* feat(snapshot): add session snapshot persistence and restoration
- Add snapshot middleware to persist UI state (tabs, workspaces, environments)
- Add SnapshotManager service in electron for atomic snapshot storage
- Add accessor-based tab serialization using pathname for reliable restoration
- Add loading states for tabs while collections are mounting
- Add hydrateTabs to restore tabs from snapshots on app load
- Add devTools state persistence (console open/height/tab)
* fix(snapshot): preserve unloaded collections and fix async serialization
Make serializeSnapshot async to fetch existing snapshot before saving,
ensuring collections not currently loaded in Redux are preserved. Fix
activeTab serialization to pass collection object instead of just UID.
* refactor(snapshot): rewrite storage to map-based schema with granular IPC
Replace array-based snapshot storage with key-value maps keyed by pathname
for O(1) lookups. Separate tabs into their own top-level map, decoupled
from collections.
- Rewrite SnapshotManager with map-based schema and granular read/write
methods (getWorkspace, getTabs, setCollection, removeWorkspace, etc.)
- Add 12 granular IPC handlers (renderer:snapshot:*) replacing 4 coarse ones
- Update middleware serialization to produce maps; remove activeCollectionUidCache
in favor of lastActiveCollectionPathname on workspace objects
- Fix mountCollection passing collectionUid instead of collection to restoreTabs
- Preserve non-active workspace state from existing snapshot on save
* wip
* refactor: allow migration of old snapshot
* refactor: trim down redundancy
* fix: for workspace state
* feat: fix for finalised schema
* fix: schema cleanup
* chore: simplify
* chore: wait on hydration to finish
* chore: snapshot changes to schema
* chore: fix typo
* fix: switch schema for saving and restoring extras
* chore: correctness changes
* chore: add active in the schema check
* chore: fix lint
* chore: comments
* chore: make writes async
* fix: sorting and cross workspace shared collection fixes
* chore: add version
* fix: wait on hydration
* chore: fix backward compat for ui-snapshots
* chore: dead code removal
* Fix optional chaining in snapshot lookup
---------
Co-authored-by: Chirag Chandrashekhar <cchirag85@gmail.com>
* feat: introduce HeaderList for dynamic header management in BrunoRequest and BrunoResponse
- Implemented HeaderList to provide a dynamic API for managing request headers, allowing real-time reflection of changes.
- Updated BrunoRequest and BrunoResponse to utilize HeaderList for header access, enhancing consistency and usability.
- Added a headers proxy to maintain backward compatibility with existing header access patterns.
- Introduced tests for HeaderList to ensure functionality and reliability across various header operations.
* refactor: update createHeadersProxy to accept a getter function for raw headers
- Modified createHeadersProxy to allow passing a function that retrieves raw headers, enhancing flexibility in header management.
- Updated HeaderList to utilize the new getter function, ensuring consistent behavior when headers are modified.
- Added a test to verify that bracket access reflects changes made via BrunoRequest.setHeaders.
* refactor: enhance headers proxy and syncWriteMethods for improved header management
- Updated createHeadersProxy to clarify precedence of PropertyList methods over header names in bracket access.
- Expanded syncWriteMethods in bruno-request shim to include additional methods for better header manipulation.
- Implemented a custom remove method in property-list-bridge to handle function predicates in-VM, improving the native bridge's functionality.
* refactor: update header management in BrunoRequest and BrunoResponse
- Renamed `req.headers` to `req.headerList` for improved clarity and consistency in header operations.
- Enhanced `HeaderList` to support both dynamic and static modes for header management.
- Updated shims for `req` and `res` to reflect the new header access patterns.
- Modified tests to validate the new header access methods and ensure backward compatibility with raw headers.
* refactor: enhance header translation methods for BrunoRequest and BrunoResponse
- Added comprehensive translations for `req.headerList` and `res.headerList` methods to their respective Postman equivalents, improving consistency in header management.
- Updated tests to validate the new translation methods, ensuring accurate conversion between Bruno and Postman header operations.
- Enhanced existing tests to cover additional header manipulation scenarios, reinforcing the reliability of the header management system.
* refactor: streamline headerList implementation in BrunoRequest and BrunoResponse
- Replaced lazy initialization of `headerList` with direct instantiation in both classes for improved performance and clarity.
- Removed redundant getter methods for `headerList`, simplifying the API.
- Updated tests to reflect changes in headerList instantiation and ensure proper functionality.
* refactor: remove header proxy
* feat: add comprehensive headerList tests for request and response
- Introduced multiple test files for `req.headerList` and `res.headerList` methods, covering various operations such as add, remove, clear, populate, and search methods.
- Implemented tests for both dynamic and read-only scenarios, ensuring robust validation of header management functionalities.
- Enhanced existing headerList methods with detailed assertions to improve reliability and maintainability of the header management system.
