Reconcile request structure against the spec on sync while preserving the
user's values (JSON body, params, headers, auth) and {{var}} references for
fields that still exist. A "Preserve values" toggle (default on) on the Spec
Updates review controls it; turning it off lets spec values overwrite. The diff
preview's EXPECTED column shows the post-merge result so unchanged values do not
render as changes.
- field-level merge for JSON body (by key path), form fields and params/headers
(by name, duplicate names paired positionally), preserving value + enabled
- {{var}} masking so interpolated bodies parse, merge and restore safely,
using a private-use sentinel that never collides with body text
- auth merged by mode: same mode keeps the user's values and adds spec-introduced
fields; a mode change takes the spec. compareRequestFields compares auth by
mode only, so preserved auth values no longer mark the collection out of sync
- preserveValues threaded through apply and diff-preview IPC handlers
- reset path left unchanged; scripts/tests/assertions preserved in sync and reset
- 67 unit tests covering the merge helpers and masking edge cases
* FIXED regression for proxy config from v2 to v3
* REMOVED console.log
* ADDED test case with fixture to test proxy import
* ADDED proxy handling for older brunoConfig in packages/bruno-electron/src/utils/collection-import.js
* RESOLVED githiub converstation
changed afterAll --> afterEach
* ADDED guard to transformProxyConfig(brunoConfig.proxy) function
* feat: enhance import functionality with issue tracking and logging
- Updated the import process to return both collections and issues for better error handling.
- Introduced a new toast notification for displaying import issues, allowing users to copy or report them.
- Enhanced logging for import issues, capturing errors and warnings during the import process.
- Added new components for actionable toasts and import issues display.
- Updated tests to validate the new import behavior and issue tracking.
* feat: enhance import issues handling with new toast notifications and tests
- Added optional testId prop to ActionableToast for better test targeting.
- Updated ImportIssuesToast to include data-testid attributes for improved e2e testing.
- Introduced a new Postman collection fixture to test partial import scenarios.
- Created new tests to validate the import process, including issue reporting and copying functionality.
- Implemented utility functions to manage import issues toasts during tests.
* fix: improve clipboard copy functionality and handle import issues more robustly
- Updated BulkImportCollectionLocation to always set import issues, ensuring consistent state management.
- Enhanced clipboard copy functionality in ImportIssuesToast and BulkImportCollectionLocation to handle errors gracefully with user feedback.
- Added aria-label for better accessibility in ActionableToast close button.
* refactor: enhance import issue logging and toast notifications
- Improved logging in BulkImportCollectionLocation and ImportCollectionLocation to provide detailed summaries of import issues, including counts of skipped items and warnings.
- Updated ImportIssuesToast to handle long issue descriptions and provide user feedback for copying issue details to the clipboard.
- Removed ActionableToast component and its styles, consolidating toast functionality within ImportIssuesToast for better maintainability.
- Enhanced styling for ImportIssuesToast to improve user experience and accessibility.
* refactor: update logging level for import issues in BulkImportCollectionLocation and ImportCollectionLocation
- Changed log type from 'error' to 'warn' for import issue summaries in both components to better reflect the severity of the messages.
- This adjustment improves clarity in the logging system and aligns with the intended handling of import warnings.
* feat: enhance ImportIssuesToast with URL length warning and styling improvements
- Added an alert icon and improved styling for the URL-too-long warning in ImportIssuesToast to enhance user experience.
- Introduced a new test for verifying the display of the URL length warning when importing collections with many issues.
- Updated locators to include a test ID for the URL-too-long warning, facilitating better end-to-end testing.
* style: update ImportIssuesToast styling for improved user experience
- Changed background and border colors in StyledWrapper for better visual consistency.
- Enhanced box-shadow and close button styles for improved accessibility and interaction.
- Adjusted padding and gap in warning messages for better layout and readability.
* internal emit chain for clearance
* fix: crash ui
* fix(ErrorBoundary): ensure cache clearing is awaited before force quitting
* test(e2e): environment persistence across collections
* test: migration test
* Update environment.spec.ts
* feat: add missing status assertions and .not negation support (#7660)
* feat: add new status assertions and negated variants for response checks
- Introduced new status assertions: `pm.response.to.be.info`, `pm.response.to.be.accepted`, `pm.response.to.be.badRequest`, `pm.response.to.be.unauthorized`, `pm.response.to.be.forbidden`, `pm.response.to.be.notFound`, `pm.response.to.be.rateLimited`, and `pm.response.to.be.withoutBody`.
