* Add proxy .pac file resolver
chore(dependencies): update package-lock.json with new dependencies and version upgrades
- Added new dependencies: ajv, git-url-parse, @opencollection/types, and storybook packages.
- Updated existing dependencies to their latest versions, including eslint and babel packages.
- Removed deprecated entries and cleaned up the package-lock structure for better maintainability.
* tests
* wip
* wip
* wip
* wip
* feat: file upload .pac
* wip
* wip
* wip
* wip
* wip
* wip
* wip
* wip
* feat: Refactor proxy settings to use a new structure for PAC configuration. Introduced 'source' field to determine proxy type (manual or PAC) and updated related validation and state management. Removed deprecated 'pacUrl' field in favor of 'pac.source'. Updated preferences schema and test data accordingly.
* fix: Update proxy settings to correctly reference 'source' field for PAC configuration. Adjusted state management and validation logic to align with new structure. Enhanced tests for backward compatibility and new format handling.
* feat: Enhance proxy configuration by adding 'proxyModeReason' to provide context for proxy settings. Updated related functions to accommodate the new parameter and improved logging for proxy mode changes.
* wip
* refactor: Update proxy settings to remove 'inherit' field and replace it with 'source' for better clarity. Adjusted validation schema, default preferences, and migration logic to align with the new structure. Enhanced tests to ensure compatibility with the updated proxy configuration.
* wip
* wip
* wip
* wip
* wip
* chore: consistent path check
* chore: consistency
* tests(pac): fix unit params
---------
Co-authored-by: Gianluca D'Abrosca <gianluca.dabrosca.1999@gmail.com>
Co-authored-by: Sid <siddharth@usebruno.com>
* feat: enhance environment variable resolution in EnvironmentVariablesTable
- Added logic to populate process environment variables from the active workspace when no collection is selected, allowing for proper resolution of {{process.env.X}}.
- Updated workspace actions to map scratch collections to their respective workspaces, ensuring that environment variables can be resolved correctly.
This improves the user experience by providing access to workspace-specific environment variables in the environment variables table.
* refactor: improve state selection and add test IDs for better testing
- Refactored the state selection logic in EnvironmentVariablesTable for clarity.
- Added data-testid attributes to various components including CollapsibleSection, DotEnvFileDetails, DotEnvRawView, and EnvironmentList to enhance testability.
- This change aims to streamline component interactions and facilitate easier testing.
* feat: add test IDs to EnvironmentList for improved testability
- Introduced data-testid attributes to the EnvironmentList component, enhancing the ability to target elements in tests.
- This update includes test IDs for the CollapsibleSection, create .env file button, and the input field for the .env name, facilitating better integration with testing frameworks.
* refactor: simplify global environment test setup
- Removed unnecessary timeout setting and afterEach cleanup logic from the global environment process.env resolution test.
- This change streamlines the test structure, focusing on the core functionality being tested.
* fix: update system proxy fetching to use finally (#7652)
* fix: update system proxy fetching to use finally for improved reliability
* Update packages/bruno-electron/src/index.js
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* fix: allow file selection in multipart form without entering a key first (#7640)
* fix: close previous SSE connection before sending new request
When resending an SSE (Server-Sent Events) request using Cmd+Enter,
the previous connection was not being closed, causing connection leaks.
Changes:
- Add SSE cancellation logic to sendRequest action - checks for running
stream and cancels it before sending new request
- Add return to cancelRequest action to make it properly chainable
- Simplify RequestTabPanel by removing duplicate cancel logic (now
handled centrally in sendRequest)
- Add SSE endpoints to test server for e2e testing
- Add Playwright e2e test to verify SSE connection cancellation
* fix: address PR review feedback for SSE connection cancellation
- Use platform-aware modifier (Meta on macOS, Control on Linux/Windows)
instead of hardcoded Meta+Enter for cross-platform CI compatibility
- Replace waitForTimeout with expect.poll for deterministic assertions
- Remove dead try/catch around cancelRequest (errors already swallowed
by cancelRequest's internal .catch)
* fix: updated the test to check of connectionIds
---------
Co-authored-by: Sid <siddharth@usebruno.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Pooja <pooja@usebruno.com>
Co-authored-by: Chirag Chandrashekhar <cchirag85@gmail.com>
* fix(js): support response query filters in safe mode
* feat: add tests and improve bruno-response shim for query argument handling
- Introduced a new test suite for the bruno-response shim to validate query filtering and function callback behavior.