* feat: expand STATIC_API_HINTS with additional headerList methods for req and res
- Added a comprehensive list of methods for `req.headerList` and `res.headerList` to enhance autocomplete functionality.
- Included various operations such as get, add, remove, and manipulation methods to improve developer experience and usability.
* feat: implement support for disabled headers in headerList
- Added functionality to track disabled headers in `req.headerList` and `res.headerList`, allowing for better management of header states.
- Updated the `prepareRequest` and `prepareGrpcRequest` functions to include a `disabledHeaders` property.
- Enhanced the `HeaderList` class to handle disabled headers, including methods to filter, count, and retrieve them.
- Introduced tests to validate the behavior of disabled headers, ensuring they are correctly included in the header list while being excluded from raw headers.
* feat: enhance HeaderList with case-insensitive key lookups and improved toObject method
- Implemented case-insensitive key lookups for methods such as get, one, has, and indexOf in HeaderList.
- Updated toObject method to support options for excluding disabled headers, handling duplicate keys, and skipping headers with falsy keys.
- Modified toString method to return headers in HTTP wire format, improving consistency with standard practices.
- Added comprehensive tests to validate new functionalities, ensuring robust header management and accurate behavior for both enabled and disabled headers.
* feat: add context binding to iteration methods in HeaderList
- Enhanced iteration methods (each, filter, find, map, reduce) in HeaderList to accept an optional context parameter, allowing for better control over the `this` binding in callback functions.
- Updated the remove method to support context binding for function predicates.
- Added comprehensive tests to validate the new context binding functionality across various iteration methods, ensuring robust header management.
* feat: enhance HeaderList with new methods for string handling and object support
- Added support for accepting an object with a key property in the `has` method, improving header existence checks.
- Updated `add` and `populate` methods to accept "Key: Value" strings and multi-line header strings, enhancing flexibility in header management.
- Modified `toString` method to ensure a trailing newline in the output, aligning with HTTP wire format standards.
- Introduced comprehensive tests to validate new functionalities, ensuring robust header management and accurate behavior for various input types.
* feat: enhance header management with support for disabled headers and context binding
- Updated `mergeHeaders` function to preserve disabled headers from the request item, improving header state management.
- Modified `addBrunoRequestShimToContext` and `addBrunoResponseShimToContext` to wrap eval code in blocks, preventing redeclaration conflicts.
- Enhanced iteration methods in `property-list-bridge` to support context binding, allowing for better control over `this` in callbacks.
- Added comprehensive tests for `req.headerList` and `res.headerList` to validate new functionalities and ensure robust header management.
* feat: improve header merging to preserve disabled headers from request items
- Enhanced the `mergeHeaders` function to retain disabled headers from the last entry in the request tree path, ensuring better management of header states.
- Updated the logic to include disabled headers while merging, improving the overall functionality of header management.
* feat: update header merging logic to consistently handle disabled headers
- Refactored the `mergeHeaders` function to utilize a separate array for disabled headers, ensuring they are preserved during the merging process.
- Simplified the logic for merging headers by directly combining enabled and disabled headers into the request object, enhancing clarity and maintainability.
* refactor: update disabled headers handling in mergeHeaders function
- Changed the implementation of disabled headers from an array to a Map for better performance and consistency.
- Updated the logic in the `mergeHeaders` function to ensure disabled headers are correctly merged into the request object.
- Enhanced tests to validate the handling of disabled headers, including new scenarios for folder-level and request-level overrides.
* feat: enhance mergeHeaders function to support optional inclusion of disabled headers
- Updated the `mergeHeaders` function to accept an options parameter, allowing for the inclusion of disabled headers in the merged result.
- Modified the logic to handle disabled headers more effectively, ensuring they can be returned based on the provided options.
- Adjusted calls to `mergeHeaders` in various modules to utilize the new functionality, improving header management consistency across the application.
* refactor: remove disabledHeaders from prepareGrpcRequest function
- Eliminated the handling of disabledHeaders in the prepareGrpcRequest function to streamline header management.
- Updated the headers processing logic to focus solely on enabled headers, enhancing clarity and reducing complexity.
* feat: add translations for req.headerList and res.headerList methods
- Introduced new tests to translate methods from req.headerList and res.headerList to their corresponding pm.request.headers and pm.response.headers methods.
- Added translations for methods: one, find, toObject, and upsert, enhancing the functionality of the header management system.
* docs: update HeaderList method aliases and add clarification notes
- Enhanced documentation for `prepend`, `append`, `insert`, and `insertAfter` methods to clarify that they are aliases for `add()` and include a note on the lack of support for ordering and duplicates.
- Updated method comments to reflect the internal handling of headers as a plain object, ensuring better understanding of header management behavior.
* fix: remove duplicate headerList initialization in BrunoRequest class
- Eliminated redundant initialization of headerList in the BrunoRequest constructor, ensuring cleaner code and preventing potential issues with header management.
