for more screen sizes (#5884) 
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-02-24 21:03:16 +05:30
Leonic
77e420dc6a
fix(common): resolve TypeError when opening request from search results (#5842) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-02-24 15:18:13 +05:30
Eve
562d2919ca
fix(common): constrain variable tooltip to viewport for long values (#5878) 
Co-authored-by: aviu16 <aviu16@users.noreply.github.com>
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-02-23 23:33:14 +05:30
Mir Arif Hasan
803e4633a2
feat: api documentation versioning (#5676) 
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-02-23 20:11:55 +05:30
James George
faf2bfc8eb
feat(common): add foundational support for dropdown-based organization switcher (#5890) 2026-02-23 20:06:10 +05:30
Mir Arif Hasan
a1be60da64
fix(backend): resolve security advisories for IDOR and onboarding bypass (#5897) 
Improve error handling in the onboarding status check

---

Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-02-23 18:11:45 +05:30
James George
55c1cb8290 chore: bump CLI version 2026-02-23 17:47:58 +05:30
James George
a40c491f7a chore: bump version to 2026.2.0 2026-02-23 17:46:08 +05:30
Lubomír Blažek
a37d19bff3
chore(common): update Czech locale with improved translations (#5895) 2026-02-21 14:34:10 +05:30
Shreyas
2e989cf242
chore(common): deprecate legacy interceptor system (#5830) 2026-02-21 14:22:47 +05:30
Leonic
1de672b8bd
feat(sh-admin): add search and pagination to teams list (#5803) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-02-20 14:13:14 +05:30
Mir Arif Hasan
4fe0e376bb
chore: security patch for the dependency chain v2026.2.0 (#5887) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-02-19 12:48:50 +05:30
Chandraprakash Pandey
680439a1b0
fix(common): improve responsive layout and overflow in realtime pages (#5843) 
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-02-18 14:28:43 +05:30
James George
28a6569f42 chore: merge hoppscotch/patch into hoppscotch/next 2026-02-18 11:34:09 +05:30
James George
a22389cda0
fix: auto-recover from corrupted sandbox state (#5874) 2026-02-18 10:25:47 +05:30
Eve
98aa0368fb
fix(common): correctly resolve secret environment variables in basic auth header (#5879) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-02-16 18:21:11 +05:30
Kanhaiya Pandey
2ad2f46e6a
feat(common): URL encode/decode context menu actions (#5782) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-02-16 16:55:47 +05:30
Anwarul Islam
ff906b7c96
fix(common): correctly load mock servers on initialization and workspace change (#5832) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-02-05 15:39:47 +05:30
James George
20bfac04fe chore: bump CLI version 2026-02-05 12:56:11 +05:30
James George
5310b9fb40
fix(cli): strip module prefix before script execution (#5835) 2026-02-05 10:39:04 +05:30
James George
32114fc8ef chore: bump version to 2026.1.1 2026-02-04 22:54:23 +05:30
Nivedin
809c07e84c
fix(common): correctly populate OpenAPI response examples (#5831) 2026-02-04 22:53:17 +05:30
Mir Arif Hasan
bf11e7ee22
chore(backend): upgrade nodemailer dependency to v8 (#5833) 2026-02-04 18:40:13 +05:30
Mir Arif Hasan
37e9207b43
fix(backend): resolve database connection leak in infra-config operations (#5825) 2026-02-04 17:25:00 +05:30
No jae gun
2dc3463b69
fix(backend): use duration instead of timestamp for auth cookie maxAge (#5821) 
The maxAge option in Express's res.cookie() expects a duration in milliseconds, not an absolute timestamp. The previous code was adding `Date.now()` to the validity period, causing cookies to expire decades in the future instead of the intended 1 day / 7 days.

This was particularly problematic on macOS due to stricter cookie handling by Safari/WebKit.

Addresses #5818

Co-authored-by: njg7194 <njg7194@users.noreply.github.com>
 2026-02-04 11:08:07 +05:30
Leonic
3c0938da9d
fix(common): prevent support menu from triggering in editors (#5811) 2026-02-03 23:46:08 +05:30
Mayank Jain
fcf31a4fd8
fix: broken scroll on latest chrome versions (#5816) 
Co-authored-by: nivedin <nivedinp@gmail.com>
 2026-02-03 12:07:54 +05:30
Leonic
fbe0b8fd10
fix(common): handle null request ref in InspectionService for test-runner tabs (#5814) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-01-29 23:09:34 +05:30
James George
645ecb55d8 fix: prevent memory leaks in experimental scripting sandbox (#5800) 
- Cache and reuse a single `FaradayCage` WASM instance to avoid repeated allocations.
- Dispose `InspectionService` watchers via `effectScope` to prevent accumulation on tab switch.
- Use `Set` for environment variable key lookups in validation.
- Dispose Monaco editor models on component unmount.
 2026-01-28 11:47:31 +05:30
James George
913863bd09 chore: bump CLI version 2026-01-23 21:20:36 +05:30
James George
8991f2a490 chore: bump version to 2026.1.0 2026-01-23 21:18:39 +05:30
Leonic
dcc36d2a35
feat(common): display user roles in member stack tooltips (#5793) 2026-01-23 20:44:10 +05:30
abhibarkade
fb09afbd71
feat(common): show full request path in tab tooltip (#5750) 
Co-authored-by: Code3B <97300790+code3b@users.noreply.github.com>
 2026-01-23 20:30:35 +05:30
Shreyas
6348d17955
fix(desktop): use store dir for unified store path (#5799) 
The desktop shell was reading from `instance/hoppscotch-unified.store` while the webapp writes to `store/hoppscotch-unified.store`. This caused the app to lose track of the last connected instance on restart.

Closes FE-1121
 2026-01-23 18:20:00 +05:30
Shreyas
c64928885f
feat(desktop): host mapping infra for cloud orgs (#5795) 2026-01-23 15:07:44 +05:30
Leonic
65046526f0
fix(common): ignore shift keybindings in CodeMirror editors (#5794) 2026-01-23 14:35:02 +05:30
Swanand Keskar
05875cc65b
docs(desktop): add installation instruction using Homebrew (#5790) 
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
 2026-01-23 11:45:58 +05:30
shaezard
1824990980
fix: add teamID/userUid filter to updateMany queries, Fixed Row level locking to prevent deadlocks and achieve ~100x performance improvement (#5647) 
* fix: add teamID/userUid filter to updateMany queries

Prevents cross-user/cross-team orderIndex corruption

* fix: fix orderIndex of existing collections

* feat(backend): add cascade delete for collections

- Add onDelete: Cascade to TeamCollection parent relationship
- Add onDelete: Cascade to UserRequest → UserCollection relationship
- Remove manual recursive deleteCollectionData methods
- Simplify deleteUserCollection and deleteTeamCollection services
- Add Prisma migration for cascade delete foreign keys

Resolves #5654

* refactor(team-collection): remove manual deleteCollectionData method

Resolves #5654

* fix(backend): fixed locking mechanisms for collections and requests

- User/Team Collection/Requests

Resolves #5666

---------

Co-authored-by: Abdur Rahman Daanish <abdurrahman_daanish@intuit.com>
 2026-01-23 00:32:48 +06:00
James George
a998d6c493
feat(js-sandbox): add extensive Web Crypto API support (#5791) 2026-01-22 17:30:06 +05:30
Jorge Alexander Taberoa Jimenez
4e717d79a5
chore(common): complete missing Spanish translations (#5761) 
Co-authored-by: Jorge Alexander Taberoa Jimenez <taberoajorge@users.noreply.github.com>
 2026-01-22 17:07:12 +05:30
Mir Arif Hasan
4f13549ed2
chore: security patch for the dependency chain v2026.1.0 (#5786) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-01-21 23:25:40 +05:30
Nivedin
69c7c2d9ad
fix(common): restore scrolling on response panel (#5783) 2026-01-20 19:26:01 +05:30
James George
27b817f627
feat: migrate ESLint to v9 across packages (#5773) 
Co-authored-by: curiouscorrelation <curiouscorrelation@gmail.com>
 2026-01-20 14:48:55 +05:30
Mir Arif Hasan
992579e285
fix: improve endpoint parsing in parseExample method (#5762) 2026-01-20 12:46:13 +06:00
Anwarul Islam
194c9496aa
fix(common): prevent duplication of request ID when duplicating requests (#5781) 2026-01-19 14:27:58 +05:30
NoobFullStack
4d862c2f4b
feat(common): update and complete Dutch translations for Hoppscotch UI (#5734) 
Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-01-16 22:12:48 +05:30
NoobFullStack
823d9055a2
fix(common): correct typo in repo French locale (#5733) 2026-01-16 19:37:46 +05:30
NarekCodes
818f9ab0ca
feat(common): add armenian translation (#5740) 2026-01-16 19:35:28 +05:30
Gerard Balaoro
bdc2d33f50
feat(common): use jq for JSON response filtering (#5703) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-01-15 15:02:56 +05:30
Chhavi Goyal
bbb7fdf819
fix(common): prevent hang when highlighting large responses (#5714) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-01-15 13:52:17 +05:30
James George
dfe3d05c5a
fix(cli): inherit collection variables in folders without own variables (#5771) 2026-01-14 19:54:36 +05:30
James George
d3144f99fb
fix: strip comments from JSON request bodies in CLI (#5769) 
Fixes collections with JSON comments failing in the CLI with `SerializationException` while working fine in the app, where comments are stripped before sending requests, but the CLI was sending them as-is, breaking APIs like AWS Cognito that expect valid JSON.
 2026-01-14 17:06:30 +05:30
Aaron Fort Garcia
254eb3c958
fix(common): environment variable mapping when referencing other variables (#5704) 2026-01-14 13:12:16 +05:30
aparna-bhatt
6c2128fbed
feat(common): add copy functionality to console output entries (#5743) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2026-01-12 13:24:52 +05:30
James George
84c3e8642c fix: enable scrolling for console tab in response section 
Adds `overflow-auto` to `HttpResponse` component to create a scroll container
that enables console entries to scroll when content exceeds viewport.
Removes unnecessary `overflow-y-auto` from `ConsolePanel` component since scrolling
is now handled at the `HttpResponse` level.

