chore(deps): update swaggerapi/swagger-ui docker tag to v5.30.0

[renovate]

This PR contains the following updates:

Package	Update	Change
swaggerapi/swagger-ui	minor	v5.17.14 -> v5.30.0

---

Release Notes

swagger-api/swagger-ui (swaggerapi/swagger-ui)

v5.30.0

Compare Source

Features

• deps: update ApiDOM to v1.0.0-rc.1 (#​10619) (5f013e9)

v5.29.5

Compare Source

Bug Fixes

• core: handle complex value stringification in Property component (#​10604) (0422415), closes #​10535
• correct spec paths for parameters, responses and request bodies (#​10609) (583c4fb)

v5.29.4

Compare Source

Bug Fixes

• core: refactor UNSAFE_ lifecycle methods in ContentType and OperationContainer (#​10373) (2814709), closes #​10212
• ignore rendering responses with extensions in the schema (#​10592) (23e3e00)
• include script in body (#​10593) (456274c)
• update vulnerable libxml2 to 2.13.9-r0 (#​10600) (8138154)
• use h1 for title heading to improve accessibility (#​10598) (c0bd7b6), closes #​10480

v5.29.3

Compare Source

Bug Fixes

• auth: ensure schema is immutable when persisting authorization (#​10588) (9124f59), closes #​10569

v5.29.2

Compare Source

Bug Fixes

• include oauth2-redirect.js in npm package distribution (#​10585) (443c011), closes #​10574

v5.29.1

Compare Source

Bug Fixes

• security: update Axios to non-vulnerable 1.12.2 version (#​10579) (54276b9)

v5.29.0

Compare Source

Features

• oauth2-redirect: externalize inline script for CSP compliance (#​10559) (35eb103)

v5.28.1

Compare Source

Bug Fixes

• provide polyfill for buffer in build (#​10554) (bbb1282), closes #​10553

v5.28.0

Compare Source

Features

• add initial support for React 19 (#​10551) (7a13771), closes #​10243

v5.27.1

Compare Source

Bug Fixes

• use open-cli instead of require('open') for Node 20+ compatibility (#​10517) (47a5c1f)

v5.27.0

Compare Source

Bug Fixes

• permissions of files to allow running as non-root (#​10515) (679e73b)
• sanitization of relative OpenAPI JSON paths (#​10528) (60dee8b)

Features

• json-schema: support x-additionalPropertiesName (#​10006) (4bada92)

v5.26.2

Compare Source

Bug Fixes

• style: restore paragraph spacing in parameter and response descriptions (#​10514) (efe6eb5)

v5.26.1

Compare Source

Bug Fixes

• oas3: reset request body values in try it out (#​9717) (32dd3af)

v5.26.0

Compare Source

Features

• release Swagger UI to Packagist (#​10513) (d48549f)

v5.25.4

Compare Source

Bug Fixes

• docker: bump nginx image to version 1.29.0-alpine to fix CVE-2025-48174 (#​10508) (94f0818)

v5.25.3

Compare Source

Bug Fixes

• fix opened model schema resolving issue on spec change (#​10509) (0ddc74d)

v5.25.2

Compare Source

Bug Fixes

• dist: provide correct npm token for swagger-ui-dist release (a9ce4bb)

v5.25.1

Compare Source

Bug Fixes

• CD: provide correct npm token (973480e)

v5.25.0

Compare Source

Features

• release SwaggerUI via GitHub Actions (b182b4f)

v5.24.2: Swagger UI v5.24.2 Released!

Compare Source

Bug Fixes

• align expanded content inside expand collapse button (#​10497) (2574351)

v5.24.1: Swagger UI v5.24.1 Released!

Compare Source

Features

• oas3: show the schema tab in the Try it Out mode (#​10440) (ac106cd)

v5.24.0: Swagger UI v5.24.0 Released!

