fix(deps): update scalar monorepo to v1.59.2

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
@scalar/api-reference (source)	1.44.26 → 1.59.2

---

Release Notes

scalar/scalar (@​scalar/api-reference)

v1.59.2

Patch Changes

• #​9471: Restore support for the deprecated source install command on x-scalar-sdk-installation. When set, it is appended to description as a fenced code block (or used on its own when there is no description). description remains the promoted field.

v1.59.1

Patch Changes

• #​9462: fix(api-reference): align examples panel and disable sticky when narrow

v1.59.0

Minor Changes

• #​9435: feat(api-reference): render AsyncAPI channel parameters

  Channel address parameters (the {param} placeholders in a channel address) are now shown in the API reference, reusing the same parameter list component as OpenAPI operations. Their enum, default, and examples are displayed on a string schema.

• #​9438: feat(api-reference): add an AsyncAPI server selector

  Adds a server selector for AsyncAPI documents in the API reference introduction. It mirrors the OpenAPI server selector but works with the AsyncAPI server shape (a named map of host/protocol/pathname), labelling each server with its constructed connection URL.

  Server selection and variable changes are now persisted to the workspace store via new asyncapi-server:update:selected and asyncapi-server:update:variables events and their mutators, mirroring the OpenAPI wiring.

• #​9422: Add a nonce option for Content Security Policy support.

  When you pass a nonce, the rendered HTML stamps it onto the inline <script> and the CDN <script> tag (and Scalar's own <style> tags, plus a matching <meta property="csp-nonce">). This lets the API Reference run under a strict script-src with no unsafe-inline and no unsafe-eval.

  ApiReference({
    url: '/openapi.json',
    // Match this value in your `script-src` CSP directive.
    nonce: 'r4nd0m',
  })

  Note: style-src still needs 'unsafe-inline'. The reference renders inline style="…" attributes, which a CSP nonce can never authorize (nonces only apply to <script>, <style> and <link> elements), so a nonce-only style-src is not possible. The win is a fully strict script-src.

• #​9400: feat(api-reference): add expandAllSchemaProperties config option.

  When enabled, nested schema properties are expanded by default while keeping the
  "Show/Hide Child Attributes" button available for manual collapsing. Expansion
  is cycle-safe: every finite branch is expanded fully, and self-referential
  ($ref or inline) schemas stop at the point they would otherwise recurse forever.

• #​9399: Show custom SDK installation instructions from x-scalar-sdk-installation in the introduction card, falling back to the client selector when there are none. Each entry takes a lang and a Markdown description, so a single tab can render rich instructions with syntax-highlighted code blocks (for example Maven and Gradle for Java)

Patch Changes

• #​9388: Add ScalarVirtualCodeBlock component with copy button support for virtualized code blocks

• #​9436: Hide the client selector for AsyncAPI documents

• #​9398: feat: read code samples from x-readme, x-stainless and x-scalar extensions

  In addition to x-codeSamples, the code sample picker now reads custom samples from x-scalar-examples, x-stainless-snippets, x-stainless-examples, and x-readme.code-samples. When more than one is present on an operation, the highest-priority source is used (x-scalar-examples > x-stainless-snippets > x-stainless-examples > x-readme > x-codeSamples).

• #​9426: feat(api-reference): render the contact URL from info.contact.url

• #​8573: fix(api-reference): infer discriminator variants from mapping

• #​9131: fix(api-reference): preserve OAuth redirect URI when switching OpenAPI documents

  When using multiple OpenAPI documents with OAuth configured via oauth2RedirectUri,
  switching to another document no longer clears the Redirect URL in the Authentication
  section.

  The fix threads oauth2RedirectUri from the top-level configuration into the security
  scheme merge chain so that each newly loaded document's OAuth flows are pre-populated
  with the configured redirect URI, rather than relying solely on a component-level watcher
  that would skip re-population when the same OAuth flow identity was detected across
  documents.

• #​9391: fix: stabilize the tab title at the top of the document

  The document-start sentinel and the Introduction section both fire an intersection event at scroll-top. They resolved to different entries, so the tab title raced between the section title and the document title. The sentinel now emits the Introduction entry, so both agree.