- Refactored the `res` function to enhance argument handling, allowing for better marshalling of QuickJS function handles and other values.
- Improved error handling within the response processing to ensure robust behavior during query execution.
* fix: correct argument handling in bruno-response shim for function callbacks
- Updated the `toHostQueryArg` function to use `vm.undefined` instead of `vm.global` when calling the provided function argument. This change ensures proper context handling during function execution, improving the reliability of query argument processing.
* chore: clean up .gitignore and enhance error handling in bruno-response tests
- Removed redundant entries from .gitignore to streamline ignored files.
- Improved error handling in the `afterEach` and `afterAll` hooks of the bruno-response tests to ensure proper disposal of resources, preventing potential memory leaks.
---------
Co-authored-by: cryst <230207759+cryst-hq@users.noreply.github.com>
* fix(assert-runtime): update JSON validation to allow arrays and enhance test coverage
- Modified the JSON validation logic to accept arrays as valid JSON objects.
- Updated tests to ensure correct behavior for various array scenarios, including empty arrays and arrays of strings and objects.
* fix(assert-runtime): refine JSON validation logic to correctly handle arrays
- Updated the JSON validation to allow arrays as valid JSON objects, ensuring compatibility with various data structures.
- Adjusted the test assertions to reflect the new validation criteria.
* perf: optimize DNS resolution to reduce request latency by ~31%
Replace default dns.lookup (libuv thread pool) with async dns.resolve4/6
(c-ares) that bypasses the thread pool bottleneck, falling back to
dns.lookup for /etc/hosts and mDNS hostnames.
* fix: address PR review feedback for DNS optimization
- Guard against undefined options in fastLookup to prevent runtime errors
- Document that options.family is not yet respected (safe today, noted for future)
- Replace callback as any with proper typed forwarding wrapper
- Extract shared agent config (defaultAgentOptions) to eliminate duplication
between axios-instance.ts and agent-cache.ts, with documented rationale
- Mock DNS in test to avoid real network calls to google.com in CI
* fix: removed explicit resolve6 in fastLookup
---------
Co-authored-by: Chirag Chandrashekhar <cchirag85@gmail.com>
* fix: add size and duration fields to CLI bru.runRequest() response
Add `size` and `duration` fields to the response object in CLI to match
GUI behavior, ensuring consistent API for bru.runRequest() across both
environments.
- `duration` is an alias for `responseTime` for GUI compatibility
- `size` is the byte length of the response buffer (0 for errors/skipped)
Fixes#7352
* fix: address PR review feedback for CLI response consistency
- Coerce responseTime header to number (was string from headers.get())
- Add comment explaining duration vs responseTime difference between
GUI (wall-clock) and CLI (approximation using responseTime)
- Add integration tests for duration/size fields across skipped,
success, and network error response paths
* fix: add missing setupProxyAgents mock in response-fields test
The success path calls setupProxyAgents which was missing from the
proxy-util mock, causing CI failure.
---------
Co-authored-by: Chirag Chandrashekhar <cchirag85@gmail.com>
* feat: add helper to ensure string conversion for non-string values in Postman to Bruno conversion
- Introduced `ensureString` function to convert numeric and non-string values to strings, defaulting null/undefined to an empty string.
- Updated request handling in `importPostmanV2CollectionItem` to utilize `ensureString` for headers, parameters, and body fields.
- Added tests to verify correct conversion of numeric values to strings in headers, query parameters, and body fields.
* test: add test for numeric value conversion in Postman to Bruno transformation
- Implemented a new test case to verify that numeric values in example request and response fields are correctly converted to strings during the Postman to Bruno conversion process.
- The test checks various components including request headers, query parameters, path parameters, and body fields to ensure proper string conversion.
