Fix prompt default value

Cap max height on template function dialog
Fix prompt
2026-02-16 07:37:48 +01:00 · 2025-11-19 10:10:13 -08:00 · 2025-11-19 09:39:43 -08:00 · 2025-11-19 09:21:59 -08:00 · 2025-11-19 09:15:50 -08:00 · 2025-11-18 13:30:37 -08:00
276 changed files with 9746 additions and 4772 deletions
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -54,15 +54,24 @@ jobs:
          key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
          restore-keys: ${{ runner.os }}-cargo-

-      - name: install dependencies (ubuntu only)
+      - name: install dependencies (Linux only)
        if: matrix.platform == 'ubuntu-22.04' # This must match the platform value defined above.
        run: |
          sudo apt-get update
          sudo apt-get install -y libwebkit2gtk-4.1-dev libappindicator3-dev librsvg2-dev patchelf

-      - name: install dependencies (windows only)
+      - name: Install trusted-signing-cli (Windows only)
        if: matrix.platform == 'windows-latest'
-        run: cargo install --force trusted-signing-cli
+        shell: pwsh
+        run: |
+          $ErrorActionPreference = 'Stop'
+          $dir = "$env:USERPROFILE\trusted-signing"
+          New-Item -ItemType Directory -Force -Path $dir | Out-Null
+          $url = "https://github.com/Levminer/trusted-signing-cli/releases/download/0.8.0/trusted-signing-cli.exe"
+          $exe = Join-Path $dir "trusted-signing-cli.exe"
+          Invoke-WebRequest -Uri $url -OutFile $exe
+          echo $dir >> $env:GITHUB_PATH
+          & $exe --version

      - name: Install NPM Dependencies
        run: npm ci
--- a/DEVELOPMENT.md
+++ b/DEVELOPMENT.md
@@ -54,7 +54,7 @@ Rerun the app to apply the migrations.

 _Note: For safety, development builds use a separate database location from production builds._

-## Lezer Grammer Generation
+## Lezer Grammar Generation

 ```sh
 # Example
--- a/README.md
+++ b/README.md
@@ -22,7 +22,7 @@
  <!-- sponsors-premium --><a href="https://github.com/MVST-Solutions"><img src="https:&#x2F;&#x2F;github.com&#x2F;MVST-Solutions.png" width="80px" alt="User avatar: MVST-Solutions" /></a>&nbsp;&nbsp;<a href="https://github.com/dharsanb"><img src="https:&#x2F;&#x2F;github.com&#x2F;dharsanb.png" width="80px" alt="User avatar: dharsanb" /></a>&nbsp;&nbsp;<a href="https://github.com/railwayapp"><img src="https:&#x2F;&#x2F;github.com&#x2F;railwayapp.png" width="80px" alt="User avatar: railwayapp" /></a>&nbsp;&nbsp;<a href="https://github.com/caseyamcl"><img src="https:&#x2F;&#x2F;github.com&#x2F;caseyamcl.png" width="80px" alt="User avatar: caseyamcl" /></a>&nbsp;&nbsp;<a href="https://github.com/andriyor"><img src="https:&#x2F;&#x2F;github.com&#x2F;andriyor.png" width="80px" alt="User avatar: andriyor" /></a>&nbsp;&nbsp;<a href="https://github.com/"><img src="https:&#x2F;&#x2F;raw.githubusercontent.com&#x2F;JamesIves&#x2F;github-sponsors-readme-action&#x2F;dev&#x2F;.github&#x2F;assets&#x2F;placeholder.png" width="80px" alt="User avatar: " /></a>&nbsp;&nbsp;<!-- sponsors-premium -->
 </p>
 <p align="center">
-  <!-- sponsors-base --><a href="https://github.com/seanwash"><img src="https:&#x2F;&#x2F;github.com&#x2F;seanwash.png" width="50px" alt="User avatar: seanwash" /></a>&nbsp;&nbsp;<a href="https://github.com/jerath"><img src="https:&#x2F;&#x2F;github.com&#x2F;jerath.png" width="50px" alt="User avatar: jerath" /></a>&nbsp;&nbsp;<a href="https://github.com/itsa-sh"><img src="https:&#x2F;&#x2F;github.com&#x2F;itsa-sh.png" width="50px" alt="User avatar: itsa-sh" /></a>&nbsp;&nbsp;<a href="https://github.com/dmmulroy"><img src="https:&#x2F;&#x2F;github.com&#x2F;dmmulroy.png" width="50px" alt="User avatar: dmmulroy" /></a>&nbsp;&nbsp;<a href="https://github.com/timcole"><img src="https:&#x2F;&#x2F;github.com&#x2F;timcole.png" width="50px" alt="User avatar: timcole" /></a>&nbsp;&nbsp;<a href="https://github.com/VLZH"><img src="https:&#x2F;&#x2F;github.com&#x2F;VLZH.png" width="50px" alt="User avatar: VLZH" /></a>&nbsp;&nbsp;<a href="https://github.com/terasaka2k"><img src="https:&#x2F;&#x2F;github.com&#x2F;terasaka2k.png" width="50px" alt="User avatar: terasaka2k" /></a>&nbsp;&nbsp;<a href="https://github.com/majudhu"><img src="https:&#x2F;&#x2F;github.com&#x2F;majudhu.png" width="50px" alt="User avatar: majudhu" /></a>&nbsp;&nbsp;<a href="https://github.com/axelrindle"><img src="https:&#x2F;&#x2F;github.com&#x2F;axelrindle.png" width="50px" alt="User avatar: axelrindle" /></a>&nbsp;&nbsp;<!-- sponsors-base -->
+  <!-- sponsors-base --><a href="https://github.com/seanwash"><img src="https:&#x2F;&#x2F;github.com&#x2F;seanwash.png" width="50px" alt="User avatar: seanwash" /></a>&nbsp;&nbsp;<a href="https://github.com/jerath"><img src="https:&#x2F;&#x2F;github.com&#x2F;jerath.png" width="50px" alt="User avatar: jerath" /></a>&nbsp;&nbsp;<a href="https://github.com/itsa-sh"><img src="https:&#x2F;&#x2F;github.com&#x2F;itsa-sh.png" width="50px" alt="User avatar: itsa-sh" /></a>&nbsp;&nbsp;<a href="https://github.com/dmmulroy"><img src="https:&#x2F;&#x2F;github.com&#x2F;dmmulroy.png" width="50px" alt="User avatar: dmmulroy" /></a>&nbsp;&nbsp;<a href="https://github.com/timcole"><img src="https:&#x2F;&#x2F;github.com&#x2F;timcole.png" width="50px" alt="User avatar: timcole" /></a>&nbsp;&nbsp;<a href="https://github.com/VLZH"><img src="https:&#x2F;&#x2F;github.com&#x2F;VLZH.png" width="50px" alt="User avatar: VLZH" /></a>&nbsp;&nbsp;<a href="https://github.com/terasaka2k"><img src="https:&#x2F;&#x2F;github.com&#x2F;terasaka2k.png" width="50px" alt="User avatar: terasaka2k" /></a>&nbsp;&nbsp;<a href="https://github.com/majudhu"><img src="https:&#x2F;&#x2F;github.com&#x2F;majudhu.png" width="50px" alt="User avatar: majudhu" /></a>&nbsp;&nbsp;<a href="https://github.com/axelrindle"><img src="https:&#x2F;&#x2F;github.com&#x2F;axelrindle.png" width="50px" alt="User avatar: axelrindle" /></a>&nbsp;&nbsp;<a href="https://github.com/jirizverina"><img src="https:&#x2F;&#x2F;github.com&#x2F;jirizverina.png" width="50px" alt="User avatar: jirizverina" /></a>&nbsp;&nbsp;<a href="https://github.com/chip-well"><img src="https:&#x2F;&#x2F;github.com&#x2F;chip-well.png" width="50px" alt="User avatar: chip-well" /></a>&nbsp;&nbsp;<!-- sponsors-base -->
 </p>

 ![Yaak API Client](https://yaak.app/static/screenshot.png)
--- a/package-lock.json
+++ b/package-lock.json
@@ -18,7 +18,9 @@
        "plugins/auth-basic",
        "plugins/auth-bearer",
        "plugins/auth-jwt",
+        "plugins/auth-ntlm",
        "plugins/auth-oauth2",
+        "plugins/auth-oauth1",
        "plugins/filter-jsonpath",
        "plugins/filter-xpath",
        "plugins/importer-curl",
@@ -28,11 +30,13 @@
        "plugins/importer-postman-environment",
        "plugins/importer-yaak",
        "plugins/template-function-cookie",
+        "plugins/template-function-ctx",
        "plugins/template-function-encode",
        "plugins/template-function-fs",
        "plugins/template-function-hash",
        "plugins/template-function-json",
        "plugins/template-function-prompt",
+        "plugins/template-function-random",
        "plugins/template-function-regex",
        "plugins/template-function-request",
        "plugins/template-function-response",
@@ -110,7 +114,6 @@
      "version": "7.27.1",
      "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz",
      "integrity": "sha512-cjQ7ZlQ0Mv3b47hABuTevyTuYN4i+loJKGeV9flcCgIK37cCXRh+L1bd3iBHlynerhQ7BhCkn2BPbQUL+rGqFg==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "@babel/helper-validator-identifier": "^7.27.1",
@@ -399,7 +402,6 @@
      "version": "7.27.1",
      "resolved": "https://registry.npmjs.org/@babel/helper-validator-identifier/-/helper-validator-identifier-7.27.1.tgz",
      "integrity": "sha512-D2hP9eA+Sqx1kBZgzxZh0y1trbuU+JoDkiEwqhQ36nodYqJwyEIhPSdMNd7lOm/4io72luTPWH20Yda0xOuUow==",
-      "dev": true,
      "license": "MIT",
      "engines": {
        "node": ">=6.9.0"
@@ -1925,7 +1927,6 @@
      "version": "2.1.5",
      "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz",
      "integrity": "sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "@nodelib/fs.stat": "2.0.5",
@@ -1939,7 +1940,6 @@
      "version": "2.0.5",
      "resolved": "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz",
      "integrity": "sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A==",
-      "dev": true,
      "license": "MIT",
      "engines": {
        "node": ">= 8"
@@ -1949,7 +1949,6 @@
      "version": "1.2.8",
      "resolved": "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz",
      "integrity": "sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "@nodelib/fs.scandir": "2.1.5",
@@ -1970,6 +1969,142 @@
        "node": ">=14"
      }
    },
+    "node_modules/@prantlf/jsonlint": {
+      "version": "16.0.0",
+      "resolved": "https://registry.npmjs.org/@prantlf/jsonlint/-/jsonlint-16.0.0.tgz",
+      "integrity": "sha512-L0jFtcsBRJZOr4T6sbePb1R6XYF6Nofj6kmEAxqTKCHEr50uvyxBFnB1UKaehWaMhHnvtyqWfTR5Go25RywXIQ==",
+      "license": "MIT",
+      "dependencies": {
+        "ajv": "8.17.1",
+        "ajv-draft-04": "1.0.0",
+        "cosmiconfig": "9.0.0",
+        "diff": "5.2.0",
+        "fast-glob": "3.3.2"
+      },
+      "bin": {
+        "jsonlint": "lib/cli.js"
+      },
+      "engines": {
+        "node": ">=16.9"
+      }
+    },
+    "node_modules/@prantlf/jsonlint/node_modules/ajv": {
+      "version": "8.17.1",
+      "resolved": "https://registry.npmjs.org/ajv/-/ajv-8.17.1.tgz",
+      "integrity": "sha512-B/gBuNg5SiMTrPkC+A2+cW0RszwxYmn6VYxB/inlBStS5nx6xHIt/ehKRhIMhqusl7a8LjQoZnjCs5vhwxOQ1g==",
+      "license": "MIT",
+      "dependencies": {
+        "fast-deep-equal": "^3.1.3",
+        "fast-uri": "^3.0.1",
+        "json-schema-traverse": "^1.0.0",
+        "require-from-string": "^2.0.2"
+      },
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/epoberezkin"
+      }
+    },
+    "node_modules/@prantlf/jsonlint/node_modules/ajv-draft-04": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/ajv-draft-04/-/ajv-draft-04-1.0.0.tgz",
+      "integrity": "sha512-mv00Te6nmYbRp5DCwclxtt7yV/joXJPGS7nM+97GdxvuttCOfgI3K4U25zboyeX0O+myI8ERluxQe5wljMmVIw==",
+      "license": "MIT",
+      "peerDependencies": {
+        "ajv": "^8.5.0"
+      },
+      "peerDependenciesMeta": {
+        "ajv": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/@prantlf/jsonlint/node_modules/cosmiconfig": {