• #​9370: fix(api-reference): rework the modern operation layout with CSS grid so the request example sits directly under the description on narrow screens, and move the operation title and auth badge into the same grid

• #​9421: fix(api-reference): avoid SSR hydration mismatch from the search shortcut and teleport ids

  The macOS search shortcut symbol was derived from navigator during render, so a Mac client hydrated ⌘ where the server sent ⌃. The platform is now resolved after mount. Teleport target ids and the search modal ids also switched from nanoid() to Vue's SSR-stable useId().

• #​9392: Clean up the standalone build's injected <head> styles on destroy() so they no longer linger after SPA-style navigation (Turbo Drive, htmx). The styles are re-attached when a new instance mounts.

• #​9420: fix(api-reference): make x-tagGroups titles navigable from search

  Tag group titles appeared as search results but clicking them did nothing,
  because the flattened modern layout rendered no element carrying the tag
  group id to scroll to. The group now exposes its id as a scroll anchor.

v1.58.0

Minor Changes

• #​9372: Render AsyncAPI components.schemas as Models, listed in the sidebar and content just like OpenAPI schemas

• #​7618: feat(api-reference): add setPageTitle to customize the browser tab title

  Pass a setPageTitle function to control the browser tab title. It is called whenever the section in view changes — on sidebar clicks, on scroll, and when switching documents — and receives the section title and the active OpenAPI document:

  setPageTitle: ({ title, document }) => `${document.title} – ${title}`

Patch Changes

• #​9348: Render AsyncAPI channels as sections in the content area, with the channel address as the heading and the channel description below. Channels are grouped under tags when the navigation tree groups them. Operations and messages are not rendered yet.

• #​9255: Surface the Introduction entry and any headings extracted from info.description of AsyncAPI documents in the sidebar, mirroring how OpenAPI documents are handled.

• #​9347: Surface AsyncAPI info.description headings in the search modal, mirroring the sidebar behaviour. AsyncAPI channels, operations, and messages are not indexed yet.

• #​9350: feat(api-reference): list Ask AI and MCP Servers as Scalar Docs features in the Deploy popover

• #​9310: Add an ESM standalone build (dist/browser/standalone.esm.js) alongside the existing UMD bundle. The new bundle works as a side-effect script (registers window.Scalar.createApiReference and reads data-* configuration) and exports createApiReference for direct ESM consumers. It is fully minified through Rolldown's native minifier and uses code splitting so heavy features load asynchronously after first paint:

  • The API client modal (request editor, response viewer, CodeMirror) is now await import'd inside onMounted instead of statically imported, moving ~265 KB into a chunks/modal-*.js chunk that loads in the background.
  • The Agent Scalar chat interface (already wrapped in defineAsyncComponent) becomes a real chunks/AgentScalarChatInterface-*.js chunk (~200 KB), loaded only when the agent is enabled.
  • The 84 per-icon dynamic imports from @scalar/icons/library are coalesced into a single chunks/icons-*.js.

  Net effect: initial sync load drops from ~3.32 MB (UMD) to ~2.73 MB (ESM) — a ~570 KB improvement — while total bundle size shrinks by ~140 KB.

  Also adds an @scalar/api-client/modal/map-hidden-clients-config deep export so consumers that only need the lightweight client-list helper don't pull the full modal barrel into their static graph.

• #​9139: fix(api-reference): preserve OAuth redirect URL when switching between OpenAPI documents

  Auth changes were being persisted under the wrong document slug and shared a single debounce queue across all documents. When switching documents quickly, the pending save for the first document could be overwritten or dropped by a save for the second document, causing the redirect URL (and other auth secrets) to appear cleared after switching back.

  The fix uses event.documentName as both the debounce key and the storage key, giving each document its own independent debounce queue.

• #​9194: fix(api-reference): break cycles in mergeAllOfSchemas for self-referencing schemas (whether they $ref back to themselves through array items or through a plain object property), which previously crashed the docs preview with "too much recursion"

• #​9309: feat: add modelsSectionLabel configuration ('Models' | 'Schemas' | string) to use OpenAPI-style Schemas terminology in the sidebar, content, and search.

v1.57.5

Patch Changes

• #​9318: fix: restore response content type selector when expandAllResponses is enabled

  Move the content type picker after the disclosure panel so it stacks above expanded response content and remains clickable when expandAllResponses is true.

