Reconcile request structure against the spec on sync while preserving the
user's values (JSON body, params, headers, auth) and {{var}} references for
fields that still exist. A "Preserve values" toggle (default on) on the Spec
Updates review controls it; turning it off lets spec values overwrite. The diff
preview's EXPECTED column shows the post-merge result so unchanged values do not
render as changes.
- field-level merge for JSON body (by key path), form fields and params/headers
(by name, duplicate names paired positionally), preserving value + enabled
- {{var}} masking so interpolated bodies parse, merge and restore safely,
using a private-use sentinel that never collides with body text
- auth merged by mode: same mode keeps the user's values and adds spec-introduced
fields; a mode change takes the spec. compareRequestFields compares auth by
mode only, so preserved auth values no longer mark the collection out of sync
- preserveValues threaded through apply and diff-preview IPC handlers
- reset path left unchanged; scripts/tests/assertions preserved in sync and reset
- 67 unit tests covering the merge helpers and masking edge cases
* fix(tabs): open panes at default size on expand from collapsed state
* chore: shorten comment in pane expand reducers
* test(tabs): add tabs collapse/expand reducer tests
* test(tabs): assert expand reducers preserve the other pane's collapse flag
* fix: 3123 CLI JUnit Report: classname Uses Request URL Instead of Request Name
* fix: update classname in JUnit report to use request path instead of name
* fix: update testcase classname in JUnit report to use request path instead of request name
* fix: update JUnit report classname to use API paths instead of collection paths
* fix: update classname in JUnit report to use backslashes for Windows compatibility
* fix: update JUnit report file paths to use API paths instead of mock paths
* fix(grpc): gRPC request loses all messages except the first on save for yaml collection
* fix(grpc): enhance gRPC locators and improve message handling in tests
* fix/3112 - Postman import: OAuth2 Implicit Grant Type Silently Converted to Client Credentials on Import
* fix/3112: Postman import: OAuth2 Implicit Grant Type Silently Converted to Client Credentials on Import
* fix/3112 - Postman import: OAuth2 Implicit Grant Type Silently Converted to Client Credentials on Import
* fix/3112
* Implicit grant type
* Oauth2 implicit grant type test case
* fix(bruno-app): use primary accent in OpenAPI Sync settings modal
Active state for the Auto-check for updates toggle and the URL/File
mode buttons in the Connection Settings modal now use the same primary
theme accent as the Save button and the active Check interval pill,
matching visual consistency across themes.
Refs: BRU-3409
* fix(bruno-app): refine OpenAPI Sync settings modal accents
Keep the auto-check toggle on the primary accent, but restore the
URL/File source buttons to their neutral active style and make the
check-interval pills use an inline yellow style (accent border + tint
+ accent text) instead of a solid primary fill, matching the Appearance
theme toggle.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
* FIXED regression for proxy config from v2 to v3
* REMOVED console.log
* ADDED test case with fixture to test proxy import
* ADDED proxy handling for older brunoConfig in packages/bruno-electron/src/utils/collection-import.js
* RESOLVED githiub converstation
changed afterAll --> afterEach
* ADDED guard to transformProxyConfig(brunoConfig.proxy) function
* feat: enhance import functionality with issue tracking and logging
- Updated the import process to return both collections and issues for better error handling.
- Introduced a new toast notification for displaying import issues, allowing users to copy or report them.
- Enhanced logging for import issues, capturing errors and warnings during the import process.
- Added new components for actionable toasts and import issues display.
- Updated tests to validate the new import behavior and issue tracking.
* feat: enhance import issues handling with new toast notifications and tests
- Added optional testId prop to ActionableToast for better test targeting.
- Updated ImportIssuesToast to include data-testid attributes for improved e2e testing.
- Introduced a new Postman collection fixture to test partial import scenarios.
- Created new tests to validate the import process, including issue reporting and copying functionality.
- Implemented utility functions to manage import issues toasts during tests.
* fix: improve clipboard copy functionality and handle import issues more robustly
- Updated BulkImportCollectionLocation to always set import issues, ensuring consistent state management.
- Enhanced clipboard copy functionality in ImportIssuesToast and BulkImportCollectionLocation to handle errors gracefully with user feedback.
- Added aria-label for better accessibility in ActionableToast close button.
* refactor: enhance import issue logging and toast notifications
- Improved logging in BulkImportCollectionLocation and ImportCollectionLocation to provide detailed summaries of import issues, including counts of skipped items and warnings.
- Updated ImportIssuesToast to handle long issue descriptions and provide user feedback for copying issue details to the clipboard.
- Removed ActionableToast component and its styles, consolidating toast functionality within ImportIssuesToast for better maintainability.
- Enhanced styling for ImportIssuesToast to improve user experience and accessibility.