+      "version": "9.0.0",
+      "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-9.0.0.tgz",
+      "integrity": "sha512-itvL5h8RETACmOTFc4UfIyB2RfEHi71Ax6E/PivVxq9NseKbOWpeyHEOIbmAw1rs8Ak0VursQNww7lf7YtUwzg==",
+      "license": "MIT",
+      "dependencies": {
+        "env-paths": "^2.2.1",
+        "import-fresh": "^3.3.0",
+        "js-yaml": "^4.1.0",
+        "parse-json": "^5.2.0"
+      },
+      "engines": {
+        "node": ">=14"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/d-fischer"
+      },
+      "peerDependencies": {
+        "typescript": ">=4.9.5"
+      },
+      "peerDependenciesMeta": {
+        "typescript": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/@prantlf/jsonlint/node_modules/diff": {
+      "version": "5.2.0",
+      "resolved": "https://registry.npmjs.org/diff/-/diff-5.2.0.tgz",
+      "integrity": "sha512-uIFDxqpRZGZ6ThOk84hEfqWoHx2devRFvpTZcTHur85vImfaxUbTW9Ryh4CpCuDnToOP1CEtXKIgytHBPVff5A==",
+      "license": "BSD-3-Clause",
+      "engines": {
+        "node": ">=0.3.1"
+      }
+    },
+    "node_modules/@prantlf/jsonlint/node_modules/fast-glob": {
+      "version": "3.3.2",
+      "resolved": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.3.2.tgz",
+      "integrity": "sha512-oX2ruAFQwf/Orj8m737Y5adxDQO0LAB7/S5MnxCdTNDd4p6BsyIVsv9JQsATbTSq8KHRpLwIHbVlUNatxd+1Ow==",
+      "license": "MIT",
+      "dependencies": {
+        "@nodelib/fs.stat": "^2.0.2",
+        "@nodelib/fs.walk": "^1.2.3",
+        "glob-parent": "^5.1.2",
+        "merge2": "^1.3.0",
+        "micromatch": "^4.0.4"
+      },
+      "engines": {
+        "node": ">=8.6.0"
+      }
+    },
+    "node_modules/@prantlf/jsonlint/node_modules/glob-parent": {
+      "version": "5.1.2",
+      "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz",
+      "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==",
+      "license": "ISC",
+      "dependencies": {
+        "is-glob": "^4.0.1"
+      },
+      "engines": {
+        "node": ">= 6"
+      }
+    },
+    "node_modules/@prantlf/jsonlint/node_modules/json-schema-traverse": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz",
+      "integrity": "sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug==",
+      "license": "MIT"
+    },
+    "node_modules/@prantlf/jsonlint/node_modules/parse-json": {
+      "version": "5.2.0",
+      "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-5.2.0.tgz",
+      "integrity": "sha512-ayCKvm/phCGxOkYRSCM82iDwct8/EonSEgCSxWxD7ve6jHggsFl4fZVQBPRNgQoKiuV/odhFrGzQXZwbifC8Rg==",
+      "license": "MIT",
+      "dependencies": {
+        "@babel/code-frame": "^7.0.0",
+        "error-ex": "^1.3.1",
+        "json-parse-even-better-errors": "^2.3.0",
+        "lines-and-columns": "^1.1.6"
+      },
+      "engines": {
+        "node": ">=8"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
    "node_modules/@replit/codemirror-emacs": {
      "version": "6.1.0",
      "resolved": "https://registry.npmjs.org/@replit/codemirror-emacs/-/codemirror-emacs-6.1.0.tgz",
@@ -4162,6 +4297,14 @@
      "resolved": "plugins/auth-jwt",
      "link": true
    },
+    "node_modules/@yaak/auth-ntlm": {
+      "resolved": "plugins/auth-ntlm",
+      "link": true
+    },
+    "node_modules/@yaak/auth-oauth1": {
+      "resolved": "plugins/auth-oauth1",
+      "link": true
+    },
    "node_modules/@yaak/auth-oauth2": {
      "resolved": "plugins/auth-oauth2",
      "link": true
@@ -4202,6 +4345,10 @@
      "resolved": "plugins/template-function-cookie",
      "link": true
    },
+    "node_modules/@yaak/template-function-ctx": {
+      "resolved": "plugins/template-function-ctx",
+      "link": true
+    },
    "node_modules/@yaak/template-function-encode": {
      "resolved": "plugins/template-function-encode",
      "link": true
@@ -4222,6 +4369,10 @@
      "resolved": "plugins/template-function-prompt",
      "link": true
    },
+    "node_modules/@yaak/template-function-random": {
+      "resolved": "plugins/template-function-random",
+      "link": true
+    },
    "node_modules/@yaak/template-function-regex": {
      "resolved": "plugins/template-function-regex",
      "link": true
@@ -5101,7 +5252,6 @@
      "version": "3.0.3",
      "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
      "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "fill-range": "^7.1.1"
@@ -5296,7 +5446,6 @@
      "version": "3.1.0",
      "resolved": "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz",
      "integrity": "sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==",
-      "dev": true,
      "license": "MIT",
      "engines": {
        "node": ">=6"
@@ -6627,6 +6776,16 @@
        "node": ">=6"
      }
    },
+    "node_modules/des.js": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/des.js/-/des.js-1.1.0.tgz",
+      "integrity": "sha512-r17GxjhUCjSRy8aiJpr8/UadFIzMzJGexI3Nmz4ADi9LYSFx4gTBp80+NaX/YsXWWLhpZ7v/v/ubEc/bCNfKwg==",
+      "license": "MIT",
+      "dependencies": {
+        "inherits": "^2.0.1",
+        "minimalistic-assert": "^1.0.0"
+      }
+    },
    "node_modules/detect-libc": {
      "version": "2.0.4",
      "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-2.0.4.tgz",
@@ -6841,11 +7000,19 @@
        "url": "https://github.com/fb55/entities?sponsor=1"
      }
    },
+    "node_modules/env-paths": {
+      "version": "2.2.1",
+      "resolved": "https://registry.npmjs.org/env-paths/-/env-paths-2.2.1.tgz",
+      "integrity": "sha512-+h1lkLKhZMTYjog1VEpJNG7NZJWcuc2DDk/qsqSTRRCOXiLjeQ1d1/udrUGhqMxUgAlwKNZ0cf2uqan5GLuS2A==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=6"
+      }
+    },
    "node_modules/error-ex": {
      "version": "1.3.2",
      "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz",
      "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "is-arrayish": "^0.2.1"
@@ -7901,7 +8068,6 @@
      "version": "1.19.1",
      "resolved": "https://registry.npmjs.org/fastq/-/fastq-1.19.1.tgz",
      "integrity": "sha512-GwLTyxkCXjXbxqIhTsMI2Nui8huMPtnxg7krajPJAjnEG/iiOS7i+zCtWGZR9G0NBKbXKh6X9m9UIsYX/N6vvQ==",
-      "dev": true,
      "license": "ISC",
      "dependencies": {
        "reusify": "^1.0.4"
@@ -7957,7 +8123,6 @@
      "version": "7.1.1",
      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
      "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "to-regex-range": "^5.0.1"
@@ -9289,6 +9454,39 @@
      "integrity": "sha512-EC2utToWl4RKfs5zd36Mxq7nzHHBuomZboI0yYL6Y0RmBgT7Sgkq4rQ0ezFTYoIsSs7Tm9SJe+o2FcAg6GBhGA==",
      "license": "MIT"
    },
+    "node_modules/httpntlm": {
+      "version": "1.8.13",
+      "resolved": "https://registry.npmjs.org/httpntlm/-/httpntlm-1.8.13.tgz",
+      "integrity": "sha512-2F2FDPiWT4rewPzNMg3uPhNkP3NExENlUGADRUDPQvuftuUTGW98nLZtGemCIW3G40VhWZYgkIDcQFAwZ3mf2Q==",
+      "funding": [
+        {
+          "type": "paypal",
+          "url": "https://www.paypal.com/donate/?hosted_button_id=2CKNJLZJBW8ZC"
+        },
+        {
+          "type": "buymeacoffee",
+          "url": "https://www.buymeacoffee.com/samdecrock"
+        }
+      ],
+      "dependencies": {
+        "des.js": "^1.0.1",
+        "httpreq": ">=0.4.22",
+        "js-md4": "^0.3.2",
+        "underscore": "~1.12.1"
+      },
+      "engines": {
+        "node": ">=10.4.0"
+      }
+    },
+    "node_modules/httpreq": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/httpreq/-/httpreq-1.1.1.tgz",
+      "integrity": "sha512-uhSZLPPD2VXXOSN8Cni3kIsoFHaU2pT/nySEU/fHr/ePbqHYr0jeiQRmUKLEirC09SFPsdMoA7LU7UXMd/w0Kw==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 6.15.1"
+      }
+    },
    "node_modules/https-proxy-agent": {
      "version": "5.0.1",
      "resolved": "https://registry.npmjs.org/https-proxy-agent/-/https-proxy-agent-5.0.1.tgz",
@@ -9365,7 +9563,6 @@
      "version": "3.3.1",
      "resolved": "https://registry.npmjs.org/import-fresh/-/import-fresh-3.3.1.tgz",
      "integrity": "sha512-TR3KfrTZTYLPB6jUjfx6MF9WcWrHL9su5TObK4ZkYgBdWKPOFoSoQIdEuTuR82pmtxH2spWG9h6etwfr1pLBqQ==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "parent-module": "^1.0.0",
@@ -9414,7 +9611,6 @@
      "version": "2.0.4",
      "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
      "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==",
-      "dev": true,
      "license": "ISC"
    },
    "node_modules/inline-style-parser": {
@@ -9562,7 +9758,6 @@
      "version": "0.2.1",
      "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz",
      "integrity": "sha512-zz06S8t0ozoDXMG+ube26zeCTNXcKIPJZJi8hBrF4idCLms4CG9QtK7qBl1boi5ODzFpjswb5JPmHCbMpjaYzg==",
-      "dev": true,
      "license": "MIT"
    },
    "node_modules/is-async-function": {
@@ -9752,7 +9947,6 @@
      "version": "2.1.1",
      "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz",
      "integrity": "sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==",
-      "dev": true,
      "license": "MIT",
      "engines": {
        "node": ">=0.10.0"
@@ -9806,7 +10000,6 @@
      "version": "4.0.3",
      "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.3.tgz",
      "integrity": "sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "is-extglob": "^2.1.1"
@@ -9878,7 +10071,6 @@
      "version": "7.0.0",
      "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz",
      "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==",
-      "dev": true,
      "license": "MIT",
      "engines": {
        "node": ">=0.12.0"
@@ -10201,6 +10393,12 @@
      "integrity": "sha512-HvdH2LzI/EAZcUwA8+0nKNtWHqS+ZmijLA30RwZA0bo7ToCckjK5MkGhjED9KoRcXO6BaGI3I9UIzSA1FKFPOQ==",
      "license": "MIT"
    },
+    "node_modules/js-md4": {
+      "version": "0.3.2",
+      "resolved": "https://registry.npmjs.org/js-md4/-/js-md4-0.3.2.tgz",
+      "integrity": "sha512-/GDnfQYsltsjRswQhN9fhv3EMw2sCpUdrdxyWDOUK7eyD++r3gRhzgiQgc/x4MAv2i1iuQ4lxO5mvqM3vj4bwA==",
+      "license": "MIT"
+    },
    "node_modules/js-md5": {
      "version": "0.8.3",
      "resolved": "https://registry.npmjs.org/js-md5/-/js-md5-0.8.3.tgz",
@@ -10265,7 +10463,6 @@
      "version": "2.3.1",
      "resolved": "https://registry.npmjs.org/json-parse-even-better-errors/-/json-parse-even-better-errors-2.3.1.tgz",
      "integrity": "sha512-xyFwyhro/JEof6Ghe2iz2NcXoj2sloNsWr/XsERDK/oiPCfaNhl5ONfp+jQdAZRQQ0IJWNzH9zIZF7li91kh2w==",
-      "dev": true,
      "license": "MIT"
    },