Compare Source

Bug Fixes

• mitigate ReDoS when generating examples from pattern (#​10477) (71c9314)
• packagist: exclude large obsolete directories from publishing to Packagist (#​10329) (cbd4b30)
• release: fix failed v5.23.0 release (8045f06)

Features

• json-schema-5-samples: add support for time format example generation (#​10420) (#​10421) (fc6fb24)

v5.23.0: Swagger UI v5.23.0 Released!

Compare Source

Bug Fixes

• mitigate ReDoS when generating examples from pattern (#​10477) (71c9314)

Features

• json-schema-5-samples: add support for time format example generation (#​10420) (#​10421) (fc6fb24)

---

WARNING

This is a failed release. Please don't use

v5.22.0: Swagger UI v5.22.0 Released!

Compare Source

Bug Fixes

• assure parameter is an immutable map when grouping parameters (#​10457) (8577d71)
• avoid accessing properties of empty Example Objects (#​10453) (6a07ac8)
• docker: address CVE-2025-32414/CVE-2025-32415 (#​10461) (01e380e)
• json-schema-2020-12-samples: generate proper samples for XML atttributes (#​10459) (5d346fd)
• oauth2: avoid processing authorizationUrl when it is not a string (#​10452) (119052e)
• security: update Axios to non-vulnerable 1.9.0 version (#​10460) (c85865c)
• spec: assure operation is an immutable map in operations selectors (#​10454) (b6151d4)
• spec: avoid accessing $ref when path item is not an object (#​10456) (581d544)
• use spec compliant JSON Pointer implementation (#​10455) (2f0cbba)

Features

• observability: allow defining custom uncaught exception handler (#​10462) (0a438f2)

v5.21.0: Swagger UI v5.21.0 Released!

Compare Source

Bug Fixes

• align OpenAPI 3.x.y file uploads with specification (#​10409) (c29e712), closes #​9278
• json-schema-2020-12: infer type string when contentEncoding or contentMediaType is present (#​10411) (22adad3), closes #​9278

Features

• oas31: display file upload input when contentMediaType or contentEncoding keywords are present (#​10412) (2696730), closes #​9278

v5.20.8: Swagger UI v5.20.8 Released!

Compare Source

Bug Fixes

• docker: address multiple HIGH security vulnerabilities (#​10410) (6e0cc0e)

v5.20.7: Swagger UI v5.20.7 Released!

Compare Source

Bug Fixes

• style: prevent operationId from wrapping when space is available (#​10259) (da5935e)

v5.20.6: Swagger UI v5.20.6 Released!

Compare Source

Bug Fixes

• json-schema-2020-12-samples: use zero as default example value for int32 and int64 (#​10230) (7c346e7)
• json-schema-2020-12: use consistent comparison operators for displaying min/max constraints (#​10159) (d9c778e)

v5.20.5: Swagger UI v5.20.5 Released!

Compare Source

Bug Fixes

• utils: fix error messages for range validation of number parameters (#​10344) (a78278e)

v5.20.4: Swagger UI v5.20.4 Released!

Compare Source

Bug Fixes

• json-schema-2020-12-samples: fix examples for nullable primitive types defined as list of types (#​10390) (d375f50)

v5.20.3: Swagger UI v5.20.3 Released!

Compare Source

Bug Fixes

• json-schema-2020-12: avoid accessing properties of null schemas (#​10397) (d2fff7c)

v5.20.2: Swagger UI v5.20.2 Released!

Compare Source

Bug Fixes

• fix definition resolving being affected by the order of schemas (#​10386) (28f77cb), closes #​10096

v5.20.1: Swagger UI v5.20.1 Released!

Compare Source

Bug Fixes

• docker: fix security issues CVE-2024-56171, CVE-2025-24928 (#​10351) (3dc2cd6)
• security: fix CVE-2025-27152 in Axios comming from SwaggerClient/ApiDOM (swagger-client@3.34.2)

v5.20.0: Swagger UI v5.20.0 Released!