* refactor: update logging level for import issues in BulkImportCollectionLocation and ImportCollectionLocation
- Changed log type from 'error' to 'warn' for import issue summaries in both components to better reflect the severity of the messages.
- This adjustment improves clarity in the logging system and aligns with the intended handling of import warnings.
* feat: enhance ImportIssuesToast with URL length warning and styling improvements
- Added an alert icon and improved styling for the URL-too-long warning in ImportIssuesToast to enhance user experience.
- Introduced a new test for verifying the display of the URL length warning when importing collections with many issues.
- Updated locators to include a test ID for the URL-too-long warning, facilitating better end-to-end testing.
* style: update ImportIssuesToast styling for improved user experience
- Changed background and border colors in StyledWrapper for better visual consistency.
- Enhanced box-shadow and close button styles for improved accessibility and interaction.
- Adjusted padding and gap in warning messages for better layout and readability.
* fix/902 --bail flag not stopping execution when a test fails in a CSV file
* addressed review comments
* addressed review comments
* updated the package-lock file
* addressed review comments
* addressed review comments
* fix: add stripExtension utility to suitename assignment in run command
The OpenAPI importer's tag-sanitization step rewrote every non-alphanumeric
character to `_` unconditionally, regardless of target collection format.
That's correct for `.bru` (whose grammar restricts list items to
`(alnum | "_" | "-")+`) but wrong for the opencollection (yml) target,
whose Tag schema imposes no character restriction. As a result:
`Pets & Dogs` → `Pets_Dogs`
`R&D` → `R_D`
`&` → dropped
This fix makes `sanitizeTag` branch on `options.collectionFormat`:
- `yml` → trim only, preserve verbatim
- `bru` (or default) → keep existing BRU-grammar sanitization
Three call sites updated:
1. `packages/bruno-converters/src/common/index.js` — `sanitizeTag`
honors `options.collectionFormat`.
2. `packages/bruno-converters/src/openapi/openapi-common.js` —
`groupRequestsByTags` now accepts + threads `options` so the
folder-grouping path also respects format.
3. `packages/bruno-schema/src/collections/index.js` — `itemSchema.tags`
regex relaxed to `Yup.string().min(1)` to match the OpenCollection
`Tag = string` spec; old regex enforced BRU grammar on the in-memory
collection shape and rejected our newly-preserved tags downstream.
Cross-platform safety: tags carrying FS-dangerous characters (`/`, `\`,
control chars, Windows-forbidden chars, trailing dot/space) are still
made safe on disk by Bruno's existing `sanitizeName` (in
`packages/bruno-electron/src/utils/filesystem.js`). UI sidebar reads
`info.name` from `folder.yml`, so user-facing label preserves the
verbatim tag while the on-disk path stays portable. Behavior verified
identical on macOS / Linux / Windows for the AC examples + common
inputs. Windows-reserved tag names (`CON`, `PRN`, etc.) and
filesystem-inherent issues (case-sensitivity, length limits) are
pre-existing gaps in Bruno's writer, not in scope here.
Tests:
- `tests/common/sanitizeTag.spec.js` — replaced the old "always sanitize"
test (which locked in the buggy behavior) with a `collectionFormat`
branch covering yml-preservation + bru-strict for the ticket's 3
examples plus dot/parens/whitespace edge cases.
- `tests/openapi/openapi-to-bruno/openapi-tags.spec.js` — added a
`describe('yml tag preservation')` block exercising the full importer
pipeline (request tags + folder grouping) on the 3 AC examples.
- `bruno-schema/src/collections/itemSchema.spec.js` — updated the
validation test to reflect the relaxed schema; verified that previously
rejected strings (`Pets & Dogs`, `R&D`, `&`, emoji, etc.) now pass and
empty strings still fail.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* fix(app): null-safe OAuth2 scope in OpenAPI export (BRU-3297)
The OpenAPI exporter calls `.length` on `auth.oauth2.scope` without a
null guard. When a user never fills the Scope field for an OAuth2 auth
(grant types authorization_code, password, client_credentials), Bruno
stores `scope` as `null`, causing the entire export to crash with
`TypeError: Cannot read properties of null (reading 'length')`.
Replace the unsafe `scope.length > 0` check with a truthy check that
handles null, undefined, and empty string uniformly. Emit `scopes` as
an empty object when no scope is set — OpenAPI 3.0 requires `scopes`
to be present on every OAuth2 flow even when empty.
Add 12 jest tests covering all 3 affected grant types.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* style: wrap oauth2 case in block to scope local declarations
Addresses Biome `noSwitchDeclarations` — `const` declarations inside a
case clause without braces can leak across cases. Pure cosmetic; no
behavior change.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* chore: drop internal scope-discussion comment in openapi-spec test
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