- Implemented negated variants for existing assertions, allowing checks like `pm.response.to.not.be.ok` and `pm.response.to.not.be.success`.
- Enhanced test coverage to validate the translation of these new assertions and their negated forms in the Postman to Bruno conversion process.
* refactor: update response translation for body assertions
- Changed the translation logic for `pm.response.to.be.withoutBody` to `pm.response.to.be.withBody`, reflecting the actual body content checks.
- Updated corresponding test cases to validate the new assertions and ensure correct translation behavior for body presence checks.
- Enhanced negated variants for body assertions to align with the updated logic.
* feat: add header transformation methods for Postman to Bruno conversion
- Introduced new transformations for `pm.request.headers.prepend`, `pm.request.headers.insert`, and `pm.request.headers.insertAfter` to map to `req.headerList.add`, enhancing header management during the conversion process.
- Updated the transformation logic to ensure only the first argument is retained for these methods, aligning with the intended behavior of the header list operations.
* refactor: update header transformation logic for Postman to Bruno conversion
- Simplified the transformation for `pm.response.to.have.header` and `pm.response.to.not.have.header` to use `res.getHeader` instead of `res.getHeaders`, improving clarity and consistency in the assertions.
- Adjusted related test cases to validate the new transformation logic, ensuring accurate translation of header checks in the conversion process.
* refactor: update header transformation logic for Postman to Bruno conversion
- Enhanced the transformation for `pm.response.to.have.header` and `pm.response.to.not.have.header` to utilize `res.getHeaders()` with lowercased header names, improving consistency and accuracy in header assertions.
- Updated related test cases to reflect the new transformation logic, ensuring correct translation of header checks in the conversion process.
* feat: add data-driven status assertions for response checks
- Introduced a new utility to generate data-driven status assertion entries for `pm.response.to.be.*` checks, including positive and negated variants.
- Integrated the new status assertions into the Postman to Bruno translation logic, enhancing the capability to handle various response status checks.
- Updated tests to validate the translation of new assertions, ensuring accurate conversion of status checks in the response handling process.
* feat: enhance response assertion translations for negated variants
- Updated the transformation logic for `pm.response.to.have.*` assertions to include negated variants, allowing for patterns like `pm.response.to.have.not.status`, `pm.response.to.have.not.header`, and `pm.response.to.have.not.body`.
- Adjusted related test cases to validate the new translations, ensuring accurate conversion of negated assertions in the response handling process.
* refactor: convert status assertion utility to ES module syntax
- Changed the export of `buildStatusAssertionEntries` to ES module syntax for better compatibility with modern JavaScript practices.
- Updated the import statement in the Postman to Bruno translator to reflect the new export format, ensuring seamless integration of the status assertion utility.
* feat: update response body assertion translations to use undefined checks
- Modified the transformation logic for `pm.response.to.be.withBody`, `pm.response.to.not.be.withBody`, and `pm.response.to.be.not.withBody` to use an undefined check instead of truthiness, allowing for accurate handling of falsy body values.
- Updated related test cases to reflect these changes, ensuring correct translation of body presence assertions in the response handling process.
* feat: support newer Postman export format with collection envelope (#8038)
- Updated the Postman collection importer to handle collections wrapped in a { collection: { ... } } format.
- Enhanced the parsing logic to extract collection info correctly from both legacy and newer formats.
- Added a new test case for importing a Postman v2.1 collection with the wrapped format to ensure compatibility.
* fix: reduce padding for dark mode app errors
---------
Co-authored-by: sanish chirayath <sanish@usebruno.com>
* feat(snapshot): add session snapshot persistence and restoration
- Add snapshot middleware to persist UI state (tabs, workspaces, environments)
- Add SnapshotManager service in electron for atomic snapshot storage
- Add accessor-based tab serialization using pathname for reliable restoration
- Add loading states for tabs while collections are mounting
- Add hydrateTabs to restore tabs from snapshots on app load
- Add devTools state persistence (console open/height/tab)
* fix(snapshot): preserve unloaded collections and fix async serialization
Make serializeSnapshot async to fetch existing snapshot before saving,
ensuring collections not currently loaded in Redux are preserved. Fix
activeTab serialization to pass collection object instead of just UID.