* test: add multipart form value test for numeric conversion in Postman to Bruno transformation
- Added a new test case to verify that numeric values in multipart form data are correctly converted to strings during the Postman to Bruno conversion process.
- The test checks the conversion of numeric values in the request body to ensure proper handling in the transformation.
* feat: enhance header parsing in Postman to Bruno conversion
- Added `parseStringHeader` and `normalizeHeaders` functions to handle various header formats, including string headers and concatenated strings.
- Updated the request and response handling in `importPostmanV2CollectionItem` to utilize the new header normalization logic.
- Introduced tests to verify correct parsing of string headers, including cases with no values and concatenated headers.
* refactor: enhance ensureString function for flexible fallback values
- Updated the `ensureString` function to accept a fallback parameter, allowing for customizable default values instead of a fixed empty string for null/undefined inputs.
- Modified the usage of `ensureString` in the `processAuth` function to utilize the new fallback feature for various authentication fields, improving the handling of optional values.
* refactor: update ensureString function to handle empty values
- Modified the `ensureString` function to return the fallback for null, undefined, or empty string values, enhancing its flexibility in handling various input scenarios.
* chore: update ESLint configuration and enhance Postman to Bruno conversion tests
- Added 'no-case-declarations' rule to ESLint configuration to enforce stricter coding standards.
- Modified the `processAuth` function to ensure proper block scoping for OAuth2 case handling.
- Improved header parsing logic to check for string type in content-type header.
- Added new tests to verify conversion of numeric authentication values to strings in both array-backed and object-backed formats during Postman to Bruno transformation.
* chore: update ESLint configuration to enforce stricter rules
- Added 'no-case-declarations' rule to ESLint configuration to enhance code quality.
- Adjusted existing rules for consistency and clarity in the configuration.
---------
Co-authored-by: Bijin A B <bijin@usebruno.com>
* feat: add gRPC proxy support
* fix: respect channelOptions grpc.primary_user_agent over User-Agent header
* fix: remove non-standard grpc_proxy/no_grpc_proxy env var support
These are not recognized by any standard gRPC implementation. gRPC proxy
now uses the standard http_proxy/https_proxy/no_proxy variables like
grpc-core, grpc-go, and grpc-java.
* chore: add resolveGrpcProxyConfig tests and clean up grpc-client
Export resolveGrpcProxyConfig for testability and add unit tests covering
all proxy modes (off, on, system), auth encoding, protocol rejection,
bypass lists, and edge cases. Remove redundant cancelAndCloseConnection
call in startConnection (already guarded by addConnection). Document why
internal @grpc/grpc-js channel options are used for programmatic proxy.
Added event handlers to prevent the browser's autoscroll behavior when the middle mouse button is pressed in the ExampleTab and RequestTab components. This improves user experience by avoiding unintended scrolling during tab interactions.
* feat: add support for examples in collection items
- Enhanced the processCollectionItems function to include examples from imported collection items.
- Added a new test case to verify that examples are correctly written to the output file during collection creation.
* fix: coerce response status to number in collection creation tests
Updated the test for createCollectionFromBrunoObject to ensure the response status is compared as a number, improving type consistency in assertions.
- Implemented a new _onBlur method to set the cursor position when the editor loses focus.
- Updated event listeners to include the blur event for both MultiLineEditor and SingleLineEditor, enhancing user experience by preserving cursor position.
- Ensured proper cleanup of event listeners during component unmounting to prevent memory leaks.
When axios receives a 4XX/5XX response it throws an error, causing
execution to jump to the catch block. saveCookies() was only called
in the try block (2XX path), so error-status cookies were silently
dropped in collection runs.
Fix applied to both affected code paths:
- packages/bruno-cli/src/runner/run-single-request.js (CLI runner)
- packages/bruno-electron/src/ipc/network/index.js (app collection runner)
Manual single-request execution was already correct — saveCookies() is
called after the try/catch there, so both status paths were covered.
Fixes#7475
Updated the bruToJson function to coerce the tags property into an array, ensuring consistent data structure when processing JSON input. This change enhances the reliability of the function by preventing potential errors when tags are not provided as an array.