    "node_modules/json-pointer": {
@@ -10783,7 +10980,6 @@
      "version": "1.2.4",
      "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz",
      "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==",
-      "dev": true,
      "license": "MIT"
    },
    "node_modules/liquid-json": {
@@ -11444,7 +11640,6 @@
      "version": "1.4.1",
      "resolved": "https://registry.npmjs.org/merge2/-/merge2-1.4.1.tgz",
      "integrity": "sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==",
-      "dev": true,
      "license": "MIT",
      "engines": {
        "node": ">= 8"
@@ -12033,7 +12228,6 @@
      "version": "4.0.8",
      "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz",
      "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "braces": "^3.0.3",
@@ -12111,6 +12305,12 @@
        "node": ">=4"
      }
    },
+    "node_modules/minimalistic-assert": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/minimalistic-assert/-/minimalistic-assert-1.0.1.tgz",
+      "integrity": "sha512-UtJcAD4yEaGtjPezWuO9wC4nwUnVH/8/Im3yEHQP4b67cXlD/Qr9hdITCU1xDbSEXg2XKNaP8jsReV7vQd00/A==",
+      "license": "ISC"
+    },
    "node_modules/minimatch": {
      "version": "3.1.2",
      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.1.2.tgz",
@@ -13077,6 +13277,12 @@
        "node": ">= 6"
      }
    },
+    "node_modules/oauth-1.0a": {
+      "version": "2.2.6",
+      "resolved": "https://registry.npmjs.org/oauth-1.0a/-/oauth-1.0a-2.2.6.tgz",
+      "integrity": "sha512-6bkxv3N4Gu5lty4viIcIAnq5GbxECviMBeKR3WX/q87SPQ8E8aursPZUtsXDnxCs787af09WPRBLqYrf/lwoYQ==",
+      "license": "MIT"
+    },
    "node_modules/object-assign": {
      "version": "4.1.1",
      "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz",
@@ -13632,7 +13838,6 @@
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/parent-module/-/parent-module-1.0.1.tgz",
      "integrity": "sha512-GQ2EWRpQV8/o+Aw8YqtfZZPfNRWZYkbidE9k5rpl/hC3vtHHBfGm2Ifi6qWV+coDGkrUKZAxE3Lot5kcsRlh+g==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "callsites": "^3.0.0"
@@ -13837,14 +14042,12 @@
      "version": "1.1.1",
      "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz",
      "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==",
-      "dev": true,
      "license": "ISC"
    },
    "node_modules/picomatch": {
      "version": "2.3.1",
      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
      "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==",
-      "dev": true,
      "license": "MIT",
      "engines": {
        "node": ">=8.6"
@@ -14320,7 +14523,6 @@
      "version": "1.2.3",
      "resolved": "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz",
      "integrity": "sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==",
-      "dev": true,
      "funding": [
        {
          "type": "github",
@@ -15130,7 +15332,6 @@
      "version": "4.0.0",
      "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-4.0.0.tgz",
      "integrity": "sha512-pb/MYmXstAkysRFx8piNI1tGFNQIFA3vkE3Gq4EuA1dF6gHp/+vgZqsCGJapvy8N3Q+4o7FwvquPJcnZ7RYy4g==",
-      "dev": true,
      "license": "MIT",
      "engines": {
        "node": ">=4"
@@ -15167,7 +15368,6 @@
      "version": "1.1.0",
      "resolved": "https://registry.npmjs.org/reusify/-/reusify-1.1.0.tgz",
      "integrity": "sha512-g6QUff04oZpHs0eG5p83rFLhHeV00ug/Yf9nZM6fLeUrPguBTkTQOdpAWWspMh55TZfVQDPaN3NQJfbVRAxdIw==",
-      "dev": true,
      "license": "MIT",
      "engines": {
        "iojs": ">=1.0.0",
@@ -15266,7 +15466,6 @@
      "version": "1.2.0",
      "resolved": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz",
      "integrity": "sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA==",
-      "dev": true,
      "funding": [
        {
          "type": "github",
@@ -17169,7 +17368,6 @@
      "version": "5.0.1",
      "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz",
      "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==",
-      "dev": true,
      "license": "MIT",
      "dependencies": {
        "is-number": "^7.0.0"
@@ -17403,7 +17601,7 @@
      "version": "5.8.3",
      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.3.tgz",
      "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==",
-      "dev": true,
+      "devOptional": true,
      "license": "Apache-2.0",
      "bin": {
        "tsc": "bin/tsc",
@@ -17468,6 +17666,12 @@
        "ieee754": "^1.1.13"
      }
    },
+    "node_modules/underscore": {
+      "version": "1.12.1",
+      "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.12.1.tgz",
+      "integrity": "sha512-hEQt0+ZLDVUMhebKxL4x1BTtDY7bavVofhZ9KZ4aI26X9SRaE+Y3m83XUL1UP2jn8ynjndwCCpEHdUG+9pP1Tw==",
+      "license": "MIT"
+    },
    "node_modules/undici-types": {
      "version": "6.21.0",
      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz",
@@ -18131,6 +18335,12 @@
        "url": "https://github.com/sponsors/jonschlinkert"
      }
    },
+    "node_modules/vkbeautify": {
+      "version": "0.99.3",
+      "resolved": "https://registry.npmjs.org/vkbeautify/-/vkbeautify-0.99.3.tgz",
+      "integrity": "sha512-2ozZEFfmVvQcHWoHLNuiKlUfDKlhh4KGsy54U0UrlLMR1SO+XKAIDqBxtBwHgNrekurlJwE8A9K6L49T78ZQ9Q==",
+      "license": "MIT"
+    },
    "node_modules/vscode-languageserver-types": {
      "version": "3.17.5",
      "resolved": "https://registry.npmjs.org/vscode-languageserver-types/-/vscode-languageserver-types-3.17.5.tgz",
@@ -18525,12 +18735,6 @@
        }
      }
    },
-    "node_modules/xml-beautify": {
-      "version": "1.2.3",
-      "resolved": "https://registry.npmjs.org/xml-beautify/-/xml-beautify-1.2.3.tgz",
-      "integrity": "sha512-VsYpkqoVawIP84pi00XukPsgQHqOhgrpwTHlXqqRMAgYZ1u+Yw3KHIUhO1Igf19d5CQ5h6ExJT1hFCJRLmzADg==",
-      "license": "MIT"
-    },
    "node_modules/xpath": {
      "version": "0.0.34",
      "resolved": "https://registry.npmjs.org/xpath/-/xpath-0.0.34.tgz",
@@ -18770,7 +18974,7 @@
    },
    "packages/plugin-runtime-types": {
      "name": "@yaakapp/api",
-      "version": "0.7.0",
+      "version": "0.7.1",
      "dependencies": {
        "@types/node": "^24.0.13"
      },
@@ -18818,6 +19022,20 @@
        "@types/jsonwebtoken": "^9.0.7"
      }
    },
+    "plugins/auth-ntlm": {
+      "name": "@yaak/auth-ntlm",
+      "version": "0.1.0",
+      "dependencies": {
+        "httpntlm": "^1.8.13"
+      }
+    },
+    "plugins/auth-oauth1": {
+      "name": "@yaak/auth-oauth1",
+      "version": "0.1.0",
+      "dependencies": {
+        "oauth-1.0a": "^2.2.6"
+      }
+    },
    "plugins/auth-oauth2": {
      "name": "@yaak/auth-oauth2",
      "version": "0.1.0"
@@ -18884,6 +19102,10 @@
      "name": "@yaak/template-function-cookie",
      "version": "0.1.0"
    },
+    "plugins/template-function-ctx": {
+      "name": "@yaak/template-function-ctx",
+      "version": "0.1.0"
+    },
    "plugins/template-function-datetime": {
      "version": "0.1.0",
      "extraneous": true,
@@ -18915,6 +19137,13 @@
    },
    "plugins/template-function-prompt": {
      "name": "@yaak/template-function-prompt",
+      "version": "0.1.0",
+      "dependencies": {
+        "slugify": "^1.6.6"
+      }
+    },
+    "plugins/template-function-random": {
+      "name": "@yaak/template-function-random",
      "version": "0.1.0"
    },
    "plugins/template-function-regex": {
@@ -18929,12 +19158,7 @@
      "name": "@yaak/template-function-response",
      "version": "0.1.0",
      "dependencies": {
-        "@xmldom/xmldom": "^0.9.8",
-        "jsonpath-plus": "^10.3.0",
-        "xpath": "^0.0.34"
-      },
-      "devDependencies": {
-        "@types/jsonpath": "^0.2.4"
+        "@yaak/template-function-xml": "*"
      }
    },
    "plugins/template-function-timestamp": {
@@ -18965,6 +19189,11 @@
        "uuid": "dist/esm/bin/uuid"
      }
    },
+    "plugins/template-function-window": {
+      "name": "@yaak/template-function-window",
+      "version": "0.1.0",
+      "extraneous": true
+    },
    "plugins/template-function-xml": {
      "name": "@yaak/template-function-xml",
      "version": "0.1.0",
@@ -19043,6 +19272,7 @@
        "@gilbarbara/deep-equal": "^0.3.1",
        "@lezer/highlight": "^1.1.3",
        "@lezer/lr": "^1.3.3",
+        "@prantlf/jsonlint": "^16.0.0",
        "@replit/codemirror-emacs": "^6.1.0",
        "@replit/codemirror-vim": "^6.3.0",
        "@replit/codemirror-vscode-keymap": "^6.0.2",
@@ -19088,8 +19318,8 @@
        "remark-gfm": "^4.0.1",
        "slugify": "^1.6.6",
        "uuid": "^11.1.0",
+        "vkbeautify": "^0.99.3",
        "whatwg-mimetype": "^4.0.0",
-        "xml-beautify": "^1.2.3",
        "yaml": "^2.6.1"
      },
      "devDependencies": {
--- a/package.json
+++ b/package.json
@@ -17,7 +17,9 @@
    "plugins/auth-basic",
    "plugins/auth-bearer",
    "plugins/auth-jwt",
+    "plugins/auth-ntlm",
    "plugins/auth-oauth2",
+    "plugins/auth-oauth1",
    "plugins/filter-jsonpath",
    "plugins/filter-xpath",
    "plugins/importer-curl",
@@ -27,17 +29,19 @@
    "plugins/importer-postman-environment",
    "plugins/importer-yaak",
    "plugins/template-function-cookie",
+    "plugins/template-function-ctx",
    "plugins/template-function-encode",
    "plugins/template-function-fs",
    "plugins/template-function-hash",
    "plugins/template-function-json",
    "plugins/template-function-prompt",
+    "plugins/template-function-random",
    "plugins/template-function-regex",
    "plugins/template-function-request",
-    "plugins/template-function-response",
    "plugins/template-function-timestamp",
    "plugins/template-function-uuid",
    "plugins/template-function-xml",
+    "plugins/template-function-response",
    "plugins/themes-yaak",
    "src-tauri",
    "src-tauri/yaak-crypto",
@@ -64,7 +68,8 @@
    "icons": "run-p icons:*",
    "icons:dev": "tauri icon src-tauri/icons/icon-dev.png --output src-tauri/icons/dev",
    "icons:release": "tauri icon src-tauri/icons/icon.png --output src-tauri/icons/release",
-    "bootstrap": "run-p bootstrap:* && npm run --workspaces --if-present bootstrap",
+    "bootstrap": "run-s bootstrap:*",
+    "bootstrap:build": "npm run build",
    "bootstrap:vendor-node": "node scripts/vendor-node.cjs",
    "bootstrap:vendor-plugins": "node scripts/vendor-plugins.cjs",
    "bootstrap:vendor-protoc": "node scripts/vendor-protoc.cjs",
--- a/packages/plugin-runtime-types/package.json