Compare Source

Bug Fixes

• docker: add OpenContainer labels
• json-schema-5: fix JumpToPath feature for schemas, closes swagger-api/swagger-editor#4035
• fix JumpToPath feature for auth methods
• display the correct name of security methods
• fix console errors appearing when security scheme is not defined
• components: render examples only when their shape is correct
• swagger-client: allow resolving URLs without extensions, closes swagger-api/apidom#4298
• css: fix css sourcemaps
• security: update axios to address CVE-2024-39338
• swagger-client: do not encode server variables, closes swagger-api/swagger-js#3656
• security: fix unsafe cookie serialization, addresses CVE-2024-47764, GHSA-pxg6-pf52-xh8x
• spec: compensate if OpenAPI.paths field is defined as unexpected structure
• json-schema-2020-12: check for schema type before extracting extension keywords, closes swagger-ui/issues#9376
• json-schema-2020-12: fix rendering of uniqueItems keyword
• json-schema-2020-12: fix overrides of JSON Schema extension keywords
• spec: clear JSON state when loading a new definition
• oas31: fix caching of JSON Schema 2020-12 context
• json-schema-2020-12: fix default expansion being applied to components after initial render
• json-schema-2020-12: fix complex schemas expanding beyond the default expansion depth
• json-schema-2020-12: fix deep expansion not expanding some of the keywords
• oas31: fix expansion of Schema Object fixed fields

Features

• swagger-ui-react: add support for initialState prop
• add horizontal scrollbar for schemas, refs swagger-api/swagger-ui#8940
• display schema of complex parameters
• display schema of complex request body properties
• json-schema-2020-12: allow to use fn outside of React context
• oas31: display schema of complex parameters with union type
• oas31: display schema of complex request body properties with union type
• oas31: display textarea for parameters with complex union type
• json-schema-2020-12: allow to use getTitle outside of JSON Schema 2020-12 context
• json-schema-2020-12: introduce system bound HOC
• json-schema-2020-12: add support for rendering extension keywords, closes swagger-ui/issues#9376
• json-schema-2020-12: add support for rendering examples keyword
• json-schema-2020-12: use JSON Viewer to display keywords with complex values
• json-schema-2020-12: handle empty objects and arrays in JSONViewer
• oas3: more support for OpenAPI 3.0.4
• introduce custom URL sanitization mechanism
• apply additional fixes for custom URL sanitization mechanism
• oas31: add support for OpenAPI extensions
• json-schema-2020-12: respect showExtensions config option

---

Attributions (alphabetical order)

@​char0n
@​glowcloud
@​robert-hebel-sb

v5.19.0: Swagger UI v5.19.0 Released!

Compare Source

Features

• add support for OpenAPI 3.0.4 (#​10247) (d437474)

v5.18.3: Swagger UI v5.18.3 Released!

Compare Source

Enhancements

• docker: document new SwaggerUI docker registry usage (#​10260) (9d6fdb2)

---

SwaggerUI Docker image is now served under the new authoritative registry URL:

Before:

$ docker pull swaggerapi/swagger-ui

Now:

$ docker pull docker.swagger.io/swaggerapi/swagger-ui

v5.18.2: Swagger UI v5.18.2 Released!

Compare Source

Bug Fixes

• update Scarf.js to v1.4.0 to avoid breaking Vitest (#​10204) (adc1c3c), closes #​10197

v5.18.1: Swagger UI v5.18.1 Released!

Compare Source

Bug Fixes

• docker: return explicit Node.js installation (#​10198) (3e3dfc6), closes #​10195

v5.18.0: Swagger UI v5.18.0 Released!

Compare Source

Features

• analytics: use Scarf.js to provide anonymized installation analytics (#​10194) (fb55b9c)

---

Anonymized analytics

SwaggerUI uses Scarf to collect anonymized installation analytics. These analytics help support the maintainers of this library and ONLY run during installation. To opt out, you can set the scarfSettings.enabled field to false in your project's package.json:

// package.json
{
  // ...
  "scarfSettings": {
    "enabled": false
  }
  // ...
}

Alternatively, you can set the environment variable SCARF_ANALYTICS to false as part of the environment that installs your npm packages, e.g., SCARF_ANALYTICS=false npm install.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud