Three fixes:
1. Proxy agents (HttpsProxyAgent, HttpProxyAgent, SocksProxyAgent) expect
(proxyUri, options) constructor signature, but the agent cache was packing
proxyUri into options as a single argument. Fixed the non-timeline code
path in getOrCreateAgentInternal.
2. HTTP requests through an HTTPS proxy need TLS options (ca certs) to
validate the proxy's certificate. All getOrCreateHttpAgent call sites
now pass TLS options when the proxy protocol is HTTPS.
3. Setting the `ca` option on any Node.js TLS connection replaces the
default OpenSSL trust store entirely. CAs only in the OpenSSL default
trust store (e.g. /etc/ssl/cert.pem) but not in tls.rootCertificates
were lost. Fixed by converting `ca` to a secureContext via addCACert(),
which appends custom CAs on top of the OpenSSL defaults instead of
replacing them.
Also simplified PatchedHttpsProxyAgent to selectively forward only the
relevant TLS options (cert, key, pfx, passphrase, rejectUnauthorized,
secureContext) to the target TLS upgrade instead of blindly merging all
constructor options.
- Forward disableHttpHttpsAgentsCache through getHttpHttpsAgents → createAgents
so OAuth2 token requests and bru.sendRequest honour the CLI flag
- Add hostname to agent cache keys (getAgentCacheKey, getHttpAgentCacheKey)
for per-host TLS session reuse; extract hostname at every call site in
run-single-request.js, proxy-util.js, and http-https-agents.ts
- Add extractHostname helper in http-https-agents.ts to safely parse hostnames
- Add test coverage for cert, key, pfx, passphrase, and hostname cache-key
differentiation in agent-cache.spec.ts
- Fix Buffer hashing bug: properly handle Buffer values in hashValue()
- Add CA array support: new hashCaValue() handles string[] | Buffer[]
- Fix timeline race condition: capture timeline reference in closure
at createConnection start to isolate concurrent requests
- Fix SSL verify message: check socket.authorized for accurate status
- Fix HTTP/HTTPS agent logic: only set httpsAgent for HTTPS requests
- Add tests for concurrent requests timeline isolation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Export getOrCreateHttpAgent and use it in http-https-agents for
HTTP requests to enable connection pooling.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add getOrCreateAgentInternal helper to reduce code duplication
between getOrCreateAgent and getOrCreateHttpAgent functions.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add createTimelineHttpAgentClass for logging HTTP connection events
including proxy usage, DNS lookups, and connection establishment.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: add tokenType support for OAuth2
* refactor: rename tokenType to source in OpenCollection OAuth2 mapping
* refactor: rename tokenType to source in OAuth2 configuration
* chore: bump @opencollection/types to ~0.8.0
* fix: correct OAuth2 token type label in token viewer
* refactor: replace Dropdown with MenuDropdown in OAuth2 components
Migrate all 12 dropdown instances across 5 OAuth2 auth components to use
the MenuDropdown component, removing manual tippy ref management and
forwardRef icon patterns in favor of a declarative items-based API.
* feat(): support multipart mixed
fix: support vars interpolation on mixed multi-part
Update packages/bruno-electron/src/ipc/network/interpolate-vars.js
Co-authored-by: Timon <39559178+Its-treason@users.noreply.github.com>
refactor: use startsWith
feat: best effort for other multipart/* contentypes
* feat: enhance variable interpolation for multipart requests
- Updated `interpolateVars` function to support interpolation in multipart/form-data and multipart/mixed requests.
- Added handling for empty multipart arrays and parts with missing or undefined values.
- Improved type checks for content types to ensure proper interpolation behavior.
Includes new tests to validate the interpolation functionality for multipart requests.
* fix: normalize error handling in sendRequest and improve test reliability
---------
Co-authored-by: Alfonso Presa <alfonso-presa@users.noreply.github.com>
* fix: storing status in example for yml file
* fix: temporary check for tests
* fix: temporary check for tests
* fix: temporary check for tests
* fix: temporary check for tests
* fix: temporary check for tests
* fix: temporary check for tests
* fix: temporary check for tests
* fix: temporary check for tests
* fix: temporary check for tests
* fix: temporary check for tests
* fix: temporary check for tests
* fix: temporary check for tests
* fix: test cases for status and statusText
* chore: removed logs
* fix: test cases for response status and text
* fix: test cases for response status and text
* fix: resolved comments
* fix: openapi test import test cases
* chore: removed console logs
* fix: status type in response example while import/export of collection
* fix: postman to bruno import
---------
Co-authored-by: shubh-bruno <shubh-bruno@shubh-bruno.local>
Add shell-env integration to fetch environment variables from the user's
shell config files (.zshrc, .zshenv, etc.) so that proxy settings and
other exports are available in process.env for both Electron and CLI.