+++ b/packages/plugin-runtime-types/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@yaakapp/api",
-  "version": "0.7.0",
+  "version": "0.7.1",
  "keywords": [
    "api-client",
    "insomnia-alternative",
--- a/packages/plugin-runtime-types/src/bindings/gen_events.ts
+++ b/packages/plugin-runtime-types/src/bindings/gen_events.ts
@@ -30,7 +30,7 @@ export type CallHttpRequestActionArgs = { httpRequest: HttpRequest, };

 export type CallHttpRequestActionRequest = { index: number, pluginRefId: string, args: CallHttpRequestActionArgs, };

-export type CallTemplateFunctionArgs = { purpose: RenderPurpose, values: { [key in string]?: JsonValue }, };
+export type CallTemplateFunctionArgs = { purpose: RenderPurpose, values: { [key in string]?: JsonPrimitive }, };

 export type CallTemplateFunctionRequest = { name: string, args: CallTemplateFunctionArgs, };

@@ -74,7 +74,7 @@ export type FindHttpResponsesRequest = { requestId: string, limit?: number, };

 export type FindHttpResponsesResponse = { httpResponses: Array<HttpResponse>, };

-export type FormInput = { "type": "text" } & FormInputText | { "type": "editor" } & FormInputEditor | { "type": "select" } & FormInputSelect | { "type": "checkbox" } & FormInputCheckbox | { "type": "file" } & FormInputFile | { "type": "http_request" } & FormInputHttpRequest | { "type": "accordion" } & FormInputAccordion | { "type": "banner" } & FormInputBanner | { "type": "markdown" } & FormInputMarkdown;
+export type FormInput = { "type": "text" } & FormInputText | { "type": "editor" } & FormInputEditor | { "type": "select" } & FormInputSelect | { "type": "checkbox" } & FormInputCheckbox | { "type": "file" } & FormInputFile | { "type": "http_request" } & FormInputHttpRequest | { "type": "accordion" } & FormInputAccordion | { "type": "h_stack" } & FormInputHStack | { "type": "banner" } & FormInputBanner | { "type": "markdown" } & FormInputMarkdown;

 export type FormInputAccordion = { label: string, inputs?: Array<FormInput>, hidden?: boolean, };

@@ -224,6 +224,8 @@ defaultValue?: string, disabled?: boolean,
 */
 description?: string, };

+export type FormInputHStack = { inputs?: Array<FormInput>, hidden?: boolean, };
+
 export type FormInputHttpRequest = { 
 /**
 * The name of the input. The value will be stored at this object attribute in the resulting data
@@ -387,9 +389,9 @@ export type ImportResources = { workspaces: Array<Workspace>, environments: Arra

 export type ImportResponse = { resources: ImportResources, };

-export type InternalEvent = { id: string, pluginRefId: string, pluginName: string, replyId: string | null, windowContext: PluginWindowContext, payload: InternalEventPayload, };
+export type InternalEvent = { id: string, pluginRefId: string, pluginName: string, replyId: string | null, context: PluginContext, payload: InternalEventPayload, };

-export type InternalEventPayload = { "type": "boot_request" } & BootRequest | { "type": "boot_response" } | { "type": "reload_response" } & ReloadResponse | { "type": "terminate_request" } | { "type": "terminate_response" } | { "type": "import_request" } & ImportRequest | { "type": "import_response" } & ImportResponse | { "type": "filter_request" } & FilterRequest | { "type": "filter_response" } & FilterResponse | { "type": "export_http_request_request" } & ExportHttpRequestRequest | { "type": "export_http_request_response" } & ExportHttpRequestResponse | { "type": "send_http_request_request" } & SendHttpRequestRequest | { "type": "send_http_request_response" } & SendHttpRequestResponse | { "type": "list_cookie_names_request" } & ListCookieNamesRequest | { "type": "list_cookie_names_response" } & ListCookieNamesResponse | { "type": "get_cookie_value_request" } & GetCookieValueRequest | { "type": "get_cookie_value_response" } & GetCookieValueResponse | { "type": "get_http_request_actions_request" } & EmptyPayload | { "type": "get_http_request_actions_response" } & GetHttpRequestActionsResponse | { "type": "call_http_request_action_request" } & CallHttpRequestActionRequest | { "type": "get_grpc_request_actions_request" } & EmptyPayload | { "type": "get_grpc_request_actions_response" } & GetGrpcRequestActionsResponse | { "type": "call_grpc_request_action_request" } & CallGrpcRequestActionRequest | { "type": "get_template_function_summary_request" } & EmptyPayload | { "type": "get_template_function_summary_response" } & GetTemplateFunctionSummaryResponse | { "type": "get_template_function_config_request" } & GetTemplateFunctionConfigRequest | { "type": "get_template_function_config_response" } & GetTemplateFunctionConfigResponse | { "type": "call_template_function_request" } & CallTemplateFunctionRequest | { "type": "call_template_function_response" } & CallTemplateFunctionResponse | { "type": "get_http_authentication_summary_request" } & EmptyPayload | { "type": "get_http_authentication_summary_response" } & GetHttpAuthenticationSummaryResponse | { "type": "get_http_authentication_config_request" } & GetHttpAuthenticationConfigRequest | { "type": "get_http_authentication_config_response" } & GetHttpAuthenticationConfigResponse | { "type": "call_http_authentication_request" } & CallHttpAuthenticationRequest | { "type": "call_http_authentication_response" } & CallHttpAuthenticationResponse | { "type": "call_http_authentication_action_request" } & CallHttpAuthenticationActionRequest | { "type": "call_http_authentication_action_response" } & EmptyPayload | { "type": "copy_text_request" } & CopyTextRequest | { "type": "copy_text_response" } & EmptyPayload | { "type": "render_http_request_request" } & RenderHttpRequestRequest | { "type": "render_http_request_response" } & RenderHttpRequestResponse | { "type": "render_grpc_request_request" } & RenderGrpcRequestRequest | { "type": "render_grpc_request_response" } & RenderGrpcRequestResponse | { "type": "template_render_request" } & TemplateRenderRequest | { "type": "template_render_response" } & TemplateRenderResponse | { "type": "get_key_value_request" } & GetKeyValueRequest | { "type": "get_key_value_response" } & GetKeyValueResponse | { "type": "set_key_value_request" } & SetKeyValueRequest | { "type": "set_key_value_response" } & SetKeyValueResponse | { "type": "delete_key_value_request" } & DeleteKeyValueRequest | { "type": "delete_key_value_response" } & DeleteKeyValueResponse | { "type": "open_window_request" } & OpenWindowRequest | { "type": "window_navigate_event" } & WindowNavigateEvent | { "type": "window_close_event" } | { "type": "close_window_request" } & CloseWindowRequest | { "type": "show_toast_request" } & ShowToastRequest | { "type": "show_toast_response" } & EmptyPayload | { "type": "prompt_text_request" } & PromptTextRequest | { "type": "prompt_text_response" } & PromptTextResponse | { "type": "get_http_request_by_id_request" } & GetHttpRequestByIdRequest | { "type": "get_http_request_by_id_response" } & GetHttpRequestByIdResponse | { "type": "find_http_responses_request" } & FindHttpResponsesRequest | { "type": "find_http_responses_response" } & FindHttpResponsesResponse | { "type": "get_themes_request" } & GetThemesRequest | { "type": "get_themes_response" } & GetThemesResponse | { "type": "empty_response" } & EmptyPayload | { "type": "error_response" } & ErrorResponse;
+export type InternalEventPayload = { "type": "boot_request" } & BootRequest | { "type": "boot_response" } | { "type": "reload_response" } & ReloadResponse | { "type": "terminate_request" } | { "type": "terminate_response" } | { "type": "import_request" } & ImportRequest | { "type": "import_response" } & ImportResponse | { "type": "filter_request" } & FilterRequest | { "type": "filter_response" } & FilterResponse | { "type": "export_http_request_request" } & ExportHttpRequestRequest | { "type": "export_http_request_response" } & ExportHttpRequestResponse | { "type": "send_http_request_request" } & SendHttpRequestRequest | { "type": "send_http_request_response" } & SendHttpRequestResponse | { "type": "list_cookie_names_request" } & ListCookieNamesRequest | { "type": "list_cookie_names_response" } & ListCookieNamesResponse | { "type": "get_cookie_value_request" } & GetCookieValueRequest | { "type": "get_cookie_value_response" } & GetCookieValueResponse | { "type": "get_http_request_actions_request" } & EmptyPayload | { "type": "get_http_request_actions_response" } & GetHttpRequestActionsResponse | { "type": "call_http_request_action_request" } & CallHttpRequestActionRequest | { "type": "get_grpc_request_actions_request" } & EmptyPayload | { "type": "get_grpc_request_actions_response" } & GetGrpcRequestActionsResponse | { "type": "call_grpc_request_action_request" } & CallGrpcRequestActionRequest | { "type": "get_template_function_summary_request" } & EmptyPayload | { "type": "get_template_function_summary_response" } & GetTemplateFunctionSummaryResponse | { "type": "get_template_function_config_request" } & GetTemplateFunctionConfigRequest | { "type": "get_template_function_config_response" } & GetTemplateFunctionConfigResponse | { "type": "call_template_function_request" } & CallTemplateFunctionRequest | { "type": "call_template_function_response" } & CallTemplateFunctionResponse | { "type": "get_http_authentication_summary_request" } & EmptyPayload | { "type": "get_http_authentication_summary_response" } & GetHttpAuthenticationSummaryResponse | { "type": "get_http_authentication_config_request" } & GetHttpAuthenticationConfigRequest | { "type": "get_http_authentication_config_response" } & GetHttpAuthenticationConfigResponse | { "type": "call_http_authentication_request" } & CallHttpAuthenticationRequest | { "type": "call_http_authentication_response" } & CallHttpAuthenticationResponse | { "type": "call_http_authentication_action_request" } & CallHttpAuthenticationActionRequest | { "type": "call_http_authentication_action_response" } & EmptyPayload | { "type": "copy_text_request" } & CopyTextRequest | { "type": "copy_text_response" } & EmptyPayload | { "type": "render_http_request_request" } & RenderHttpRequestRequest | { "type": "render_http_request_response" } & RenderHttpRequestResponse | { "type": "render_grpc_request_request" } & RenderGrpcRequestRequest | { "type": "render_grpc_request_response" } & RenderGrpcRequestResponse | { "type": "template_render_request" } & TemplateRenderRequest | { "type": "template_render_response" } & TemplateRenderResponse | { "type": "get_key_value_request" } & GetKeyValueRequest | { "type": "get_key_value_response" } & GetKeyValueResponse | { "type": "set_key_value_request" } & SetKeyValueRequest | { "type": "set_key_value_response" } & SetKeyValueResponse | { "type": "delete_key_value_request" } & DeleteKeyValueRequest | { "type": "delete_key_value_response" } & DeleteKeyValueResponse | { "type": "open_window_request" } & OpenWindowRequest | { "type": "window_navigate_event" } & WindowNavigateEvent | { "type": "window_close_event" } | { "type": "close_window_request" } & CloseWindowRequest | { "type": "show_toast_request" } & ShowToastRequest | { "type": "show_toast_response" } & EmptyPayload | { "type": "prompt_text_request" } & PromptTextRequest | { "type": "prompt_text_response" } & PromptTextResponse | { "type": "window_info_request" } & WindowInfoRequest | { "type": "window_info_response" } & WindowInfoResponse | { "type": "get_http_request_by_id_request" } & GetHttpRequestByIdRequest | { "type": "get_http_request_by_id_response" } & GetHttpRequestByIdResponse | { "type": "find_http_responses_request" } & FindHttpResponsesRequest | { "type": "find_http_responses_response" } & FindHttpResponsesResponse | { "type": "get_themes_request" } & GetThemesRequest | { "type": "get_themes_response" } & GetThemesResponse | { "type": "empty_response" } & EmptyPayload | { "type": "error_response" } & ErrorResponse;