v1.57.4

v1.57.3

Patch Changes

• #​9169: feat: add customFetch to the api-reference configuration and forward it to the API client so requests (including "Test Request" calls) use the custom fetch — enabling things like credentials: 'include'. The previous fetch option is deprecated and migrated automatically with a console warning.
• #​9273: fix: render null, whitespace-only, and value/externalValue-shaped schema examples correctly

v1.57.2

Patch Changes

• #​9234: fix(api-reference): prevent security badge from shrinking

v1.57.1

v1.57.0

Minor Changes

• #​9211: feat: make WorkspaceDocument an union of OpenApiDocument and AsyncApiDocument

Patch Changes

• #​9211: fix(api-reference): clean up deprecated document listeners on destroy

  createApiReference() registered three document-level listeners
  (scalar:reload-references, scalar:destroy-references,
  scalar:update-references-config) but destroy() only unmounted the
  Vue app — the listeners stayed attached forever. In environments that
  mount and destroy instances repeatedly (notably the Astro integration's
  renderMode="client" with view transitions), each navigation leaked
  three permanent listeners on document.

  Tie the listeners to an AbortController and abort it from destroy()
  so they all come off in one shot.

• #​9211: fix: show "Download AsyncAPI Document" label for AsyncAPI documents

• #​9211: fix: rename the "OAS" version badge to "OpenAPI" and show an "AsyncAPI" badge for AsyncAPI documents

• #​9211: fix(api-client): block invalid request URLs before send and surface buildRequest failures as results

  Request construction now treats a bad merged URL as a first-class failure instead of throwing deep inside helpers. After mergeUrls, resolveRequestFactoryUrl rejects incomplete targets when strict mode applies: relative URLs, an empty server base, or path strings that still contain unresolved {{variable}} placeholders. Callers may set allowMissingRequestServerBase where a full absolute URL is intentionally optional (for example the embedded modal layout in OperationBlock, or API Reference onBeforeRequest hooks that build against the document origin).

  buildRequest returns a Result (ok / err) with stable error codes such as MISSING_REQUEST_SERVER_BASE, INVALID_REQUEST_FACTORY_URL, and BUILD_REQUEST_FAILED for unexpected synchronous failures. Those failures are wrapped with safeRun from @scalar/helpers, which logs to console.error and maps throws to a string message on the result. The API Reference plugin path logs and skips onBeforeRequest when a preview request cannot be built, so user hooks never run against a half-built fetch payload.

  Downstream packages (api-client, api-reference, scalar-app where applicable) unwrap the result, show toasts or logs, and avoid calling sendRequest until the URL is valid.

• #​9211: fix(api-reference): improve search ranking for parameter, request-body, and model field names, including polymorphic (oneOf/anyOf/allOf) schemas

• #​9211: fix: resolve $ref in additionalProperties before rendering schema

• #​9211: chore: use the new schemas

• #​9211: Fix mobile sidebar z-index to ensure it appears above all content when open

• #​9211: Avoid repeating request body schema descriptions above collapsed overflow properties.

• #​9211: feat: add more analytics events

• #​9211: fix: agent scalar warnings

• #​9211: fix(api-reference): lower badge style specificity

• #​9211: fix: posthog stream warning

v1.55.3

Patch Changes

• #​9095: fix(api-reference): use overflow-wrap break-word for tag labels

v1.55.2

Patch Changes

• #​9076: fix(api-reference): improve rendering of virtualized code blocks
• #​9086: feat: code split tailwind CSS to reduce bundle size

v1.55.1

Patch Changes

• #​9023: chore: use homemade slugger

v1.55.0

Minor Changes

• #​9045: feat(api-reference): show an "auth required" / "auth optional" badge next to each operation's path. Requirements are resolved via operation.security ?? document.security; hover reveals the scheme names, types, and any required scopes.

Patch Changes

• #​9045: fix(api-reference): flatten deepObject query parameter display in parameter rendering
• #​9045: fix inline composed schema descriptions in api-reference
• #​9045: fix(api-reference): ignore undefined examples on flattened deepObject parameters
• #​9045: fix: remove extraneous eventBus prop from AgentScalarDrawer to eliminate Vue warning
• #​9043: chore: move test documents to cdn
• #​9045: chore: move scalar version logs

v1.54.0

Minor Changes

• #​8970: feat(api-reference): show an "auth required" / "auth optional" badge next to each operation's path. Requirements are resolved via operation.security ?? document.security; hover reveals the scheme names, types, and any required scopes.

Patch Changes

• #​8963: fix(api-reference): flatten deepObject query parameter display in parameter rendering
• #​8906: fix inline composed schema descriptions in api-reference
• #​8963: fix(api-reference): ignore undefined examples on flattened deepObject parameters
• #​9003: fix: remove extraneous eventBus prop from AgentScalarDrawer to eliminate Vue warning
• #​8987: chore: move scalar version logs

v1.53.1

v1.53.0

Minor Changes

• #​8772: feat: link to model from endpoints

v1.52.6

v1.52.5

v1.52.4

Patch Changes

• #​8884: fix: restore position: fixed on .section-flare so the decorative hero flare stops reserving 100vh of empty space at the top of the documentation (affects the kepler, bluePlanet, and mars themes, which declare height: 100vh on the flare but rely on the framework to position it)
• #​8907: Fix code sample missing body content type update
• #​8925: chore: source vite-plugin-css-injected-by-js from the shared pnpm catalog
• #​8944: feat(api-reference): add anchors and copy link buttons to allOf body parameters

v1.52.3

Patch Changes

• #​8810: refactor: move telemetry to an optional plugin
• #​8911: feat: switch from Request to RequestPayload to support body with GET
• #​8859: refactor api-reference exports and enforce strict Vite entrypoint resolution from package exports

v1.52.2

Patch Changes

• #​8827: chore: removed old client v1 code
• #​8791: fix test requests so exploded array query parameters keep all values instead of collapsing to the last one
• #​8863: chore: updated imports to new api client version
• #​8780: fix: run intersect for the top of the document
• #​8825: chore: moving files around in preparation for the big deletion of client v1
• #​8831: refactor(api-reference): remove search index ts-expect-error by using typed collection access
• #​8784: fix: correctly display schema names

v1.52.1

Patch Changes

• #​8769: feat(themes): add Tailwind v3 transform reset
• #​8767: feat(api-reference): collapse truncated descriptions
• #​8776: fix: hide content type switch when there is no content
• #​8777: fix(api-reference): set example z-index to context layer
• #​8770: fix: generate the response examples by removing the priority order

v1.52.0

Minor Changes

• #​8750: feat: display model name for body section
• #​8695: feat: suport pre/post request scripts

Patch Changes

• #​8431: fix: SSR breaks
• #​8431: fix(api-reference): avoid duplicate app creation during hydration
• #​8747: fix: extract request body from all content types in search index

v1.51.0

Minor Changes

• #​8712: feat: use separate stores for client and shared state on the reference

Patch Changes

• #​8728: fix: correctly merge security schemes with the config security

v1.50.0

Minor Changes

• #​8524: feat: move request logic on the store and generate a request builder
• #​8609: feat: display tag groups for classic layout

Patch Changes

• #​8657: test(api-reference): add regression coverage for hiddenClients source switching
• #​8642: refactor(api-reference): remove openapi-types dependency and align with workspace-store types
• #​8659: fix search indexing to include path-level parameters and response examples for operations
• #​8650: fix: ensure we have a introduction entry on the sidear by default

v1.49.8

Patch Changes

• #​8628: chore: remove unused playgrounds

v1.49.7

Patch Changes

• #​8612: fix: intersection observer for scroll-spy and tall sections

v1.49.6

Patch Changes

• #​8599: fix(api-client): truncate long table tooltip content
• #​8595: fix: deep resolve when generating examples from schema

v1.49.5

Patch Changes

• #​8574: feat: make external urls configurable
• #​8557: feat(api-reference): switch standalone build from terser to OXC minifier for faster builds
• #​8473: fix: request body code samples when switching anyOf or oneOf schemas

v1.49.4

Patch Changes

• #​8513: fix(api-reference): make responsive header rendering SSR-safe
• #​8526: feat: improve filtering of client selector
• #​8571: fix: [ERR_UNKNOWN_FILE_EXTENSION]: Unknown file extension ".css" for
• #​8563: fix: type declarations don't use the full path for imports

v1.49.3

Patch Changes

• #​8529: rewrite declaration aliases in built type files

v1.49.2

Patch Changes

• #​8509: fix: show falsy example values (false, 0) in schema property headings
• #​8514: fix: invalid markup breaks ssr

v1.49.1

Patch Changes

• #​8466: chore: new build pipeline
• #​8479: fix: render schema property examples when values are falsy

v1.49.0

Minor Changes

• #​8409: feat: lazy rendering

Patch Changes

• #​8443: fix hash-prefixed basePath routing
• #​8467: feat(api-reference): improve Ask AI button consistency and a11y
• #​8442: fix object schema descriptions in parameter rendering

Updated Dependencies

• @​scalar/workspace-store@​0.40.2

  • #​8468: fix: ignore response examples when generating navigation

• @​scalar/api-client@​2.38.1

  • #​8468: fix: example extraction, environment navigation and general UI fixes
  • #​8451: fix(api-client): default-close auth when not required

• @​scalar/openapi-parser@​0.25.4

  • #​8448: fix parser validation for unused path parameters

• @​scalar/components@​0.20.9

  • #​8453: refactor: remove @​ts-expect-error from ScalarTextArea

• @​scalar/agent-chat@​0.9.9

• @​scalar/oas-utils@​0.10.8

• @​scalar/sidebar@​0.8.9

v1.48.8

Patch Changes

• #​8425: fix auth default OAuth scope fallback
• #​8416: fix: direct css import breaks build in react, vitepress and others
• #​8417: fix: document not defined in SSR environments

Updated Dependencies

• @​scalar/api-client@​2.38.0

  • #​8444: feat: cache last response for an example
  • #​8424: fix(api-client): persist oauth credentials location
  • #​8428: fix: overflow issues for mac app version
  • #​8447: fix: propagate schema to request body form-data table

• @​scalar/agent-chat@​0.9.8

  • #​8416: fix: direct css import breaks build in react, vitepress and others

• @​scalar/workspace-store@​0.40.1

  • #​8424: feat: export XScalarCredentialsLocation
  • #​8445: fix: generate unique id for models

• @​scalar/oas-utils@​0.10.7

• @​scalar/sidebar@​0.8.8

• @​scalar/components@​0.20.8

v1.48.7

Patch Changes

Updated Dependencies

• @​scalar/workspace-store@​0.40.0

  • #​8426: feat: interact with the original and intermediate documents

• @​scalar/api-client@​2.37.0

  • #​8426: feat: sync with source flow with conflict resolution

• @​scalar/agent-chat@​0.9.7

• @​scalar/oas-utils@​0.10.6

• @​scalar/sidebar@​0.8.7

• @​scalar/components@​0.20.7

v1.48.6

Patch Changes

• #​8414: fix(api-reference): limit height of example response descriptions

Updated Dependencies

• @​scalar/api-client@​2.36.2

  • #​8414: fix(api-client): pass example picker attributes to button component

• @​scalar/components@​0.20.6

  • #​8327: fix: markdown tables with specified width attributes in td/th break the layout

• @​scalar/helpers@​0.4.1

  • #​8420: fix TypeScript access to navigator.userAgentData in isMacOS without ts-expect-error

• @​scalar/agent-chat@​0.9.6

• @​scalar/sidebar@​0.8.6

• @​scalar/oas-utils@​0.10.5

• @​scalar/openapi-parser@​0.25.3

• @​scalar/types@​0.7.3

• @​scalar/workspace-store@​0.39.2

• @​scalar/snippetz@​0.7.4

v1.48.5

Patch Changes

• #​8406: feat: x-order
• #​8097: fix: lazy load compositions
• #​8380: feat(api-reference): render <a> HTML tag for documentDownloadType: direct

Updated Dependencies

• @​scalar/workspace-store@​0.39.1

  • #​8393: fix: correctly update active tab on tab close event
  • #​8403: Persist auth url and token url in local storage

• @​scalar/api-client@​2.36.1

  • #​8403: Persist auth url and token url in local storage
  • #​8402: Fix raw binary request bodies so uploaded files are sent correctly and code samples show file references.
  • #​8398: fix code snippet HAR request URL generation to URL-encode substituted path parameter values, matching request sending behavior.
  • #​8386: feat: app drag region for macos
  • #​8408: Use the secret oauth urls before the default flow urls
  • #​8407: Fix conditional rendering for token URL

• @​scalar/snippetz@​0.7.3

  • #​8404: Preserve duplicate query parameters in generated code snippets. php/guzzle: preserve duplicate query parameters as arrays.