- This change simplifies the constructor logic while maintaining the intended functionality of the headerList.
* refactor: remove unimplemented headerList methods and update documentation
- Removed the unimplemented methods `prepend`, `append`, `insert`, and `insertAfter` from the headerList, ensuring clarity in the API.
- Updated documentation to reflect that these methods are not implemented and provide guidance to use `add()` or `upsert()` instead.
- Adjusted tests to verify that calls to these methods throw appropriate not-implemented errors, enhancing the robustness of header management.
* refactor: remove unused headerList append method from pre-request script
- Eliminated the call to `req.headerList.append()` in the pre-request script, streamlining the header management process.
- This change aligns with the recent refactor to remove unimplemented methods, ensuring clarity and consistency in the API usage.
* test: update error messages for unimplemented headerList methods
- Changed error messages in tests for `append`, `prepend`, `insert`, and `insertAfter` methods to indicate they are "not yet implemented" instead of "not implemented".
- This update improves clarity in the test outputs, aligning with the current state of the headerList API.
* refactor: remove unimplemented headerList methods and update related tests
- Eliminated the unimplemented methods `prepend`, `append`, `insert`, and `insertAfter` from the HeaderList class and corresponding tests, clarifying the API usage.
- Updated the documentation to guide users towards using `add()` or `upsert()` instead.
- Adjusted tests to remove references to these methods, ensuring they accurately reflect the current state of the headerList API.
* refactor: update HeaderList to accept raw request and response objects
- Modified the HeaderList class to accept the raw request and response objects directly, simplifying the initialization process.
- Updated the BrunoRequest and BrunoResponse classes to reflect this change, ensuring consistent handling of headers.
- Enhanced internal methods to utilize the new structure, improving clarity and maintainability of the header management system.
* refactor: enhance HeaderList header management and update tests
- Updated HeaderList to track removed headers for axios interceptor, improving header casing handling.
- Added new syncWriteMethods to the BrunoResponse shim for better integration.
- Enhanced tests to verify the correct tracking of deleted headers and updated expectations for header management functionality.
* refactor: update header translations and improve HeaderList methods
- Removed unused 'idx' translations from both bruno-to-postman and postman-to-bruno translators to streamline header management.
- Enhanced the HeaderList class to skip existing keys when populating headers, ensuring that current values are preserved.
- Updated tests to reflect the new behavior of the populate method, verifying that existing headers are not overwritten and adjusting expectations accordingly.
* refactor: update headerList.populate behavior and adjust tests
- Modified the req.headerList.populate method to add new headers while preserving existing ones, ensuring that current values are not overwritten.
- Updated the associated test to reflect this new behavior, verifying that existing headers remain intact and new headers are correctly added.
* refactor: update HeaderList methods and translations for consistency
- Renamed `each` method to `forEach` in HeaderList for consistency with standard JavaScript array methods.
- Updated header management methods: replaced `add` with `append`, `upsert` with `set`, and `remove` with `delete` to better reflect their functionality.
- Enhanced translations in bruno-to-postman and postman-to-bruno converters to align with the new method names.
- Adjusted tests to verify the new method names and ensure correct header management behavior.
* refactor: remove unused headerList methods and update related shims
- Removed the `entries`, `keys`, and `values` methods from the HeaderList class to streamline the API and eliminate unused functionality.
- Updated the `bruno-request` and `bruno-response` shims to reflect the removal of these methods, ensuring consistency in header management.
- Adjusted tests to remove references to the deleted methods, maintaining alignment with the current state of the headerList API.
* fix: ensure re-added headers are removed from __headersToDelete
- Updated the HeaderList class to remove headers from the __headersToDelete array when they are re-added, preventing incorrect header deletion behavior.
- Added tests to verify that re-added headers do not remain in __headersToDelete and that their values are correctly set in the raw request headers.
Align with @opencollection/types 0.9.1 which renamed the OAuth1 field from
signatureEncoding to signatureMethod. Update converters, filestore, and all
YML test fixtures. Increase OAuth1 UI test timeouts from 30s to 60s.
* Add proxy .pac file resolver
chore(dependencies): update package-lock.json with new dependencies and version upgrades
- Added new dependencies: ajv, git-url-parse, @opencollection/types, and storybook packages.
- Updated existing dependencies to their latest versions, including eslint and babel packages.
- Removed deprecated entries and cleaned up the package-lock structure for better maintainability.
* tests
* wip
* wip
* wip
* wip
* feat: file upload .pac
* wip
* wip
* wip
* wip
* wip
* wip
* wip
* wip
* feat: Refactor proxy settings to use a new structure for PAC configuration. Introduced 'source' field to determine proxy type (manual or PAC) and updated related validation and state management. Removed deprecated 'pacUrl' field in favor of 'pac.source'. Updated preferences schema and test data accordingly.
* fix: Update proxy settings to correctly reference 'source' field for PAC configuration. Adjusted state management and validation logic to align with new structure. Enhanced tests for backward compatibility and new format handling.
* feat: Enhance proxy configuration by adding 'proxyModeReason' to provide context for proxy settings. Updated related functions to accommodate the new parameter and improved logging for proxy mode changes.
* wip
* refactor: Update proxy settings to remove 'inherit' field and replace it with 'source' for better clarity. Adjusted validation schema, default preferences, and migration logic to align with the new structure. Enhanced tests to ensure compatibility with the updated proxy configuration.
* wip
* wip
* wip
* wip
* wip
* chore: consistent path check
* chore: consistency
* tests(pac): fix unit params
---------
Co-authored-by: Gianluca D'Abrosca <gianluca.dabrosca.1999@gmail.com>
Co-authored-by: Sid <siddharth@usebruno.com>
* feat: enhance environment variable resolution in EnvironmentVariablesTable
- Added logic to populate process environment variables from the active workspace when no collection is selected, allowing for proper resolution of {{process.env.X}}.
- Updated workspace actions to map scratch collections to their respective workspaces, ensuring that environment variables can be resolved correctly.
This improves the user experience by providing access to workspace-specific environment variables in the environment variables table.
* refactor: improve state selection and add test IDs for better testing
- Refactored the state selection logic in EnvironmentVariablesTable for clarity.
- Added data-testid attributes to various components including CollapsibleSection, DotEnvFileDetails, DotEnvRawView, and EnvironmentList to enhance testability.
- This change aims to streamline component interactions and facilitate easier testing.
* feat: add test IDs to EnvironmentList for improved testability
- Introduced data-testid attributes to the EnvironmentList component, enhancing the ability to target elements in tests.
- This update includes test IDs for the CollapsibleSection, create .env file button, and the input field for the .env name, facilitating better integration with testing frameworks.
* refactor: simplify global environment test setup
- Removed unnecessary timeout setting and afterEach cleanup logic from the global environment process.env resolution test.
- This change streamlines the test structure, focusing on the core functionality being tested.
* fix: update system proxy fetching to use finally (#7652)
* fix: update system proxy fetching to use finally for improved reliability
* Update packages/bruno-electron/src/index.js
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* fix: allow file selection in multipart form without entering a key first (#7640)
* fix: close previous SSE connection before sending new request
When resending an SSE (Server-Sent Events) request using Cmd+Enter,
the previous connection was not being closed, causing connection leaks.
Changes:
- Add SSE cancellation logic to sendRequest action - checks for running
stream and cancels it before sending new request
- Add return to cancelRequest action to make it properly chainable
- Simplify RequestTabPanel by removing duplicate cancel logic (now
handled centrally in sendRequest)
- Add SSE endpoints to test server for e2e testing
- Add Playwright e2e test to verify SSE connection cancellation
* fix: address PR review feedback for SSE connection cancellation
- Use platform-aware modifier (Meta on macOS, Control on Linux/Windows)
instead of hardcoded Meta+Enter for cross-platform CI compatibility
- Replace waitForTimeout with expect.poll for deterministic assertions
- Remove dead try/catch around cancelRequest (errors already swallowed
by cancelRequest's internal .catch)
* fix: updated the test to check of connectionIds
---------
Co-authored-by: Sid <siddharth@usebruno.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Pooja <pooja@usebruno.com>
Co-authored-by: Chirag Chandrashekhar <cchirag85@gmail.com>
* feat: add gRPC proxy support
* fix: respect channelOptions grpc.primary_user_agent over User-Agent header
* fix: remove non-standard grpc_proxy/no_grpc_proxy env var support
These are not recognized by any standard gRPC implementation. gRPC proxy
now uses the standard http_proxy/https_proxy/no_proxy variables like
grpc-core, grpc-go, and grpc-java.
* chore: add resolveGrpcProxyConfig tests and clean up grpc-client
Export resolveGrpcProxyConfig for testability and add unit tests covering
all proxy modes (off, on, system), auth encoding, protocol rejection,
bypass lists, and edge cases. Remove redundant cancelAndCloseConnection
call in startConnection (already guarded by addConnection). Document why
internal @grpc/grpc-js channel options are used for programmatic proxy.
When a request redirected from HTTP to HTTPS (or vice versa), the
original httpAgent/httpsAgent leaked into the redirect config. The
httpsAgent — which carries custom CA certificates and TLS options — was
never created for the redirect URL, causing UNABLE_TO_VERIFY_LEAF_SIGNATURE.