 export type JsonPrimitive = string | number | boolean | null;

@@ -403,13 +405,13 @@ export type OpenWindowRequest = { url: string,
 */
 label: string, title?: string, size?: WindowSize, dataDirKey?: string, };

-export type PluginWindowContext = { "type": "none" } | { "type": "label", label: string, workspace_id: string | null, };
+export type PluginContext = { id: string, label: string | null, workspaceId: string | null, };

 export type PromptTextRequest = { id: string, title: string, label: string, description?: string, defaultValue?: string, placeholder?: string, 
 /**
 * Text to add to the confirmation button
 */
-confirmText?: string, 
+confirmText?: string, password?: boolean, 
 /**
 * Text to add to the cancel button
 */
@@ -443,7 +445,7 @@ export type SetKeyValueResponse = {};

 export type ShowToastRequest = { message: string, color?: Color, icon?: Icon, timeout?: number, };

-export type TemplateFunction = { name: string, description?: string, 
+export type TemplateFunction = { name: string, previewType?: TemplateFunctionPreviewType, description?: string, 
 /**
 * Also support alternative names. This is useful for not breaking existing
 * tags when changing the `name` property
@@ -455,6 +457,8 @@ aliases?: Array<string>, args: Array<TemplateFunctionArg>, };
 */
 export type TemplateFunctionArg = FormInput;

+export type TemplateFunctionPreviewType = "live" | "click" | "none";
+
 export type TemplateRenderRequest = { data: JsonValue, purpose: RenderPurpose, };

 export type TemplateRenderResponse = { data: JsonValue, };
@@ -485,6 +489,10 @@ export type ThemeComponentColors = { surface?: string, surfaceHighlight?: string

 export type ThemeComponents = { dialog?: ThemeComponentColors, menu?: ThemeComponentColors, toast?: ThemeComponentColors, sidebar?: ThemeComponentColors, responsePane?: ThemeComponentColors, appHeader?: ThemeComponentColors, button?: ThemeComponentColors, banner?: ThemeComponentColors, templateTag?: ThemeComponentColors, urlBar?: ThemeComponentColors, editor?: ThemeComponentColors, input?: ThemeComponentColors, };

+export type WindowInfoRequest = { label: string, };
+
+export type WindowInfoResponse = { requestId: string | null, environmentId: string | null, workspaceId: string | null, label: string, };
+
 export type WindowNavigateEvent = { url: string, };

 export type WindowSize = { width: number, height: number, };
--- a/packages/plugin-runtime-types/src/bindings/gen_models.ts
+++ b/packages/plugin-runtime-types/src/bindings/gen_models.ts
@@ -1,6 +1,6 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.

-export type Environment = { model: "environment", id: string, workspaceId: string, createdAt: string, updatedAt: string, name: string, public: boolean, parentModel: string, parentId: string | null, variables: Array<EnvironmentVariable>, color: string | null, };
+export type Environment = { model: "environment", id: string, workspaceId: string, createdAt: string, updatedAt: string, name: string, public: boolean, parentModel: string, parentId: string | null, variables: Array<EnvironmentVariable>, color: string | null, sortPriority: number, };

 export type EnvironmentVariable = { enabled?: boolean, name: string, value: string, id?: string, };

--- a/packages/plugin-runtime-types/src/plugins/AuthenticationPlugin.ts
+++ b/packages/plugin-runtime-types/src/plugins/AuthenticationPlugin.ts
@@ -3,22 +3,37 @@ import {
  CallHttpAuthenticationRequest,
  CallHttpAuthenticationResponse,
  FormInput,
-  GetHttpAuthenticationConfigRequest,
  GetHttpAuthenticationSummaryResponse,
  HttpAuthenticationAction,
 } from '../bindings/gen_events';
 import { MaybePromise } from '../helpers';
 import { Context } from './Context';

-type DynamicFormInput = FormInput & {
-  dynamic(
+type AddDynamicMethod<T> = {
+  dynamic?: (
    ctx: Context,
-    args: GetHttpAuthenticationConfigRequest,
-  ): MaybePromise<Partial<FormInput> | undefined | null>;
+    args: CallHttpAuthenticationActionArgs,
+  ) => MaybePromise<Partial<T> | null | undefined>;
 };

+type AddDynamic<T> = T extends any
+  ? T extends { inputs?: FormInput[] }
+    ? Omit<T, 'inputs'> & {
+        inputs: Array<AddDynamic<FormInput>>;
+        dynamic?: (
+          ctx: Context,
+          args: CallHttpAuthenticationActionArgs,
+        ) => MaybePromise<
+          Partial<Omit<T, 'inputs'> & { inputs: Array<AddDynamic<FormInput>> }> | null | undefined
+        >;
+      }
+    : T & AddDynamicMethod<T>
+  : never;
+
+export type DynamicAuthenticationArg = AddDynamic<FormInput>;
+
 export type AuthenticationPlugin = GetHttpAuthenticationSummaryResponse & {
-  args: (FormInput | DynamicFormInput)[];
+  args: DynamicAuthenticationArg[];
  onApply(
    ctx: Context,
    args: CallHttpAuthenticationRequest,
--- a/packages/plugin-runtime-types/src/plugins/Context.ts
+++ b/packages/plugin-runtime-types/src/plugins/Context.ts
@@ -18,7 +18,7 @@ import type {
  ShowToastRequest,
  TemplateRenderRequest,
 } from '../bindings/gen_events.ts';
-import { JsonValue } from '../bindings/serde_json/JsonValue';
+import type { JsonValue } from '../bindings/serde_json/JsonValue';

 export interface Context {
  clipboard: {
@@ -36,6 +36,9 @@ export interface Context {
    delete(key: string): Promise<boolean>;
  };
  window: {
+    requestId(): Promise<string | null>;
+    workspaceId(): Promise<string | null>;
+    environmentId(): Promise<string | null>;
    openUrl(
      args: OpenWindowRequest & {
        onNavigate?: (args: { url: string }) => void;
--- a/packages/plugin-runtime-types/src/plugins/TemplateFunctionPlugin.ts
+++ b/packages/plugin-runtime-types/src/plugins/TemplateFunctionPlugin.ts
@@ -1,21 +1,31 @@
-import {
-  CallTemplateFunctionArgs,
-  FormInput,
-  GetHttpAuthenticationConfigRequest,
-  TemplateFunction,
-  TemplateFunctionArg,
-} from '../bindings/gen_events';
+import { CallTemplateFunctionArgs, FormInput, TemplateFunction } from '../bindings/gen_events';
 import { MaybePromise } from '../helpers';
 import { Context } from './Context';

-export type DynamicTemplateFunctionArg = FormInput & {
-  dynamic(
+type AddDynamicMethod<T> = {
+  dynamic?: (
    ctx: Context,
-    args: GetHttpAuthenticationConfigRequest,
-  ): MaybePromise<Partial<FormInput> | undefined | null>;
+    args: CallTemplateFunctionArgs,
+  ) => MaybePromise<Partial<T> | null | undefined>;
 };

-export type TemplateFunctionPlugin = TemplateFunction & {
-  args: (TemplateFunctionArg | DynamicTemplateFunctionArg)[];
+type AddDynamic<T> = T extends any
+  ? T extends { inputs?: FormInput[] }
+    ? Omit<T, 'inputs'> & {
+        inputs: Array<AddDynamic<FormInput>>;
+        dynamic?: (
+          ctx: Context,
+          args: CallTemplateFunctionArgs,
+        ) => MaybePromise<
+          Partial<Omit<T, 'inputs'> & { inputs: Array<AddDynamic<FormInput>> }> | null | undefined
+        >;
+      }
+    : T & AddDynamicMethod<T>
+  : never;
+
+export type DynamicTemplateFunctionArg = AddDynamic<FormInput>;
+
+export type TemplateFunctionPlugin = Omit<TemplateFunction, 'args'> & {
+  args: DynamicTemplateFunctionArg[];
  onRender(ctx: Context, args: CallTemplateFunctionArgs): Promise<string | null>;
 };
--- a/packages/plugin-runtime-types/src/plugins/index.ts
+++ b/packages/plugin-runtime-types/src/plugins/index.ts
@@ -1,4 +1,6 @@
 import { AuthenticationPlugin } from './AuthenticationPlugin';
+
+import type { Context } from './Context';
 import type { FilterPlugin } from './FilterPlugin';
 import { GrpcRequestActionPlugin } from './GrpcRequestActionPlugin';
 import type { HttpRequestActionPlugin } from './HttpRequestActionPlugin';
@@ -6,9 +8,10 @@ import type { ImporterPlugin } from './ImporterPlugin';
 import type { TemplateFunctionPlugin } from './TemplateFunctionPlugin';
 import type { ThemePlugin } from './ThemePlugin';

-import type { Context } from './Context';
-
 export type { Context };
+export type { DynamicTemplateFunctionArg } from './TemplateFunctionPlugin';
+export type { DynamicAuthenticationArg } from './AuthenticationPlugin';
+export type { TemplateFunctionPlugin };

 /**
 * The global structure of a Yaak plugin
--- a/packages/plugin-runtime/src/PluginHandle.ts
+++ b/packages/plugin-runtime/src/PluginHandle.ts
@@ -1,3 +1,4 @@
+import { PluginContext } from '@yaakapp-internal/plugins';
 import type { BootRequest, InternalEvent } from '@yaakapp/api';
 import type { EventChannel } from './EventChannel';
 import { PluginInstance, PluginWorkerData } from './PluginInstance';
@@ -6,14 +7,12 @@ export class PluginHandle {
  #instance: PluginInstance;

  constructor(
-    readonly pluginRefId: string,
-    readonly bootRequest: BootRequest,
-    readonly pluginToAppEvents: EventChannel,
+    pluginRefId: string,
+    context: PluginContext,
+    bootRequest: BootRequest,
+    pluginToAppEvents: EventChannel,
  ) {
-    const workerData: PluginWorkerData = {
-      pluginRefId: this.pluginRefId,
-      bootRequest: this.bootRequest,
-    };
+    const workerData: PluginWorkerData = { pluginRefId, context, bootRequest };