Fixes the console tab scrolling issue by following the same component-level
approach as PR #5695 (Settings/Profile scroll fix).
 2026-01-09 17:11:29 +05:30
Shreyas
b3b609d0b4
perf(desktop): cache store path resolution (#5747) 2026-01-06 14:08:29 +05:30
James George
9693a82a87 chore: bump version to 2025.12.1 2026-01-05 16:15:09 +05:30
James George
f34e06b7d1 fix: remove redundant label on the Desktop App 
Follow up of 67dff5f.
 2026-01-05 16:13:34 +05:30
Mir Arif Hasan
212b15890e
chore: apply ThrottlerBehindProxyGuard across controllers (#5746) 2026-01-05 14:02:56 +06:00
James George
67dff5fe0f refactor: backport cloud for orgs related foundational changes 
- Remove organization branding updates.
- Update `Hoppscotch Cloud` organization sidebar item.
- Ensure organization switcher sidebar isn't displayed on the central cloud instance.
 2025-12-22 13:06:59 +05:30
Stanislav Horáček
29d8b6cc77
chore(common): Czech translation updates (#5672) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-12-21 20:06:14 +05:30
Denny Jiang
7092e77fe0
chore(common): Chinese translation improvements (#5699) 2025-12-21 20:04:49 +05:30
Yun Juhwan
24eb33707c
chore(common): update product name in Korean translation for consistency (#5660) 
Replaces phonetic Korean translations with the original product name, matching the approach used in other Asian locales (ja, cn).
 2025-12-21 19:53:16 +05:30
Anwarul Islam
3c2bc6caf3
feat(common): create and manage example responses in collections (#5652) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
 2025-12-19 23:14:21 +05:30
James George
d91c554fca chore: cleanup organization sidebar i18n strings 
- Remove unused i18n keys (organizations, no_orgs, expand, collapse, status badges).
- Consolidate inactive org tooltips into single key.
- Simplify `multi_account_notice` text for clarity.
 2025-12-19 23:09:23 +05:30
Mir Arif Hasan
442242c8ca
chore: security patch for the quic-go vulnerability (#5710) 
Co-authored-by: James George <25279263+jamesgeorge007@users.noreply.github.com>
Co-authored-by: Nahid Hasan <52489202+nahidhasan94@users.noreply.github.com>
 2025-12-19 21:00:22 +05:30
James George
440868d635 chore: bump version to 2025.12.0 2025-12-19 17:19:24 +05:30
James George
c9d0ea78bb chore: i18n string addition 
Informational message indicating each organization instance maintains its own authentication state.
 2025-12-19 17:18:23 +05:30
Aaron Fort Garcia
c7e453455b
fix(common): resolve Postman API key authorization header import mapping (#5701) 2025-12-19 17:11:22 +05:30
James George
a0bc22968d docs(common): clarify desktop organization switching behavior 2025-12-19 12:48:48 +05:30