Changes:
- setupProxyAgents (electron) now deletes stale agents at the top of
every call so they are always recreated for the current URL
- setupProxyAgents extracted to bruno-cli/proxy-util.js (mirrors the
electron version) and called on every redirect in the CLI path
- Removed the else-branch in bruno-requests/http-https-agents.ts that
only created one agent based on initial protocol
- Added HTTP→HTTPS redirect test server and request to the
custom-ca-certs SSL test suite
* feat(cookies): add direct cookie access methods and update translations
- Introduced new methods for direct cookie access: `bru.cookies.get`, `bru.cookies.has`, and `bru.cookies.toObject`.
- Updated translation mappings in `bruno-to-postman-translator` and `postman-to-bruno-translator` to support these new methods.
- Enhanced tests to verify correct translation between `bru` and `pm` cookie methods, including mixed usage scenarios.
- Updated `Bru` class to handle cookie access based on the current request URL.
* feat(cookies): enhance cookie management with new methods and refactor
- Added new cookie methods: `toString`, `clear`, `delete`, `one`, `all`, `idx`, `count`, `indexOf`, `find`, `filter`, `each`, `map`, and `reduce` to `bru.cookies`.
- Refactored `Bru` class to utilize a new `CookieList` for cookie management, improving structure and readability.
- Updated translation mappings in `bruno-to-postman-translator` and `postman-to-bruno-translator` to include new cookie methods.
- Introduced `PropertyList` and `ReadOnlyPropertyList` classes for better data structure management.
- Enhanced tests for comprehensive coverage of new cookie functionalities and their interactions.
* docs(readonly-property-list): clarify array usage in constructor comments
* feat(cookies): add direct cookie manipulation tests and methods
* feat(cookies): add hasCookie method for checking cookie existence
* fix
* refactor(cookies): simplify cookie method translations
* feat(cookies): expand cookie API with new methods and tests
- Added new cookie methods: `get`, `has`, `toString`, `clear`, `upsert`, `remove`, `idx`, and `indexOf` to enhance cookie management.
- Updated translation mappings for `bru.cookies` to include new methods in `bruno-to-postman-translator` and `postman-to-bruno-translator`.
- Introduced tests for new methods and their interactions, ensuring comprehensive coverage of cookie functionalities.
- Enhanced existing tests to validate correct behavior of cookie methods across different scenarios.
* refactor(cookies): update CookieList to extend PropertyList and improve error handling
* test(cookies): add regression tests for jar and direct cookie patterns
- Introduced regression tests to ensure that jar patterns are correctly prioritized over direct cookie access patterns in translations.
- Updated `CookieList` to extend `ReadOnlyPropertyList` instead of `PropertyList`, clarifying its functionality.
- Refactored cookie method handling in the `bru` shim to utilize a new asynchronous bridge for improved error handling and consistency.
* refactor(cookies): update translations and remove PropertyList
- Enhanced comments in `postman-translations.js` to clarify the order of cookie jar translations.
- Updated `cookie-list.js` comments to better describe the factory function for the cookie jar.
- Removed the `PropertyList` class and its associated tests, streamlining the codebase and focusing on `ReadOnlyPropertyList` and `CookieList` for cookie management.
* fix(cookies): normalize tough-cookie objects and improve remove method comments
- Updated `CookieList` to normalize tough-cookie instances to plain objects, preventing circular references and exposing internal structures.
- Enhanced comments in the `remove` method to clarify behavior when removing non-existent or empty-named cookies.
* test(cookies): update tests to use async/await for consistency
* test(cookies): use async/await in cookie tests for consistency
* refactor(readonly-property-list): update get and reduce methods for improved behavior
* fix(cookies): update cookie method signature in autocomplete hints and enhance translation comments
- Modified the autocomplete hint for `bru.cookies.has` to include the new signature with an optional value parameter.
- Improved comments in `postman-translations.js` to clarify the order of cookie jar translation patterns for better understanding.
* refactor(cookies): introduce PropertyList for enhanced cookie management
* refactor(property-list): simplify repopulate method and enhance item handling logic
* feat(cookies): implement PropertyList bridge for enhanced cookie management
- Introduced a new `createPropertyListBridge` utility to streamline the integration of cookie methods into the QuickJS VM.
- Replaced the previous async cookie bridge with a more flexible approach, allowing for both synchronous and asynchronous cookie operations.
- Added comprehensive tests to validate the functionality of the new cookie methods in both developer and safe modes.
- Updated existing cookie tests to ensure compatibility with the new PropertyList structure.
* fix(tests): correct expected passed requests in cookie tests
- Updated the expected number of passed requests in the cookie tests from 34 to 6 to reflect the correct validation results.
- Ensured consistency in test assertions across multiple test cases for the PropertyList API.
* fix(cookies): update cookie URLs to use localhost for testing
- Changed all cookie-related test scripts to use `{{localhost}}` instead of `{{host}}` for the ping URL, ensuring consistency in local testing environments.
- Updated the cookie test suite to reflect the new URL structure, enhancing the reliability of the tests.