* refactor(snapshot): rewrite storage to map-based schema with granular IPC
Replace array-based snapshot storage with key-value maps keyed by pathname
for O(1) lookups. Separate tabs into their own top-level map, decoupled
from collections.
- Rewrite SnapshotManager with map-based schema and granular read/write
methods (getWorkspace, getTabs, setCollection, removeWorkspace, etc.)
- Add 12 granular IPC handlers (renderer:snapshot:*) replacing 4 coarse ones
- Update middleware serialization to produce maps; remove activeCollectionUidCache
in favor of lastActiveCollectionPathname on workspace objects
- Fix mountCollection passing collectionUid instead of collection to restoreTabs
- Preserve non-active workspace state from existing snapshot on save
* wip
* refactor: allow migration of old snapshot
* refactor: trim down redundancy
* fix: for workspace state
* feat: fix for finalised schema
* fix: schema cleanup
* chore: simplify
* chore: wait on hydration to finish
* chore: snapshot changes to schema
* chore: fix typo
* fix: switch schema for saving and restoring extras
* chore: correctness changes
* chore: add active in the schema check
* chore: fix lint
* chore: comments
* chore: make writes async
* fix: sorting and cross workspace shared collection fixes
* chore: add version
* fix: wait on hydration
* chore: fix backward compat for ui-snapshots
* chore: dead code removal
* Fix optional chaining in snapshot lookup
---------
Co-authored-by: Chirag Chandrashekhar <cchirag85@gmail.com>
* feat: introduce HeaderList for dynamic header management in BrunoRequest and BrunoResponse
- Implemented HeaderList to provide a dynamic API for managing request headers, allowing real-time reflection of changes.
- Updated BrunoRequest and BrunoResponse to utilize HeaderList for header access, enhancing consistency and usability.
- Added a headers proxy to maintain backward compatibility with existing header access patterns.
- Introduced tests for HeaderList to ensure functionality and reliability across various header operations.
* refactor: update createHeadersProxy to accept a getter function for raw headers
- Modified createHeadersProxy to allow passing a function that retrieves raw headers, enhancing flexibility in header management.
- Updated HeaderList to utilize the new getter function, ensuring consistent behavior when headers are modified.
- Added a test to verify that bracket access reflects changes made via BrunoRequest.setHeaders.
* refactor: enhance headers proxy and syncWriteMethods for improved header management
- Updated createHeadersProxy to clarify precedence of PropertyList methods over header names in bracket access.
- Expanded syncWriteMethods in bruno-request shim to include additional methods for better header manipulation.
- Implemented a custom remove method in property-list-bridge to handle function predicates in-VM, improving the native bridge's functionality.
* refactor: update header management in BrunoRequest and BrunoResponse
- Renamed `req.headers` to `req.headerList` for improved clarity and consistency in header operations.
- Enhanced `HeaderList` to support both dynamic and static modes for header management.
- Updated shims for `req` and `res` to reflect the new header access patterns.
- Modified tests to validate the new header access methods and ensure backward compatibility with raw headers.
* refactor: enhance header translation methods for BrunoRequest and BrunoResponse
- Added comprehensive translations for `req.headerList` and `res.headerList` methods to their respective Postman equivalents, improving consistency in header management.
- Updated tests to validate the new translation methods, ensuring accurate conversion between Bruno and Postman header operations.
- Enhanced existing tests to cover additional header manipulation scenarios, reinforcing the reliability of the header management system.
* refactor: streamline headerList implementation in BrunoRequest and BrunoResponse
- Replaced lazy initialization of `headerList` with direct instantiation in both classes for improved performance and clarity.
- Removed redundant getter methods for `headerList`, simplifying the API.
- Updated tests to reflect changes in headerList instantiation and ensure proper functionality.
* refactor: remove header proxy
* feat: add comprehensive headerList tests for request and response
- Introduced multiple test files for `req.headerList` and `res.headerList` methods, covering various operations such as add, remove, clear, populate, and search methods.