    this.#instance = new PluginInstance(workerData, pluginToAppEvents);
  }

--- a/packages/plugin-runtime/src/PluginInstance.ts
+++ b/packages/plugin-runtime/src/PluginInstance.ts
@@ -2,7 +2,6 @@ import {
  BootRequest,
  DeleteKeyValueResponse,
  FindHttpResponsesResponse,
-  FormInput,
  GetCookieValueRequest,
  GetCookieValueResponse,
  GetHttpRequestByIdResponse,
@@ -13,32 +12,32 @@ import {
  InternalEvent,
  InternalEventPayload,
  ListCookieNamesResponse,
-  PluginWindowContext,
+  PluginContext,
  PromptTextResponse,
  RenderGrpcRequestResponse,
  RenderHttpRequestResponse,
  SendHttpRequestResponse,
  TemplateFunction,
-  TemplateFunctionArg,
  TemplateRenderResponse,
+  WindowInfoResponse,
 } from '@yaakapp-internal/plugins';
 import { Context, PluginDefinition } from '@yaakapp/api';
-import { JsonValue } from '@yaakapp/api/lib/bindings/serde_json/JsonValue';
 import console from 'node:console';
-import { readFileSync, type Stats, statSync, watch } from 'node:fs';
+import { type Stats, statSync, watch } from 'node:fs';
 import path from 'node:path';
+import { applyDynamicFormInput, applyFormInputDefaults } from './common';
 import { EventChannel } from './EventChannel';
 import { migrateTemplateFunctionSelectOptions } from './migrations';

 export interface PluginWorkerData {
  bootRequest: BootRequest;
  pluginRefId: string;
+  context: PluginContext;
 }

 export class PluginInstance {
  #workerData: PluginWorkerData;
  #mod: PluginDefinition;
-  #pkg: { name?: string; version?: string };
  #pluginToAppEvents: EventChannel;
  #appToPluginEvents: EventChannel;

@@ -52,18 +51,14 @@ export class PluginInstance {
      await this.#onMessage(event);
    });

-    // Reload plugin if the JS or package.json changes
-    const windowContextNone: PluginWindowContext = { type: 'none' };
-
    this.#mod = {} as any;
-    this.#pkg = JSON.parse(readFileSync(this.#pathPkg(), 'utf8'));

    const fileChangeCallback = async () => {
      await this.#mod?.dispose?.();
      this.#importModule();
-      await this.#mod?.init?.(this.#newCtx({ type: 'none' }));
+      await this.#mod?.init?.(this.#newCtx(workerData.context));
      return this.#sendPayload(
-        windowContextNone,
+        workerData.context,
        {
          type: 'reload_response',
          silent: false,
@@ -90,14 +85,14 @@ export class PluginInstance {
  }

  async #onMessage(event: InternalEvent) {
-    const ctx = this.#newCtx(event.windowContext);
+    const ctx = this.#newCtx(event.context);

-    const { windowContext, payload, id: replyId } = event;
+    const { context, payload, id: replyId } = event;

    try {
      if (payload.type === 'boot_request') {
        await this.#mod?.init?.(ctx);
-        this.#sendPayload(windowContext, { type: 'boot_response' }, replyId);
+        this.#sendPayload(context, { type: 'boot_response' }, replyId);
        return;
      }

@@ -106,7 +101,7 @@ export class PluginInstance {
          type: 'terminate_response',
        };
        await this.terminate();
-        this.#sendPayload(windowContext, payload, replyId);
+        this.#sendPayload(context, payload, replyId);
        return;
      }

@@ -123,10 +118,10 @@ export class PluginInstance {
            // deno-lint-ignore no-explicit-any
            resources: reply.resources as any,
          };
-          this.#sendPayload(windowContext, replyPayload, replyId);
+          this.#sendPayload(context, replyPayload, replyId);
          return;
        } else {
-          // Continue, to send back an empty reply
+          // Send back an empty reply (below)
        }
      }

@@ -136,7 +131,7 @@ export class PluginInstance {
          payload: payload.content,
          mimeType: payload.type,
        });
-        this.#sendPayload(windowContext, { type: 'filter_response', ...reply }, replyId);
+        this.#sendPayload(context, { type: 'filter_response', ...reply }, replyId);
        return;
      }

@@ -154,7 +149,7 @@ export class PluginInstance {
          pluginRefId: this.#workerData.pluginRefId,
          actions: reply,
        };
-        this.#sendPayload(windowContext, replyPayload, replyId);
+        this.#sendPayload(context, replyPayload, replyId);
        return;
      }

@@ -172,7 +167,7 @@ export class PluginInstance {
          pluginRefId: this.#workerData.pluginRefId,
          actions: reply,
        };
-        this.#sendPayload(windowContext, replyPayload, replyId);
+        this.#sendPayload(context, replyPayload, replyId);
        return;
      }

@@ -181,7 +176,7 @@ export class PluginInstance {
          type: 'get_themes_response',
          themes: this.#mod.themes,
        };
-        this.#sendPayload(windowContext, replyPayload, replyId);
+        this.#sendPayload(context, replyPayload, replyId);
        return;
      }

@@ -203,7 +198,7 @@ export class PluginInstance {
          pluginRefId: this.#workerData.pluginRefId,
          functions,
        };
-        this.#sendPayload(windowContext, replyPayload, replyId);
+        this.#sendPayload(context, replyPayload, replyId);
        return;
      }

@@ -213,58 +208,42 @@ export class PluginInstance {
      ) {
        let templateFunction = this.#mod.templateFunctions.find((f) => f.name === payload.name);
        if (templateFunction == null) {
-          this.#sendEmpty(windowContext, replyId);
+          this.#sendEmpty(context, replyId);
          return;
        }

-        templateFunction = migrateTemplateFunctionSelectOptions(templateFunction);
-        // @ts-ignore
-        delete templateFunction.onRender;
-        const resolvedArgs: TemplateFunctionArg[] = [];
-        for (const arg of templateFunction.args) {
-          if (arg && 'dynamic' in arg) {
-            const dynamicAttrs = await arg.dynamic(ctx, payload);
-            const { dynamic, ...other } = arg;
-            resolvedArgs.push({ ...other, ...dynamicAttrs } as TemplateFunctionArg);
-          } else if (arg) {
-            resolvedArgs.push(arg);
-          }
-          templateFunction.args = resolvedArgs;
-        }
+        const fn = {
+          ...migrateTemplateFunctionSelectOptions(templateFunction),
+          onRender: undefined,
+        };
+
+        payload.values = applyFormInputDefaults(fn.args, payload.values);
+        const p = { ...payload, purpose: 'preview' } as const;
+        const resolvedArgs = await applyDynamicFormInput(ctx, fn.args, p);
+
        const replyPayload: InternalEventPayload = {
          type: 'get_template_function_config_response',
          pluginRefId: this.#workerData.pluginRefId,
-          function: templateFunction,
+          function: { ...fn, args: resolvedArgs },
        };
-        this.#sendPayload(windowContext, replyPayload, replyId);
+        this.#sendPayload(context, replyPayload, replyId);
        return;
      }

      if (payload.type === 'get_http_authentication_summary_request' && this.#mod?.authentication) {
-        const { name, shortLabel, label } = this.#mod.authentication;
        const replyPayload: InternalEventPayload = {
          type: 'get_http_authentication_summary_response',
-          name,
-          label,
-          shortLabel,
+          ...this.#mod.authentication,
        };

-        this.#sendPayload(windowContext, replyPayload, replyId);
+        this.#sendPayload(context, replyPayload, replyId);
        return;
      }

      if (payload.type === 'get_http_authentication_config_request' && this.#mod?.authentication) {
        const { args, actions } = this.#mod.authentication;
-        const resolvedArgs: FormInput[] = [];
-        for (const v of args) {
-          if (v && 'dynamic' in v) {
-            const dynamicAttrs = await v.dynamic(ctx, payload);
-            const { dynamic, ...other } = v;
-            resolvedArgs.push({ ...other, ...dynamicAttrs } as FormInput);
-          } else if (v) {
-            resolvedArgs.push(v);
-          }
-        }
+        payload.values = applyFormInputDefaults(args, payload.values);
+        const resolvedArgs = await applyDynamicFormInput(ctx, args, payload);
        const resolvedActions: HttpAuthenticationAction[] = [];
        for (const { onSelect, ...action } of actions ?? []) {
          resolvedActions.push(action);
@@ -277,16 +256,17 @@ export class PluginInstance {
          pluginRefId: this.#workerData.pluginRefId,
        };

-        this.#sendPayload(windowContext, replyPayload, replyId);
+        this.#sendPayload(context, replyPayload, replyId);
        return;
      }

      if (payload.type === 'call_http_authentication_request' && this.#mod?.authentication) {
        const auth = this.#mod.authentication;
        if (typeof auth?.onApply === 'function') {
-          applyFormInputDefaults(auth.args, payload.values);
+          auth.args = await applyDynamicFormInput(ctx, auth.args, payload);
+          payload.values = applyFormInputDefaults(auth.args, payload.values);
          this.#sendPayload(
-            windowContext,
+            context,
            {
              type: 'call_http_authentication_response',
              ...(await auth.onApply(ctx, payload)),
@@ -304,7 +284,7 @@ export class PluginInstance {
        const action = this.#mod.authentication.actions?.[payload.index];
        if (typeof action?.onSelect === 'function') {
          await action.onSelect(ctx, payload.args);
-          this.#sendEmpty(windowContext, replyId);
+          this.#sendEmpty(context, replyId);
          return;
        }
      }
@@ -316,7 +296,7 @@ export class PluginInstance {
        const action = this.#mod.httpRequestActions[payload.index];
        if (typeof action?.onSelect === 'function') {
          await action.onSelect(ctx, payload.args);
-          this.#sendEmpty(windowContext, replyId);
+          this.#sendEmpty(context, replyId);
          return;
        }
      }
@@ -328,7 +308,7 @@ export class PluginInstance {
        const action = this.#mod.grpcRequestActions[payload.index];
        if (typeof action?.onSelect === 'function') {
          await action.onSelect(ctx, payload.args);
-          this.#sendEmpty(windowContext, replyId);
+          this.#sendEmpty(context, replyId);
          return;
        }
      }
@@ -338,12 +318,27 @@ export class PluginInstance {
        Array.isArray(this.#mod?.templateFunctions)
      ) {
        const fn = this.#mod.templateFunctions.find((a) => a.name === payload.name);
