Scalar Mock Server release notes
0.12.0 (2026-06-22)
Mock AsyncAPI documents and validate all parameter styles
The mock server can now generate event-driven APIs from AsyncAPI 3.1 documents, serving channels over WebSocket and Server-Sent Events. Request validation has been extended to cover header and cookie parameters, and all OpenAPI serialization styles are now deserialized before validation.
- AsyncAPI 3.1 documents are mocked through a new createAsyncApiMockServer function that serves channels over WebSocket and SSE.
- Messages are generated from payload schemas using the same generator as REST endpoints, and custom transports can be added through an extension point.
- The Docker mock server auto-detects AsyncAPI documents and starts the event-driven engine automatically.
- Header and cookie parameters are validated against their schemas, with case-insensitive header matching and spec-compliant filtering of Accept, Content-Type, and Authorization.
- Array and object parameters are deserialized by their OpenAPI style (form, simple, deepObject, label, matrix, and delimiter styles) before validation, so complex query strings and path segments validate correctly.
0.11.1 (2026-06-17)
Smarter response selection and format fixes
This release improves how the mock server chooses which response to return when your API defines multiple status codes, and fixes edge cases with line-delimited JSON formats and array responses.
- The mock server now prefers 2xx success responses over error codes when no specific status is requested, making default mocks more realistic
- JSONL and NDJSON responses are now correctly formatted as single-line records instead of pretty-printed JSON
- Singular examples are automatically wrapped in arrays when the response schema expects an array
0.11.0 (2026-06-11)
Request validation and improved authentication
The mock server now validates incoming requests against your OpenAPI schema by default, returning detailed contract violations instead of mock responses when parameters or bodies do not match. Authentication evaluation has been corrected to follow the OpenAPI specification.
- Request validation is now on by default—path, query parameters, and JSON bodies are checked against the schema, returning 422 with violation details when they do not match
- Use the Prefer header to control mock responses: code=404 picks a specific status, example=bob selects a named example from the examples map
- Authentication now evaluates security requirements as OR-of-ANDs, inherits document-level security when operations define none, and validates credential shape for Basic and Bearer tokens
- Set validateRequest: false to restore previous behavior and always return mock responses
0.10.17 (2026-06-08)
Improved OpenAPI reference resolution performance
The mock server now resolves OpenAPI $ref nodes on demand instead of processing the entire document upfront, improving startup time and memory usage for large specifications.
- References are now resolved lazily only when needed for generating responses
- Nested references (like a Planet referencing a User) now resolve correctly in examples
- Broken references are handled gracefully without failing document processing
0.10.2 (2026-04-21)
OAuth refresh endpoints in mock authentication routes
Mock Server now generates authentication routes for OAuth refreshUrl endpoints defined in your OpenAPI security schemes.
0.10.0 (2026-04-15)
Random data generation for mock responses
Mock Server can now generate random but schema-aware data for responses, making local testing feel closer to real API behavior.