• @​scalar/sidebar@​0.8.5

  • #​8386: feat: add spacer slot to sidebar

• @​scalar/agent-chat@​0.9.5

• @​scalar/oas-utils@​0.10.4

• @​scalar/components@​0.20.5

v1.48.4

Patch Changes

Updated Dependencies

• @​scalar/api-client@​2.36.0

  • #​8396: feat: preselect correct authentication for document and operation
  • #​8394: chore: rollback export document button

• @​scalar/agent-chat@​0.9.4

v1.48.2

Patch Changes

• #​8381: feat: add mcp config support
• #​8375: feat(api-reference): export lazy bus queue helper
• #​8370: fix: hide the authentication panel when test requests are disabled

Updated Dependencies

• @​scalar/types@​0.7.1

  • #​8381: feat: add mcp config support

• @​scalar/agent-chat@​0.9.2

• @​scalar/api-client@​2.34.1

• @​scalar/oas-utils@​0.10.2

• @​scalar/openapi-parser@​0.25.1

• @​scalar/snippetz@​0.7.1

• @​scalar/workspace-store@​0.38.1

• @​scalar/components@​0.20.3

• @​scalar/sidebar@​0.8.3

v1.48.1

Patch Changes

• #​8288: fix: add consistent border to schema composition components
• #​8348: fix(api-reference): bump dev tools z index for themes
• #​8366: fix(components): clean up search components and add snapshots

Updated Dependencies

• @​scalar/workspace-store@​0.38.0

  • #​8347: chore: export server workspace type
  • #​8365: feat: store oauth flow refresh tokens on the auth store

• @​scalar/api-client@​2.34.0

  • #​8365: feat: store oauth flow refresh tokens on the auth store
  • #​8356: fix: make fallback theme reactive

• @​scalar/components@​0.20.2

  • #​8366: fix(components): clean up search components and add snapshots

• @​scalar/agent-chat@​0.9.1

• @​scalar/oas-utils@​0.10.1

• @​scalar/sidebar@​0.8.2

• @​scalar/openapi-parser@​0.25.1

v1.48.0

Minor Changes

• #​8266: support operation level authentication and servers

Patch Changes

Updated Dependencies

• @​scalar/agent-chat@​0.9.0

  • #​8345: feat: remove tmp document on fail
  • #​8266: support operation level authentication and servers

• @​scalar/workspace-store@​0.37.0

  • #​8266: support operation level authentication and servers

• @​scalar/api-client@​2.33.0

  • #​8266: support operation level authentication and servers

• @​scalar/oas-utils@​0.10.0

  • #​8266: support operation level authentication and servers

• @​scalar/sidebar@​0.8.1

• @​scalar/components@​0.20.1

v1.47.0

Minor Changes

• #​8322: chore: bump required node version to >=22 (LTS)

Patch Changes

• #​8340: fix: delay when clicking "show more" button
• #​8340: refactor(api-reference): update AgentScalarDrawer
• #​8340: chore: enable perf logs only for dev environment

Updated Dependencies

• @​scalar/workspace-store@​0.36.0

  • #​8340: feat: support navigation options on server store
  • #​8322: chore: bump required node version to >=22 (LTS)
  • #​8340: chore: disable perf logs by default

• @​scalar/code-highlight@​0.3.0

  • #​8322: chore: bump required node version to >=22 (LTS)

• @​scalar/openapi-parser@​0.25.0

  • #​8322: chore: bump required node version to >=22 (LTS)

• @​scalar/openapi-types@​0.6.0

  • #​8322: chore: bump required node version to >=22 (LTS)

• @​scalar/agent-chat@​0.8.0

  • #​8322: chore: bump required node version to >=22 (LTS)

• @​scalar/api-client@​2.32.0

  • #​8322: chore: bump required node version to >=22 (LTS)

• @​scalar/components@​0.20.0

  • #​8322: chore: bump required node version to >=22 (LTS)

• @​scalar/use-toasts@​0.10.0

  • #​8322: chore: bump required node version to >=22 (LTS)

• @​scalar/oas-utils@​0.9.0

  • #​8322: chore: bump required node version to >=22 (LTS)

• @​scalar/use-hooks@​0.4.0

  • #​8322: chore: bump required node version to >=22 (LTS)

• @​scalar/snippetz@​0.7.0

  • #​8322: chore: bump required node version to >=22 (LTS)

• @​scalar/helpers@​0.3.0

  • #​8322: chore: bump required node version to >=22 (LTS)

• @​scalar/sidebar@​0.8.0

  • #​8322: chore: bump required node version to >=22 (LTS)

• @​scalar/themes@​0.15.0

  • #​8322: chore: bump required node version to >=22 (LTS)

• @​scalar/icons@​0.6.0

  • #​8322: chore: bump required node version to >=22 (LTS)