-        if (typeof fn?.onRender === 'function') {
-          applyFormInputDefaults(fn.args, payload.args.values);
+        if (
+          payload.args.purpose === 'preview' &&
+          (fn?.previewType === 'click' || fn?.previewType === 'none')
+        ) {
+          // Send empty render response
+          this.#sendPayload(
+            context,
+            {
+              type: 'call_template_function_response',
+              value: null,
+              error: 'Live preview disabled for this function',
+            },
+            replyId,
+          );
+        } else if (typeof fn?.onRender === 'function') {
+          const resolvedArgs = await applyDynamicFormInput(ctx, fn.args, payload.args);
+          payload.args.values = applyFormInputDefaults(resolvedArgs, payload.args.values);
          try {
            const result = await fn.onRender(ctx, payload.args);
            this.#sendPayload(
-              windowContext,
+              context,
              {
                type: 'call_template_function_response',
                value: result ?? null,
@@ -352,7 +347,7 @@ export class PluginInstance {
            );
          } catch (err) {
            this.#sendPayload(
-              windowContext,
+              context,
              {
                type: 'call_template_function_response',
                value: null,
@@ -367,12 +362,12 @@ export class PluginInstance {
    } catch (err) {
      const error = `${err}`.replace(/^Error:\s*/g, '');
      console.log('Plugin call threw exception', payload.type, '→', error);
-      this.#sendPayload(windowContext, { type: 'error_response', error }, replyId);
+      this.#sendPayload(context, { type: 'error_response', error }, replyId);
      return;
    }

    // No matches, so send back an empty response so the caller doesn't block forever
-    this.#sendEmpty(windowContext, replyId);
+    this.#sendEmpty(context, replyId);
  }

  #pathMod() {
@@ -395,7 +390,7 @@ export class PluginInstance {
  }

  #buildEventToSend(
-    windowContext: PluginWindowContext,
+    context: PluginContext,
    payload: InternalEventPayload,
    replyId: string | null = null,
  ): InternalEvent {
@@ -405,16 +400,16 @@ export class PluginInstance {
      id: genId(),
      replyId,
      payload,
-      windowContext,
+      context,
    };
  }

  #sendPayload(
-    windowContext: PluginWindowContext,
+    context: PluginContext,
    payload: InternalEventPayload,
    replyId: string | null,
  ): string {
-    const event = this.#buildEventToSend(windowContext, payload, replyId);
+    const event = this.#buildEventToSend(context, payload, replyId);
    this.#sendEvent(event);
    return event.id;
  }
@@ -426,16 +421,16 @@ export class PluginInstance {
    this.#pluginToAppEvents.emit(event);
  }

-  #sendEmpty(windowContext: PluginWindowContext, replyId: string | null = null): string {
-    return this.#sendPayload(windowContext, { type: 'empty_response' }, replyId);
+  #sendEmpty(context: PluginContext, replyId: string | null = null): string {
+    return this.#sendPayload(context, { type: 'empty_response' }, replyId);
  }

-  #sendAndWaitForReply<T extends Omit<InternalEventPayload, 'type'>>(
-    windowContext: PluginWindowContext,
+  #sendForReply<T extends Omit<InternalEventPayload, 'type'>>(
+    context: PluginContext,
    payload: InternalEventPayload,
  ): Promise<T> {
    // 1. Build event to send
-    const eventToSend = this.#buildEventToSend(windowContext, payload, null);
+    const eventToSend = this.#buildEventToSend(context, payload, null);

    // 2. Spawn listener in background
    const promise = new Promise<T>((resolve) => {
@@ -457,12 +452,12 @@ export class PluginInstance {
  }

  #sendAndListenForEvents(
-    windowContext: PluginWindowContext,
+    context: PluginContext,
    payload: InternalEventPayload,
    onEvent: (event: InternalEventPayload) => void,
  ): void {
    // 1. Build event to send
-    const eventToSend = this.#buildEventToSend(windowContext, payload, null);
+    const eventToSend = this.#buildEventToSend(context, payload, null);

    // 2. Listen for replies in the background
    this.#appToPluginEvents.listen((event: InternalEvent) => {
@@ -475,11 +470,23 @@ export class PluginInstance {
    this.#sendEvent(eventToSend);
  }

-  #newCtx(windowContext: PluginWindowContext): Context {
+  #newCtx(context: PluginContext): Context {
+    const _windowInfo = async () => {
+      if (context.label == null) {
+        throw new Error("Can't get window context without an active window");
+      }
+      const payload: InternalEventPayload = {
+        type: 'window_info_request',
+        label: context.label,
+      };
+
+      return this.#sendForReply<WindowInfoResponse>(context, payload);
+    };
+
    return {
      clipboard: {
        copyText: async (text) => {
-          await this.#sendAndWaitForReply(windowContext, {
+          await this.#sendForReply(context, {
            type: 'copy_text_request',
            text,
          });
@@ -487,7 +494,7 @@ export class PluginInstance {
      },
      toast: {
        show: async (args) => {
-          await this.#sendAndWaitForReply(windowContext, {
+          await this.#sendForReply(context, {
            type: 'show_toast_request',
            // Handle default here because null/undefined both convert to None in Rust translation
            timeout: args.timeout === undefined ? 5000 : args.timeout,
@@ -496,6 +503,15 @@ export class PluginInstance {
        },
      },
      window: {
+        requestId: async () => {
+          return (await _windowInfo()).requestId;
+        },
+        async workspaceId(): Promise<string | null> {
+          return (await _windowInfo()).workspaceId;
+        },
+        async environmentId(): Promise<string | null> {
+          return (await _windowInfo()).environmentId;
+        },
        openUrl: async ({ onNavigate, onClose, ...args }) => {
          args.label = args.label || `${Math.random()}`;
          const payload: InternalEventPayload = { type: 'open_window_request', ...args };
@@ -506,21 +522,21 @@ export class PluginInstance {
              onClose?.();
            }
          };
-          this.#sendAndListenForEvents(windowContext, payload, onEvent);
+          this.#sendAndListenForEvents(context, payload, onEvent);
          return {
            close: () => {
              const closePayload: InternalEventPayload = {
                type: 'close_window_request',
                label: args.label,
              };
-              this.#sendPayload(windowContext, closePayload, null);
+              this.#sendPayload(context, closePayload, null);
            },
          };
        },
      },
      prompt: {
        text: async (args) => {
-          const reply: PromptTextResponse = await this.#sendAndWaitForReply(windowContext, {
+          const reply: PromptTextResponse = await this.#sendForReply(context, {
            type: 'prompt_text_request',
            ...args,
          });
@@ -533,8 +549,8 @@ export class PluginInstance {
            type: 'find_http_responses_request',
            ...args,
          } as const;
-          const { httpResponses } = await this.#sendAndWaitForReply<FindHttpResponsesResponse>(
-            windowContext,
+          const { httpResponses } = await this.#sendForReply<FindHttpResponsesResponse>(
+            context,
            payload,
          );
          return httpResponses;
@@ -546,8 +562,8 @@ export class PluginInstance {
            type: 'render_grpc_request_request',
            ...args,
          } as const;
-          const { grpcRequest } = await this.#sendAndWaitForReply<RenderGrpcRequestResponse>(
-            windowContext,
+          const { grpcRequest } = await this.#sendForReply<RenderGrpcRequestResponse>(
+            context,
            payload,
          );
          return grpcRequest;
@@ -559,8 +575,8 @@ export class PluginInstance {
            type: 'get_http_request_by_id_request',
            ...args,
          } as const;
-          const { httpRequest } = await this.#sendAndWaitForReply<GetHttpRequestByIdResponse>(
-            windowContext,
+          const { httpRequest } = await this.#sendForReply<GetHttpRequestByIdResponse>(
+            context,
            payload,
          );
          return httpRequest;
@@ -570,8 +586,8 @@ export class PluginInstance {
            type: 'send_http_request_request',
            ...args,
          } as const;
-          const { httpResponse } = await this.#sendAndWaitForReply<SendHttpRequestResponse>(
-            windowContext,
+          const { httpResponse } = await this.#sendForReply<SendHttpRequestResponse>(
+            context,
            payload,
          );
          return httpResponse;
@@ -581,8 +597,8 @@ export class PluginInstance {
            type: 'render_http_request_request',
            ...args,
          } as const;
-          const { httpRequest } = await this.#sendAndWaitForReply<RenderHttpRequestResponse>(
-            windowContext,
+          const { httpRequest } = await this.#sendForReply<RenderHttpRequestResponse>(
+            context,
            payload,
          );
          return httpRequest;
@@ -594,18 +610,12 @@ export class PluginInstance {
            type: 'get_cookie_value_request',
            ...args,
          } as const;
-          const { value } = await this.#sendAndWaitForReply<GetCookieValueResponse>(
-            windowContext,
-            payload,
-          );
+          const { value } = await this.#sendForReply<GetCookieValueResponse>(context, payload);
          return value;
        },
        listNames: async () => {
          const payload = { type: 'list_cookie_names_request' } as const;
-          const { names } = await this.#sendAndWaitForReply<ListCookieNamesResponse>(
-            windowContext,
-            payload,
-          );
+          const { names } = await this.#sendForReply<ListCookieNamesResponse>(context, payload);
          return names;
        },
      },
@@ -616,20 +626,14 @@ export class PluginInstance {
         */
        render: async (args) => {
          const payload = { type: 'template_render_request', ...args } as const;
-          const result = await this.#sendAndWaitForReply<TemplateRenderResponse>(
-            windowContext,
-            payload,
-          );
+          const result = await this.#sendForReply<TemplateRenderResponse>(context, payload);