- Removed outdated cookie test files to streamline the test suite.
* refactor(cookies): standardize cookie handling with localhost variable
- Updated cookie test scripts to utilize the `{{localhost}}` variable for setting and retrieving cookies, ensuring consistency across tests.
- Enhanced clarity in comments regarding cookie behavior for different domains.
- Improved test assertions to validate cookie management functionality more effectively.
* refactor(property-list, readonly-property-list): update methods to use private class fields
* feat(cookies): enhance CookieList API with detailed documentation and method improvements
- Updated the `CookieList` class to provide comprehensive documentation on cookie management methods, including `add`, `upsert`, `remove`, and `delete`.
- Improved method signatures to support both callback and Promise-based usage for asynchronous operations.
- Added detailed descriptions for read and write methods, including examples and expected behavior.
- Enhanced the integration of the `CookieList` with the QuickJS VM by updating the property list bridge to include `toJSON` in sync read object methods.
* feat(cookies): add detailed examples and improve async bridge documentation
- Enhanced the `createPropertyListBridge` function documentation with comprehensive examples for setting up cookie methods in QuickJS.
- Clarified the two-phase setup process for async write methods, detailing the registration of bridge functions and the generation of JavaScript code for method wrappers.
- Added a new test case for the `toJSON()` method to ensure it returns a cloned array of all cookies, validating the expected structure and properties.
* fix(assert-runtime): correct syntax error in response parser assignment
- Added a semicolon at the end of the response parser assignment to ensure proper syntax in the AssertRuntime class.
* feat: add OAuth 1.0 authentication support
Add full OAuth 1.0 (RFC 5849) authentication with support for
HMAC-SHA1/256/512, RSA-SHA1/256/512, and PLAINTEXT signature methods.
Includes UI components, bru/yml serialization, Postman import, code
generation, CLI support, and comprehensive playwright and unit tests.
* test: replace real-looking PEM literals with fake markers in oauth1 tests
Avoid tripping secret scanners by using obviously fake BEGIN/END markers
and non-sensitive base64 content in serialization and round-trip tests.
* fix: remove invalid OAuth1 placeholder header from code generator
OAuth1 requires runtime-computed nonce, timestamp, and signature that
cannot be pre-computed for a static code snippet. Return an empty array
instead of emitting an Authorization header with literal <signature>,
<timestamp>, <nonce> placeholders.
* fix: remove unreachable oauth1 case from WSAuth component
The oauth1 switch branch was dead code since it was not in
supportedAuthModes and the useEffect would reset it to 'none'
before it could render.
* fix: remove unused collectionPath param and use path.basename for filename extraction
* refactor: rename OAuth1 fields for clarity
- tokenSecret → accessTokenSecret
- signatureMethod → signatureEncoding
- addParamsTo value 'queryparams' → 'query'
* refactor: rename addParamsTo to placement in OAuth1 auth
* fix: add missing oauth1: null in buildOAuth2Config and upgrade @opencollection/types to 0.9.0
* test: add oauth1 import tests and fix missing oauth1: null in auth assertions
* ci: add auth playwright tests workflow for Linux, macOS, and Windows
* refactor: rename signatureEncoding to signatureMethod and fix timeline race condition
- Rename OAuth1 signatureEncoding to signatureMethod across all packages
- Fix timeline showing "No Headers/Body found" when request-sent IPC event
arrives after response by retroactively updating the timeline entry
- Store requestUid in timeline entries for precise matching
- Correct timeline entry timestamp on retroactive update for proper sort order
* ci: add OAuth1 CLI tests and reorganize auth actions under oauth1/
- Add CLI tests that run full BRU and YML collections via bru run
- Add start-test-server actions for Linux, macOS, and Windows
- Move auth e2e and setup actions under auth/oauth1/ directory
- Fix Windows Playwright failures caused by unescaped backslashes in collectionPath template variable
* ci: reorder auth tests to run E2E tests before CLI tests
* ci: start test server after E2E tests to fix port 8081 conflict
* fix: preserve user-defined boundary in multipart/mixed Content-Type header
When users specify a boundary parameter in their Content-Type header for
multipart/mixed requests with TEXT body mode, Bruno now preserves the
user-defined boundary instead of generating a new one.
Fixes: https://github.com/usebruno/bruno/issues/7523
* updated the test to use local server and changed the request method to GET
* fix: handle quoted boundary values in Content-Type header extraction
---------
Co-authored-by: Chirag Chandrashekhar <cchirag85@gmail.com>
Close the open tab when a request is moved to a different collection
via drag and drop, preventing the "Request no longer exists" error.
Add format conversion when dragging requests between collections with
different formats (.bru vs .yml). A new IPC handler parses the source
file and re-serializes it in the target collection's format. Folder
cross-format moves are blocked with a toast error.
Co-authored-by: Chirag Chandrashekhar <cchirag85@gmail.com>
* refactor: enhance error handling and context retrieval for script errors
- Updated the error formatter to utilize in-memory script content for error context, improving accuracy when users have unsaved changes.
- Introduced a new utility function, `getSourceContextFromContent`, to extract context lines from in-memory scripts.
- Enhanced tests to verify that draft script errors display the correct code context, ensuring users see the most relevant information during debugging.
- Added new Playwright tests to validate error handling in draft states across pre-request, post-response, and test scripts.
* refactor: enhance error context retrieval in error formatter
- Updated `getSourceContext` to accept in-memory content, improving context extraction for unsaved changes.
- Deprecated `getSourceContextFromContent` in favor of the new parameterized approach.
- Adjusted related tests to ensure accurate context handling for draft script errors.
* refactor: enhance error context handling for draft scripts
* refactor: streamline script error tests and enhance utility functions
- Consolidated helper functions for sending requests and waiting for responses into the actions module.
- Introduced new utility functions for selecting script sub-tabs and editing CodeMirror editors.
- Updated test cases to utilize the new utility functions, improving readability and maintainability.
- Enhanced locators for better integration with testing frameworks.
* refactor: improve script error context handling and utility functions
- Introduced a new utility function to streamline the retrieval of script block start lines for .bru and .yml files.
- Enhanced the error formatter to prioritize in-memory draft content when resolving error contexts, improving accuracy for unsaved changes.
- Consolidated context extraction logic into a single function to reduce redundancy and improve maintainability.
- Updated related tests to ensure accurate context handling for both draft and disk-based scripts.
* refactor: add comments to clarify line index calculations in error formatter
* feat: enhance ScriptError with source context, code snippets, and navigation
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: remove auto-commenting of untranslated pm commands during import
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
* feat: update CodeSnippet styles to use theme colors for error and warning highlights
* fix: remove unused SCRIPT_TYPES import from network IPC module
* refactor: remove unused functions and clean up source-context utility
- Removed `getUnifiedScriptContext`, `getWarningSourceGroups`, and related helper functions from `source-context.js` to streamline the utility.
- Updated tests in `source-context.spec.js` to reflect the removal of unused functions, ensuring only relevant tests for `findLineInSource` and `getScriptContext` remain.
* refactor: simplify ScriptError component and update styles
* refactor: streamline tab management in Script components
* refactor: enhance tab management in ScriptError and add testsMetadata handling in prepare-request
* refactor: improve error source identification in ScriptError component
- Enhanced the logic for determining error source types by introducing separate checks for folder and collection files.
- Updated the handling of folder file names to ensure accurate UID retrieval and labeling.
- Streamlined the overall structure of the getErrorSourceInfo function for better readability and maintainability.
* refactor: improve ScriptError component and enhance styling
- Simplified the conditions for displaying the ScriptError component in ResponsePane.
- Updated navigation logic in ScriptErrorCard to ensure proper handling of source information.
- Adjusted styles in StyledWrapper to allow for visible overflow.
- Enhanced ScriptErrorIcon to accept additional class names for better styling flexibility.
- Minor layout adjustments in RunnerResults ResponsePane for improved UI consistency.
* refactor: simplify test description for untranslated pm commands and consolidate error formatter imports
* fixes
* refactor: update focusedTab logic in Script components to use collection and folder UIDthe respective collection and folder UID instead of the activeTabUid.
* feat: add buildErrorContext utility for enhanced error handling in network IPC
- Introduced a new utility function `buildErrorContext` to construct detailed error context from script errors.
- This function parses error locations, adjusts line numbers, and retrieves relevant source context, improving error reporting.
- Removed the previous inline error handling logic from the network IPC module to streamline the codebase.
* feat: added playwright test cases to test scriptError behavior
* refactor: enhance ScriptError component and improve error handling
- Updated labels for error source types in ScriptError to be more concise (e.g., "Request Script" to "Request").
- Improved navigation logic in ScriptErrorCard to ensure proper handling of navigable file paths.
- Enhanced styling in StyledWrapper for better visual consistency and user experience.
- Added tests to verify fallback behavior for missing error types and non-navigable file paths.
- Refined utility functions for better context extraction from script errors.
* refactor: normalize file paths for cross-platform compatibility in ScriptError component
* refactor: improve file path handling in ScriptError component
* refactor: enhance buildErrorContext for improved error handling
* docs: add detailed comments to build-error-context for better understanding of error handling
* refactor: enhance error block line detection in error formatter
- Updated `findScriptBlockEndLine` and `findYmlScriptBlockEndLine` functions to return null for empty or missing blocks, improving accuracy in line detection.
- Added comprehensive tests for both functions to ensure correct behavior across various scenarios, including handling of non-.bru and non-.yml files.