Updated the parseBruRequest function to guarantee that the tags extracted from the JSON input are always returned as an array, improving data consistency and preventing potential errors when handling non-array values.
* fix: cURL paste not updating request tab editors visually
Remove the focus-based guard from PR#7098 that blocked editor value
updates when the editor had focus. This caused cURL paste to not
reflect in the request tab until switching tabs. Editors now always
accept incoming prop values and preserve cursor position. Also set
cursor to end of new URL after cURL paste using setTimeout.
* fix: added optional chaining
---------
Co-authored-by: Chirag Chandrashekhar <cchirag85@gmail.com>
When a request redirected from HTTP to HTTPS (or vice versa), the
original httpAgent/httpsAgent leaked into the redirect config. The
httpsAgent — which carries custom CA certificates and TLS options — was
never created for the redirect URL, causing UNABLE_TO_VERIFY_LEAF_SIGNATURE.
Changes:
- setupProxyAgents (electron) now deletes stale agents at the top of
every call so they are always recreated for the current URL
- setupProxyAgents extracted to bruno-cli/proxy-util.js (mirrors the
electron version) and called on every redirect in the CLI path
- Removed the else-branch in bruno-requests/http-https-agents.ts that
only created one agent based on initial protocol
- Added HTTP→HTTPS redirect test server and request to the
custom-ca-certs SSL test suite
* feat: add helper to ensure string conversion for non-string values in Postman to Bruno conversion
- Introduced `ensureString` function to convert numeric and non-string values to strings, defaulting null/undefined to an empty string.
- Updated request handling in `importPostmanV2CollectionItem` to utilize `ensureString` for headers, parameters, and body fields.
- Added tests to verify correct conversion of numeric values to strings in headers, query parameters, and body fields.
* test: add test for numeric value conversion in Postman to Bruno transformation
- Implemented a new test case to verify that numeric values in example request and response fields are correctly converted to strings during the Postman to Bruno conversion process.
- The test checks various components including request headers, query parameters, path parameters, and body fields to ensure proper string conversion.
* test: add multipart form value test for numeric conversion in Postman to Bruno transformation
- Added a new test case to verify that numeric values in multipart form data are correctly converted to strings during the Postman to Bruno conversion process.
- The test checks the conversion of numeric values in the request body to ensure proper handling in the transformation.
* chore: basic annotation support
* chore: string and escape cases
* feat: add basic multiline support
* fix: simplify dedentation logic in annotation multiline text block
* chore: fix asserts
* feat: add annotation support to env and collection
* feat: enhance annotation parsing with support for quoted arguments and nested parentheses
* refactor: feedback, remove inline annotations
* feat: move serializeAnnotations function to utils and update imports
* fix: app crash on clicking close button \n Added collection, workspace, and api spec watcher cleanup on app close method
* fix: close file watchers before app exit to prevent crash on macOS
Close all chokidar file watchers (collection, workspace, apiSpec) before
the Node environment is torn down. The native FSEvents watchers run on
their own threads and their cleanup races with FreeEnvironment, causing
an abort when fse_instance_destroy tries to lock a destroyed mutex.
Watchers are closed in both mainWindow.on('close') and app.on('before-quit')
to cover the native close button path and the app.exit() path.
* fix: move watcher cleanup from close handler to before-quit only
The close event is cancelable — if the user cancels the unsaved changes
dialog, watchers would remain closed for the rest of the session.
Move closeAllWatchers() to before-quit which only fires on actual quit.
---------
Co-authored-by: Chirag Chandrashekhar <cchirag85@gmail.com>
* chore: pin axios version
* limit it to the max mentioned by the repo
* chore: pin to 1.13.6
* chore: pin transitive
* chore: update axios version to 1.13.6
* chore: min release age for deps
- Replaced the static file name display with a SingleLineEditor for better readability and consistency.
- Removed unnecessary padding in StyledWrapper for a cleaner layout.
- Enhanced value interpolation logic to handle arrays in interpolate-vars.js for improved data processing.