- Implemented tests for both dynamic and read-only scenarios, ensuring robust validation of header management functionalities.
- Enhanced existing headerList methods with detailed assertions to improve reliability and maintainability of the header management system.
* feat: expand STATIC_API_HINTS with additional headerList methods for req and res
- Added a comprehensive list of methods for `req.headerList` and `res.headerList` to enhance autocomplete functionality.
- Included various operations such as get, add, remove, and manipulation methods to improve developer experience and usability.
* feat: implement support for disabled headers in headerList
- Added functionality to track disabled headers in `req.headerList` and `res.headerList`, allowing for better management of header states.
- Updated the `prepareRequest` and `prepareGrpcRequest` functions to include a `disabledHeaders` property.
- Enhanced the `HeaderList` class to handle disabled headers, including methods to filter, count, and retrieve them.
- Introduced tests to validate the behavior of disabled headers, ensuring they are correctly included in the header list while being excluded from raw headers.
* feat: enhance HeaderList with case-insensitive key lookups and improved toObject method
- Implemented case-insensitive key lookups for methods such as get, one, has, and indexOf in HeaderList.
- Updated toObject method to support options for excluding disabled headers, handling duplicate keys, and skipping headers with falsy keys.
- Modified toString method to return headers in HTTP wire format, improving consistency with standard practices.
- Added comprehensive tests to validate new functionalities, ensuring robust header management and accurate behavior for both enabled and disabled headers.
* feat: add context binding to iteration methods in HeaderList
- Enhanced iteration methods (each, filter, find, map, reduce) in HeaderList to accept an optional context parameter, allowing for better control over the `this` binding in callback functions.
- Updated the remove method to support context binding for function predicates.
- Added comprehensive tests to validate the new context binding functionality across various iteration methods, ensuring robust header management.
* feat: enhance HeaderList with new methods for string handling and object support
- Added support for accepting an object with a key property in the `has` method, improving header existence checks.
- Updated `add` and `populate` methods to accept "Key: Value" strings and multi-line header strings, enhancing flexibility in header management.
- Modified `toString` method to ensure a trailing newline in the output, aligning with HTTP wire format standards.
- Introduced comprehensive tests to validate new functionalities, ensuring robust header management and accurate behavior for various input types.
* feat: enhance header management with support for disabled headers and context binding
- Updated `mergeHeaders` function to preserve disabled headers from the request item, improving header state management.
- Modified `addBrunoRequestShimToContext` and `addBrunoResponseShimToContext` to wrap eval code in blocks, preventing redeclaration conflicts.
- Enhanced iteration methods in `property-list-bridge` to support context binding, allowing for better control over `this` in callbacks.
- Added comprehensive tests for `req.headerList` and `res.headerList` to validate new functionalities and ensure robust header management.
* feat: improve header merging to preserve disabled headers from request items
- Enhanced the `mergeHeaders` function to retain disabled headers from the last entry in the request tree path, ensuring better management of header states.
- Updated the logic to include disabled headers while merging, improving the overall functionality of header management.
* feat: update header merging logic to consistently handle disabled headers
- Refactored the `mergeHeaders` function to utilize a separate array for disabled headers, ensuring they are preserved during the merging process.
- Simplified the logic for merging headers by directly combining enabled and disabled headers into the request object, enhancing clarity and maintainability.
* refactor: update disabled headers handling in mergeHeaders function
- Changed the implementation of disabled headers from an array to a Map for better performance and consistency.
- Updated the logic in the `mergeHeaders` function to ensure disabled headers are correctly merged into the request object.
- Enhanced tests to validate the handling of disabled headers, including new scenarios for folder-level and request-level overrides.
* feat: enhance mergeHeaders function to support optional inclusion of disabled headers
- Updated the `mergeHeaders` function to accept an options parameter, allowing for the inclusion of disabled headers in the merged result.
- Modified the logic to handle disabled headers more effectively, ensuring they can be returned based on the provided options.
- Adjusted calls to `mergeHeaders` in various modules to utilize the new functionality, improving header management consistency across the application.
* refactor: remove disabledHeaders from prepareGrpcRequest function
- Eliminated the handling of disabledHeaders in the prepareGrpcRequest function to streamline header management.
- Updated the headers processing logic to focus solely on enabled headers, enhancing clarity and reducing complexity.