* refactor: improve error handling and testing in ScriptError and buildErrorContext
- Updated ScriptError component to streamline tab management by replacing focusTab with addTab for better request handling.
- Enhanced buildErrorContext to return null for empty or missing script blocks in .bru and .yml files, ensuring accurate error reporting.
- Added tests to validate behavior for empty script blocks and improved error context extraction in various scenarios.
* test: add new tests for script error navigation and handling
- Implemented tests for post-response file-path navigation to the Script tab and verification of active sub-tabs.
- Added keyboard navigation tests to trigger file-path navigation using the Enter key.
- Included a test for multiple error cards to ensure closing one does not affect others.
- Enhanced runner tests to verify navigation to the Tests tab from script error results.
* refactor: enhance CodeSnippet line rendering and remove unused source-context utilities
* refactor: update locators in script-errors tests for improved readability and maintainability
* test: enhance script-errors tests to verify error line content
* review fixes
* refactor: update RunnerResults component and enhance locators for improved testability
* refactor: remove buildErrorContext and replace with formatErrorWithContextV2
- Deleted the buildErrorContext function and its associated tests.
- Updated network IPC to utilize formatErrorWithContextV2 for improved error context handling.
- Enhanced error reporting by ensuring structured error context is returned for desktop UI.
* refactor: enhance tab components with data-testid attributes for improved testability
- Added data-testid attributes to tab elements in CollectionSettings and FolderSettings components for better integration with testing frameworks.
- Updated Tabs and ResponsiveTabs components to include data-testid attributes for tab triggers, enhancing the ability to select and verify tabs in tests.
- Modified script-errors tests to utilize new locators for improved readability and maintainability.
---------
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* fix(collection-watcher): guard against events firing after collection deletion
When deleting an OpenAPI-synced collection, saveBrunoConfig() writes to
bruno.json which creates buffered chokidar events (80ms stabilityThreshold).
If the collection directory is removed before those events fire,
getCollectionFormat() throws "No collection configuration found" for each
.bru file in the collection.
Add fs.existsSync(collectionPath) guards in the change, unlink, and
unlinkDir handlers to bail out early when the collection root no longer exists.
* fix(workspaces): ensure collection watcher stops before deletion
Added logic to remove the collection from the watcher when deleting files, preventing chokidar from firing events on a directory that is being removed. This change enhances stability during collection deletions by ensuring the watcher is properly managed.
* refactor(workspaces): remove redundant collection watcher logic during deletion
Eliminated the logic for stopping the collection watcher before deletion, streamlining the action for removing collections from workspaces. This change simplifies the code and maintains functionality without unnecessary complexity.
* test(collection): add integration test for collection deletion functionality
Introduced a new test suite to verify the deletion of collections from the workspace overview. The test ensures that collections are properly removed from both the UI and the file system, confirming the absence of any uncaught errors during the deletion process. This addition enhances the test coverage for collection management features.
* feat(collection): implement deleteCollectionFromOverview utility function
Added a new utility function to delete a collection directly from the workspace overview page. This function encapsulates the steps required to navigate the UI, confirm deletion, and ensure the collection is removed from both the interface and the file system. Updated the corresponding test to utilize this new function, enhancing code reusability and test clarity.
* fix(collection-watcher): add guards for collection path existence and error handling
Enhanced the unlink and unlinkDir functions to check for the existence of the collection path before proceeding. Added error handling for the getCollectionFormat function to prevent crashes when the collection format cannot be retrieved. These changes improve stability and robustness during collection deletion operations.
* Revert "feat(phase-1): allow user to customize keybindings (#7163)"
This reverts commit 14532b48a6.
* Revert "chore: UI Polish for Zoom and Keybindings panel (#7376)"
This reverts commit 5151d29aac.
* feat(request-pane): restore body tab scroll position on tab switch
When editing large request bodies (JSON/XML/text/sparql), switching to
another tab (params, headers, auth, etc.) and back would reset the
CodeMirror editor scroll position to the top.
Fix by persisting the scroll position to Redux on editor unmount (via
CodeEditor's onScroll prop) and restoring it on mount (via initialScroll),
mirroring the existing scroll restoration pattern in QueryResultPreview.
* test: add playwright tests for body scroll restoration
---------
Co-authored-by: naman-bruno <naman@usebruno.com>
* fix: refocus collection name input on error and resolve missing default location folder
* revert: remove focus refocus logic from InlineCollectionCreator
Reverts the setTimeout focus change that was causing test failures.
Keeps the preferences.js fix for default location validation.
Made-with: Cursor
* fix: update default-collection-location test to use project path
Use {{projectRoot}} template variable for defaultLocation so the path
exists when the app validates it with fs.existsSync.
Made-with: Cursor
* fix: improve save test to use alternate path and verify persistence
Made-with: Cursor
---------
Co-authored-by: naman-bruno <naman@usebruno.com>