• @​scalar/types@​0.7.0

  • #​8322: chore: bump required node version to >=22 (LTS)

v1.46.4

Patch Changes

• #​8330: fix: use ref name only as a fallback

v1.46.3

Patch Changes

• #​8298: feat(api-reference): show explicit no-content response tabs for defined response keys
• #​8313: chore: resolve schemas on demand

Updated Dependencies

• @​scalar/openapi-types@​0.5.4

  • #​8275: fix(openapi-types): make the $ref property in the ReferenceObject type required

• @​scalar/components@​0.19.15

  • #​8319: fix(components): fix adjust sidebar section line height

• @​scalar/oas-utils@​0.8.3

  • #​8314: chore: limit concurrent operations while migrating workspaces

• @​scalar/helpers@​0.2.18

  • #​8314: chore: limit concurrent operations while migrating workspaces

• @​scalar/api-client@​2.31.3

  • #​8313: fix: correctly cache schema examples
  • #​8254: fix: resolve OAuth2 URLs against interpolated server URL

• @​scalar/agent-chat@​0.7.3

• @​scalar/openapi-parser@​0.24.17

• @​scalar/sidebar@​0.7.46

• @​scalar/workspace-store@​0.35.3

• @​scalar/types@​0.6.10

• @​scalar/snippetz@​0.6.19

v1.46.2

Patch Changes

Updated Dependencies

• @​scalar/themes@​0.14.3

  • #​8315: feat(theme): standardize tailwind line height behavior

• @​scalar/agent-chat@​0.7.2

• @​scalar/api-client@​2.31.2

• @​scalar/code-highlight@​0.2.4

• @​scalar/components@​0.19.14

• @​scalar/oas-utils@​0.8.2

• @​scalar/sidebar@​0.7.45

v1.46.1

Patch Changes

• #​8294: default createAnySecurityScheme to false and fix index clamp issue

Updated Dependencies

• @​scalar/workspace-store@​0.35.2

  • #​8310: refactor: move helpers to the helpers package to share primitive helpers
  • #​8294: default createAnySecurityScheme to false and fix index clamp issue
  • #​8287: consider path-level parameters in syncPathParameters instead of creating bare synthetic ones

• @​scalar/api-client@​2.31.1

  • #​8310: refactor: move helpers to the helpers package to share primitive helpers
  • #​8294: default createAnySecurityScheme to false and fix index clamp issue

• @​scalar/helpers@​0.2.17

  • #​8310: refactor: move helpers to the helpers package to share primitive helpers

• @​scalar/oas-utils@​0.8.1

  • #​8310: fix: correctly handle circular documents during the migration to indexdb

• @​scalar/agent-chat@​0.7.1

• @​scalar/sidebar@​0.7.44

• @​scalar/components@​0.19.13

• @​scalar/openapi-parser@​0.24.16

• @​scalar/types@​0.6.9

• @​scalar/snippetz@​0.6.18

v1.46.0

Minor Changes

• #​8290: chore: update deps

Patch Changes

• #​8283: fix: scrollToLazy can not find id when the browser is busy

Updated Dependencies

• @​scalar/agent-chat@​0.7.0

  • #​8290: chore: update deps

• @​scalar/api-client@​2.31.0

  • #​8290: chore: update deps

• @​scalar/oas-utils@​0.8.0

  • #​8290: chore: update deps

• @​scalar/components@​0.19.12

  • #​8290: chore: update deps

• @​scalar/themes@​0.14.2

  • #​8290: chore: update deps

• @​scalar/workspace-store@​0.35.1

  • #​8290: chore: update deps

• @​scalar/sidebar@​0.7.43

• @​scalar/code-highlight@​0.2.4

v1.44.27

Patch Changes

• #​8274: feat(agen

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At 12:00 AM through 04:59 AM and 10:00 PM through 11:59 PM, Monday through Friday (* 0-4,22-23 * * 1-5)
  • Only on Sunday and Saturday (* * * * 0,6)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​scalar/​api-reference@​1.44.26 ⏵ 1.59.2	+1			+1

View full report

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert  (click "▶" to expand/collapse)
Warn		Obfuscated code: npm @scalar/code-highlight is 91.0% likely obfuscated Confidence: 0.91 Location: Package overview From: ? → npm/@scalar/api-reference@1.59.2 → npm/@scalar/code-highlight@0.3.5 ℹ Read more on: This package | This alert | What is obfuscated code? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/@scalar/code-highlight@0.3.5. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report