* feat: add translations for req.headerList and res.headerList methods
- Introduced new tests to translate methods from req.headerList and res.headerList to their corresponding pm.request.headers and pm.response.headers methods.
- Added translations for methods: one, find, toObject, and upsert, enhancing the functionality of the header management system.
* docs: update HeaderList method aliases and add clarification notes
- Enhanced documentation for `prepend`, `append`, `insert`, and `insertAfter` methods to clarify that they are aliases for `add()` and include a note on the lack of support for ordering and duplicates.
- Updated method comments to reflect the internal handling of headers as a plain object, ensuring better understanding of header management behavior.
* fix: remove duplicate headerList initialization in BrunoRequest class
- Eliminated redundant initialization of headerList in the BrunoRequest constructor, ensuring cleaner code and preventing potential issues with header management.
- This change simplifies the constructor logic while maintaining the intended functionality of the headerList.
* refactor: remove unimplemented headerList methods and update documentation
- Removed the unimplemented methods `prepend`, `append`, `insert`, and `insertAfter` from the headerList, ensuring clarity in the API.
- Updated documentation to reflect that these methods are not implemented and provide guidance to use `add()` or `upsert()` instead.
- Adjusted tests to verify that calls to these methods throw appropriate not-implemented errors, enhancing the robustness of header management.
* refactor: remove unused headerList append method from pre-request script
- Eliminated the call to `req.headerList.append()` in the pre-request script, streamlining the header management process.
- This change aligns with the recent refactor to remove unimplemented methods, ensuring clarity and consistency in the API usage.
* test: update error messages for unimplemented headerList methods
- Changed error messages in tests for `append`, `prepend`, `insert`, and `insertAfter` methods to indicate they are "not yet implemented" instead of "not implemented".
- This update improves clarity in the test outputs, aligning with the current state of the headerList API.
* refactor: remove unimplemented headerList methods and update related tests
- Eliminated the unimplemented methods `prepend`, `append`, `insert`, and `insertAfter` from the HeaderList class and corresponding tests, clarifying the API usage.
- Updated the documentation to guide users towards using `add()` or `upsert()` instead.
- Adjusted tests to remove references to these methods, ensuring they accurately reflect the current state of the headerList API.
* refactor: update HeaderList to accept raw request and response objects
- Modified the HeaderList class to accept the raw request and response objects directly, simplifying the initialization process.
- Updated the BrunoRequest and BrunoResponse classes to reflect this change, ensuring consistent handling of headers.
- Enhanced internal methods to utilize the new structure, improving clarity and maintainability of the header management system.
* refactor: enhance HeaderList header management and update tests
- Updated HeaderList to track removed headers for axios interceptor, improving header casing handling.
- Added new syncWriteMethods to the BrunoResponse shim for better integration.
- Enhanced tests to verify the correct tracking of deleted headers and updated expectations for header management functionality.
* refactor: update header translations and improve HeaderList methods
- Removed unused 'idx' translations from both bruno-to-postman and postman-to-bruno translators to streamline header management.
- Enhanced the HeaderList class to skip existing keys when populating headers, ensuring that current values are preserved.
- Updated tests to reflect the new behavior of the populate method, verifying that existing headers are not overwritten and adjusting expectations accordingly.
* refactor: update headerList.populate behavior and adjust tests
- Modified the req.headerList.populate method to add new headers while preserving existing ones, ensuring that current values are not overwritten.
- Updated the associated test to reflect this new behavior, verifying that existing headers remain intact and new headers are correctly added.
* refactor: update HeaderList methods and translations for consistency
- Renamed `each` method to `forEach` in HeaderList for consistency with standard JavaScript array methods.
- Updated header management methods: replaced `add` with `append`, `upsert` with `set`, and `remove` with `delete` to better reflect their functionality.
- Enhanced translations in bruno-to-postman and postman-to-bruno converters to align with the new method names.
- Adjusted tests to verify the new method names and ensure correct header management behavior.
* refactor: remove unused headerList methods and update related shims
- Removed the `entries`, `keys`, and `values` methods from the HeaderList class to streamline the API and eliminate unused functionality.
- Updated the `bruno-request` and `bruno-response` shims to reflect the removal of these methods, ensuring consistency in header management.
- Adjusted tests to remove references to the deleted methods, maintaining alignment with the current state of the headerList API.
* fix: ensure re-added headers are removed from __headersToDelete
- Updated the HeaderList class to remove headers from the __headersToDelete array when they are re-added, preventing incorrect header deletion behavior.
- Added tests to verify that re-added headers do not remain in __headersToDelete and that their values are correctly set in the raw request headers.
Assigning `defaults.headers.common = { 'User-Agent': ... }` replaced the
entire common headers object, nuking axios's built-in default:
Accept: application/json, text/plain, */*
This caused servers relying on content-negotiation to receive requests
with no Accept header. Fix by extending the existing object with a
property assignment instead.
Add regression tests for both electron and CLI axios instances verifying
that Accept is preserved and User-Agent is set correctly.
Co-authored-by: Pragadesh-45 <temporaryg7904@gmail.com>
* Add proxy .pac file resolver
chore(dependencies): update package-lock.json with new dependencies and version upgrades
- Added new dependencies: ajv, git-url-parse, @opencollection/types, and storybook packages.
- Updated existing dependencies to their latest versions, including eslint and babel packages.
- Removed deprecated entries and cleaned up the package-lock structure for better maintainability.
* tests
* wip
* wip
* wip
* wip
* feat: file upload .pac
* wip
* wip
* wip
* wip
* wip
* wip
* wip
* wip
* feat: Refactor proxy settings to use a new structure for PAC configuration. Introduced 'source' field to determine proxy type (manual or PAC) and updated related validation and state management. Removed deprecated 'pacUrl' field in favor of 'pac.source'. Updated preferences schema and test data accordingly.
* fix: Update proxy settings to correctly reference 'source' field for PAC configuration. Adjusted state management and validation logic to align with new structure. Enhanced tests for backward compatibility and new format handling.
* feat: Enhance proxy configuration by adding 'proxyModeReason' to provide context for proxy settings. Updated related functions to accommodate the new parameter and improved logging for proxy mode changes.
* wip
* refactor: Update proxy settings to remove 'inherit' field and replace it with 'source' for better clarity. Adjusted validation schema, default preferences, and migration logic to align with the new structure. Enhanced tests to ensure compatibility with the updated proxy configuration.
* wip
* wip
* wip
* wip
* wip
* chore: consistent path check
* chore: consistency
* tests(pac): fix unit params
---------
Co-authored-by: Gianluca D'Abrosca <gianluca.dabrosca.1999@gmail.com>
Co-authored-by: Sid <siddharth@usebruno.com>
* feat: add gRPC proxy support
* fix: respect channelOptions grpc.primary_user_agent over User-Agent header
* fix: remove non-standard grpc_proxy/no_grpc_proxy env var support
These are not recognized by any standard gRPC implementation. gRPC proxy
now uses the standard http_proxy/https_proxy/no_proxy variables like
grpc-core, grpc-go, and grpc-java.
* chore: add resolveGrpcProxyConfig tests and clean up grpc-client
Export resolveGrpcProxyConfig for testability and add unit tests covering
all proxy modes (off, on, system), auth encoding, protocol rejection,
bypass lists, and edge cases. Remove redundant cancelAndCloseConnection
call in startConnection (already guarded by addConnection). Document why
internal @grpc/grpc-js channel options are used for programmatic proxy.
When axios receives a 4XX/5XX response it throws an error, causing
execution to jump to the catch block. saveCookies() was only called
in the try block (2XX path), so error-status cookies were silently
dropped in collection runs.
Fix applied to both affected code paths:
- packages/bruno-cli/src/runner/run-single-request.js (CLI runner)
- packages/bruno-electron/src/ipc/network/index.js (app collection runner)
Manual single-request execution was already correct — saveCookies() is
called after the try/catch there, so both status paths were covered.
Fixes#7475
- Replaced the static file name display with a SingleLineEditor for better readability and consistency.
- Removed unnecessary padding in StyledWrapper for a cleaner layout.
- Enhanced value interpolation logic to handle arrays in interpolate-vars.js for improved data processing.
When executing requests with pre-request or post-response scripts, the
global environment color property was being stripped from YAML files.
This happened because the save operation only passed `variables` through
the IPC chain, and the workspace-environments store created a new
environment object without preserving the existing `color` property.
The fix passes the `color` property through the entire IPC chain:
- Redux actions now include `color` in the save-global-environment IPC call
- IPC handler accepts and forwards `color` to both stores
- workspace-environments store includes `color` when creating the environment object
- global-environments store preserves `color` when updating
Fixes#7348
Co-authored-by: Chirag Chandrashekhar <cchirag85@gmail.com>
* feat: add OAuth 1.0 authentication support
Add full OAuth 1.0 (RFC 5849) authentication with support for
HMAC-SHA1/256/512, RSA-SHA1/256/512, and PLAINTEXT signature methods.
Includes UI components, bru/yml serialization, Postman import, code
generation, CLI support, and comprehensive playwright and unit tests.
* test: replace real-looking PEM literals with fake markers in oauth1 tests
Avoid tripping secret scanners by using obviously fake BEGIN/END markers
and non-sensitive base64 content in serialization and round-trip tests.
* fix: remove invalid OAuth1 placeholder header from code generator
OAuth1 requires runtime-computed nonce, timestamp, and signature that
cannot be pre-computed for a static code snippet. Return an empty array
instead of emitting an Authorization header with literal <signature>,
<timestamp>, <nonce> placeholders.
* fix: remove unreachable oauth1 case from WSAuth component
The oauth1 switch branch was dead code since it was not in
supportedAuthModes and the useEffect would reset it to 'none'
before it could render.
* fix: remove unused collectionPath param and use path.basename for filename extraction
* refactor: rename OAuth1 fields for clarity
- tokenSecret → accessTokenSecret
- signatureMethod → signatureEncoding
- addParamsTo value 'queryparams' → 'query'
* refactor: rename addParamsTo to placement in OAuth1 auth
* fix: add missing oauth1: null in buildOAuth2Config and upgrade @opencollection/types to 0.9.0
* test: add oauth1 import tests and fix missing oauth1: null in auth assertions
* ci: add auth playwright tests workflow for Linux, macOS, and Windows
* refactor: rename signatureEncoding to signatureMethod and fix timeline race condition
- Rename OAuth1 signatureEncoding to signatureMethod across all packages
- Fix timeline showing "No Headers/Body found" when request-sent IPC event
arrives after response by retroactively updating the timeline entry
- Store requestUid in timeline entries for precise matching
- Correct timeline entry timestamp on retroactive update for proper sort order
* ci: add OAuth1 CLI tests and reorganize auth actions under oauth1/
- Add CLI tests that run full BRU and YML collections via bru run
- Add start-test-server actions for Linux, macOS, and Windows
- Move auth e2e and setup actions under auth/oauth1/ directory
- Fix Windows Playwright failures caused by unescaped backslashes in collectionPath template variable
* ci: reorder auth tests to run E2E tests before CLI tests
* ci: start test server after E2E tests to fix port 8081 conflict
* fix: preserve user-defined boundary in multipart/mixed Content-Type header
When users specify a boundary parameter in their Content-Type header for
multipart/mixed requests with TEXT body mode, Bruno now preserves the
user-defined boundary instead of generating a new one.
Fixes: https://github.com/usebruno/bruno/issues/7523
* updated the test to use local server and changed the request method to GET
* fix: handle quoted boundary values in Content-Type header extraction
---------
Co-authored-by: Chirag Chandrashekhar <cchirag85@gmail.com>
Close the open tab when a request is moved to a different collection
via drag and drop, preventing the "Request no longer exists" error.
Add format conversion when dragging requests between collections with
different formats (.bru vs .yml). A new IPC handler parses the source
file and re-serializes it in the target collection's format. Folder
cross-format moves are blocked with a toast error.
Co-authored-by: Chirag Chandrashekhar <cchirag85@gmail.com>
Use { recursive: true } in mkdirSync during collection import so that
directories which already exist (e.g. due to duplicate or case-colliding
path params like {customerID} vs {customerId}) do not throw EEXIST and
abort the import.
- Updated ThemeProvider to send background color along with theme changes to the renderer.
- Introduced WindowStateStore methods for managing theme mode and background color.
- Set the main window's background color based on the stored theme during app initialization.
This improves the user experience by ensuring the application reflects the selected theme accurately.