* feat: add translations for direct cookie access methods
- Implement translations for pm.cookies.has, pm.cookies.get, and pm.cookies.toObject to their corresponding bru.cookies methods.
- Enhance the postman-to-bruno translator to handle these new cookie access patterns.
- Add unit tests to verify the correct conversion of cookie access methods in various scenarios.
* refactor: simplify optional member expression handling in postman-to-bruno translator
- Streamlined the code for handling optional member expressions in the translation of cookie access methods.
- Updated unit test to verify the correct output format for pm.cookies.toObject() conversion.
* refactor: enhance handling of await expressions in cookie translations
- Updated the postman-to-bruno translator to wrap await expressions in parentheses for improved clarity and consistency.
- Adjusted unit tests to reflect the new output format for cookie access methods, ensuring accurate translation of pm.cookies.get calls.
* refactor: update cookie access translations to use hasCookie method
- Modified translations for pm.cookies.has to utilize the new bru.cookies.hasCookie method for improved clarity and functionality.
- Updated related unit tests to reflect changes in expected output for cookie existence checks.
- Added new tests to validate the behavior of the hasCookie method in various scenarios.
When collection proxy is set to "inherit", bru.sendRequest was skipping
the app-level proxy and falling through directly to system proxy. Now it
correctly checks app-level proxy settings first, matching the behavior
of normal requests. When appLevelProxyConfig is not provided (e.g. CLI),
falls through to system proxy preserving existing behavior.
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Use `isBuiltin` from the `module` package to dynamically exclude all
Node.js built-in modules from the bundle, preventing rollup from
trying to bundle core modules like path, fs, crypto, etc.
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
* feat: add certs and proxy config to bru.sendRequest API
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* fix: handle URL string argument in bru.sendRequest
When bru.sendRequest is called with a plain URL string instead of a
config object, the function now normalizes it to { url: string } before
processing. This fixes the case where spreading a string created an
invalid config object.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* feat: add variable interpolation to bru.sendRequest certs and proxy config
Interpolate environment variables in clientCertificates and proxy
configuration for bru.sendRequest API, enabling use of variables like
{{CERT_PATH}} or {{PROXY_HOST}} in certificate paths and proxy settings.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* refactor: use interpolateObject for certs and proxy config interpolation
- Add interpolateObject to electron's interpolate-string.js using
buildCombinedVars pattern (matches CLI implementation)
- Simplify cert-utils.js by using interpolateObject instead of
manual field-by-field interpolation
- Add interpolation for clientCertificates and proxy config in CLI's
run-single-request.js for bru.sendRequest
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* refactor: add all variable types to sendRequest interpolation options
- Add globalEnvVars, collectionVariables, folderVariables, requestVariables
to sendRequestInterpolationOptions for complete variable support
- Use cached system proxy instead of redundant getSystemProxy() call
- Remove duplicate getOptions() call
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
* refactor: skip CA cert loading when TLS verification is disabled
Only load CA certificates when shouldVerifyTls is true, since they
are not used for validation when TLS verification is disabled.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---------
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
* feat: add user-agent support in gRPC client channel options
- Extracted user-agent from request headers and set it as grpc.primary_user_agent channel option.
- Updated client instantiation to merge user-agent with existing channel options for enhanced request handling.
* test: add unit tests for GrpcClient user-agent handling
* test: enhance GrpcClient user-agent tests with edge case handling
* test: enhance GrpcClient channelOptions handling with override capability
* fix: grpc import paths
* refactor: extract protobuf include directory logic into a separate function
* rm: comment
* fix: improve filtering of enabled import paths in protobuf configuration
* refactor: streamline import path handling in protobuf configuration
* fix: sse sequence in ipc layer
* fix: remove tick rate and flushing
* fix: added sequence logic for websockets
* fix: added sequence logic for websockets per request based
* fix: correct the order for how the messages are added.
`WSMessagesList` already handles a lot of the ordering for us, don't modify the order the messages are added since redirect and connection are internal states, it changes the execution trail
* chore: reduce whitespace diffs
* fix: a possible null case exception
Though we always create an empty data buffer at source so shouldn't happen unless that is modified
* fix: implement sequence logic for WebSocket messages
* fix: remove unused sequenceState property from WsClient
* fix: update message sorting logic to handle missing sequence numbers
* fix: remove unused lodash import
* fix: add clean method to sequencer for better sequence management
* fix: don't show dropdown when streaming
---------
Co-authored-by: Sid <siddharth@usebruno.com>
* feat: add support for ssl cert in websockt
* improvements
* add: wss in animation
* fix: avoid a race condition between the locator's promise and the expect call
JS starts resolving promises even without the await unless it's a function, this can cause a race in this case
---------
Co-authored-by: Sid <siddharth@usebruno.com>
* feat: add variable interpolation support for WebSocket requests
- Add WebSocket body interpolation in interpolateVars function
- Interpolate URL, headers, and all messages in request.body.ws array with full variable context
- Refactor sendWsRequest to use main process preparation (removes duplication)
- Add mode property to wsRequest object for proper request type detection
- Ensure consistent variable precedence matching HTTP/gRPC requests
- Centralize all interpolation logic in main process via prepareWsRequest
* Add Playwright tests for WebSocket variable interpolation
- Add tests for URL interpolation (wss://echo.{{url}}.org)
- Add tests for message content interpolation ({"test": "{{data}}"})
- Update test fixtures to use wss://echo.websocket.org echo server
- Add WEBSOCKET_FLOWS.md documentation
- Refactor queueWsMessage to handle variable interpolation in main process
* removed ws flow documentation
* chore: updated the network/index.js file to reduce merge conflicts by moving around code
* fix: added collection and item to WsQueryUrl Editor to fix available variable highlight
* chore: remove unnecessary whitespace in WebSocket event handlers
* feat: add automatic WebSocket reconnection on URL variable changes
- Detect changes to interpolated URL (including variable changes)
- Automatically disconnect and reconnect when interpolated URL changes
- Add debouncing (400ms) to prevent excessive reconnections
- Track previous interpolated URL to avoid unnecessary reconnects
- Store interpolated URL when connection becomes active
- Improve error handling and cleanup
* chore: removing diff
* Add WebSocket connection status IPC method
- Add connectionStatus() method to WsClient that returns detailed status
('disconnected', 'connecting', 'connected') instead of boolean
- Add renderer:ws:connection-status IPC handler in electron layer
- Add getWsConnectionStatus() utility function in network utils
- Provides more granular connection state information for UI components
* refactor: improve WebSocket connection status tracking in WsQueryUrl
- Replace boolean isConnectionActive with connectionStatus state ('disconnected', 'connecting', 'connected')
- Add useWsConnectionStatus hook to poll connection status every 2 seconds
- Refactor connection handlers: handleConnect, handleDisconnect, handleReconnect
- Update to use getWsConnectionStatus instead of isWsConnectionActive for more granular status
- Improve reconnect logic to handle URL variable interpolation changes
- Add proper connection status indicators in UI (connecting state with pulse animation)
* fix: improve WebSocket URL handling and request initialization
- Fix WebSocket URL state management by reading directly from item instead of local state
- Add handleUrlChange function to properly dispatch URL changes
- Fix interpolated URL change detection logic in useEffect
- Initialize params array for new WebSocket requests to prevent undefined errors
- Ensure params array is initialized when URL changes in draft/request
- Remove console.log statements and unused imports
- Update persistence test replacement URL to avoid port conflicts
These changes ensure WebSocket requests properly handle URL changes and
maintain consistent state between draft and saved requests.
* feat: refactor WebSocket connection status handling
---------
Co-authored-by: Sid <siddharth@usebruno.com>
rm: comment
fix: type generation
feat: implement reflection client support for gRPC v1 and v1alpha in grpc-client
refactor: simplify reflection client handling in grpc-client by removing service list retrieval
refactor: enhance reflection client return structure in grpc-client to include service list
fix: lint