          return result.data as any;
        },
      },
      store: {
        get: async <T>(key: string) => {
          const payload = { type: 'get_key_value_request', key } as const;
-          const result = await this.#sendAndWaitForReply<GetKeyValueResponse>(
-            windowContext,
-            payload,
-          );
+          const result = await this.#sendForReply<GetKeyValueResponse>(context, payload);
          return result.value ? (JSON.parse(result.value) as T) : undefined;
        },
        set: async <T>(key: string, value: T) => {
@@ -639,20 +643,17 @@ export class PluginInstance {
            key,
            value: valueStr,
          };
-          await this.#sendAndWaitForReply<GetKeyValueResponse>(windowContext, payload);
+          await this.#sendForReply<GetKeyValueResponse>(context, payload);
        },
        delete: async (key: string) => {
          const payload = { type: 'delete_key_value_request', key } as const;
-          const result = await this.#sendAndWaitForReply<DeleteKeyValueResponse>(
-            windowContext,
-            payload,
-          );
+          const result = await this.#sendForReply<DeleteKeyValueResponse>(context, payload);
          return result.deleted;
        },
      },
      plugin: {
        reload: () => {
-          this.#sendPayload({ type: 'none' }, { type: 'reload_response', silent: true }, null);
+          this.#sendPayload(context, { type: 'reload_response', silent: true }, null);
        },
      },
    };
@@ -668,20 +669,6 @@ function genId(len = 5): string {
  return id;
 }

-/** Recursively apply form input defaults to a set of values */
-function applyFormInputDefaults(
-  inputs: TemplateFunctionArg[],
-  values: { [p: string]: JsonValue | undefined },
-) {
-  for (const input of inputs) {
-    if ('inputs' in input) {
-      applyFormInputDefaults(input.inputs ?? [], values);
-    } else if ('defaultValue' in input && values[input.name] === undefined) {
-      values[input.name] = input.defaultValue;
-    }
-  }
-}
-
 const watchedFiles: Record<string, Stats | null> = {};

 /**
--- a/packages/plugin-runtime/src/common.ts
+++ b/packages/plugin-runtime/src/common.ts
@@ -0,0 +1,56 @@
+import {
+  CallHttpAuthenticationActionArgs,
+  CallTemplateFunctionArgs,
+  JsonPrimitive,
+  TemplateFunctionArg,
+} from '@yaakapp-internal/plugins';
+import { Context, DynamicAuthenticationArg, DynamicTemplateFunctionArg } from '@yaakapp/api';
+
+/** Recursively apply form input defaults to a set of values */
+export function applyFormInputDefaults(
+  inputs: TemplateFunctionArg[],
+  values: { [p: string]: JsonPrimitive | undefined },
+) {
+  let newValues: { [p: string]: JsonPrimitive | undefined } = { ...values };
+  for (const input of inputs) {
+    if ('defaultValue' in input && values[input.name] === undefined) {
+      newValues[input.name] = input.defaultValue;
+    }
+    // Recurse down to all child inputs
+    if ('inputs' in input) {
+      newValues = applyFormInputDefaults(input.inputs ?? [], newValues);
+    }
+  }
+  return newValues;
+}
+
+export async function applyDynamicFormInput(
+  ctx: Context,
+  args: DynamicTemplateFunctionArg[],
+  callArgs: CallTemplateFunctionArgs,
+): Promise<DynamicTemplateFunctionArg[]>;
+
+export async function applyDynamicFormInput(
+  ctx: Context,
+  args: DynamicAuthenticationArg[],
+  callArgs: CallHttpAuthenticationActionArgs,
+): Promise<DynamicAuthenticationArg[]>;
+
+export async function applyDynamicFormInput(
+  ctx: Context,
+  args: (DynamicTemplateFunctionArg | DynamicAuthenticationArg)[],
+  callArgs: CallTemplateFunctionArgs | CallHttpAuthenticationActionArgs,
+): Promise<(DynamicTemplateFunctionArg | DynamicAuthenticationArg)[]> {
+  const resolvedArgs: any[] = [];
+  for (const { dynamic, ...arg } of args) {
+    const newArg: any = {
+      ...arg,
+      ...(typeof dynamic === 'function' ? await dynamic(ctx, callArgs as any) : undefined),
+    };
+    if ('inputs' in newArg && Array.isArray(newArg.inputs)) {
+      newArg.inputs = await applyDynamicFormInput(ctx, newArg.inputs, callArgs as any);
+    }
+    resolvedArgs.push(newArg);
+  }
+  return resolvedArgs;
+}
--- a/packages/plugin-runtime/src/index.ts
+++ b/packages/plugin-runtime/src/index.ts
@@ -8,10 +8,15 @@ if (!port) {
  throw new Error('Plugin runtime missing PORT')
 }

+const host = process.env.HOST;
+if (!host) {
+  throw new Error('Plugin runtime missing HOST')
+}
+
 const pluginToAppEvents = new EventChannel();
 const plugins: Record<string, PluginHandle> = {};

-const ws = new WebSocket(`ws://localhost:${port}`);
+const ws = new WebSocket(`ws://${host}:${port}`);

 ws.on('message', async (e: Buffer) => {
  try {
@@ -34,7 +39,7 @@ async function handleIncoming(msg: string) {
  const pluginEvent: InternalEvent = JSON.parse(msg);
  // Handle special event to bootstrap plugin
  if (pluginEvent.payload.type === 'boot_request') {
-    const plugin = new PluginHandle(pluginEvent.pluginRefId, pluginEvent.payload, pluginToAppEvents);
+    const plugin = new PluginHandle(pluginEvent.pluginRefId, pluginEvent.context, pluginEvent.payload, pluginToAppEvents);
    plugins[pluginEvent.pluginRefId] = plugin;
  }

--- a/packages/plugin-runtime/src/migrations.ts
+++ b/packages/plugin-runtime/src/migrations.ts
@@ -1,4 +1,4 @@
-import { TemplateFunctionPlugin } from '@yaakapp/api/lib/plugins/TemplateFunctionPlugin';
+import type { TemplateFunctionPlugin } from '@yaakapp/api';

 export function migrateTemplateFunctionSelectOptions(
  f: TemplateFunctionPlugin,
@@ -13,8 +13,5 @@ export function migrateTemplateFunctionSelectOptions(
    return a;
  });

-  return {
-    ...f,
-    args: migratedArgs,
-  };
+  return { ...f, args: migratedArgs };
 }
--- a/packages/plugin-runtime/tests/common.test.ts
+++ b/packages/plugin-runtime/tests/common.test.ts
@@ -0,0 +1,150 @@
+import { CallTemplateFunctionArgs } from '@yaakapp-internal/plugins';
+import { Context, DynamicTemplateFunctionArg } from '@yaakapp/api';
+import { describe, expect, test } from 'vitest';
+import { applyDynamicFormInput, applyFormInputDefaults } from '../src/common';
+
+describe('applyFormInputDefaults', () => {
+  test('Works with top-level select', () => {
+    const args: DynamicTemplateFunctionArg[] = [
+      {
+        type: 'select',
+        name: 'test',
+        options: [{ label: 'Option 1', value: 'one' }],
+        defaultValue: 'one',
+      },
+    ];
+    expect(applyFormInputDefaults(args, {})).toEqual({
+      test: 'one',
+    });
+  });
+
+  test('Works with existing value', () => {
+    const args: DynamicTemplateFunctionArg[] = [
+      {
+        type: 'select',
+        name: 'test',
+        options: [{ label: 'Option 1', value: 'one' }],
+        defaultValue: 'one',
+      },
+    ];
+    expect(applyFormInputDefaults(args, { test: 'explicit' })).toEqual({
+      test: 'explicit',
+    });
+  });
+
+  test('Works with recursive select', () => {
+    const args: DynamicTemplateFunctionArg[] = [
+      { type: 'text', name: 'dummy', defaultValue: 'top' },
+      {
+        type: 'accordion',
+        label: 'Test',
+        inputs: [
+          { type: 'text', name: 'name', defaultValue: 'hello' },
+          {
+            type: 'select',
+            name: 'test',
+            options: [{ label: 'Option 1', value: 'one' }],
+            defaultValue: 'one',
+          },
+        ],
+      },
+    ];
+    expect(applyFormInputDefaults(args, {})).toEqual({
+      dummy: 'top',
+      test: 'one',
+      name: 'hello',
+    });
+  });
+
+  test('Works with dynamic options', () => {
+    const args: DynamicTemplateFunctionArg[] = [
+      {
+        type: 'select',
+        name: 'test',
+        defaultValue: 'one',
+        options: [],
+        dynamic() {
+          return { options: [{ label: 'Option 1', value: 'one' }] };
+        },
+      },
+    ];
+    expect(applyFormInputDefaults(args, {})).toEqual({
+      test: 'one',
+    });
+    expect(applyFormInputDefaults(args, {})).toEqual({
+      test: 'one',
+    });
+  });
+});
+
+describe('applyDynamicFormInput', () => {
+  test('Works with plain input', async () => {
+    const ctx = {} as Context;
+    const args: DynamicTemplateFunctionArg[] = [
+      { type: 'text', name: 'name' },
+      { type: 'checkbox', name: 'checked' },
+    ];
+    const callArgs: CallTemplateFunctionArgs = {
+      values: {},
+      purpose: 'preview',
+    };
+    expect(await applyDynamicFormInput(ctx, args, callArgs)).toEqual([
+      { type: 'text', name: 'name' },
+      { type: 'checkbox', name: 'checked' },
+    ]);
+  });
+
+  test('Works with dynamic input', async () => {
+    const ctx = {} as Context;
+    const args: DynamicTemplateFunctionArg[] = [
+      {
+        type: 'text',
+        name: 'name',
+        async dynamic(_ctx, _args) {
+          return { hidden: true };
+        },
+      },
+    ];
+    const callArgs: CallTemplateFunctionArgs = {
+      values: {},
+      purpose: 'preview',
+    };
+    expect(await applyDynamicFormInput(ctx, args, callArgs)).toEqual([
+      { type: 'text', name: 'name', hidden: true },
+    ]);
+  });
+
+  test('Works with recursive dynamic input', async () => {
+    const ctx = {} as Context;
+    const callArgs: CallTemplateFunctionArgs = {
+      values: { hello: 'world' },
+      purpose: 'preview',
+    };
+    const args: DynamicTemplateFunctionArg[] = [
+      {
+        type: 'banner',
+        inputs: [
+          {
+            type: 'text',
+            name: 'name',
+            async dynamic(_ctx, args) {
+              return { hidden: args.values.hello === 'world' };
+            },
+          },
+        ],
+      },
+    ];
+    expect(await applyDynamicFormInput(ctx, args, callArgs)).toEqual([
+      {
+        type: 'banner',
+        inputs: [
+          {
+            type: 'text',
+            name: 'name',
+            hidden: true,
+          },
+        ],
+      },
+    ]);
+  });
+});
--- a/plugins/action-copy-curl/src/index.ts
+++ b/plugins/action-copy-curl/src/index.ts
@@ -43,6 +43,26 @@ export async function convertToCurl(request: Partial<HttpRequest>) {
    finalUrl = base + separator + queryString + (hash ? `#${hash}` : '');
  }

+  // Add API key authentication
+  if (request.authenticationType === 'apikey') {
+    if (request.authentication?.location === 'query') {
+      const sep = finalUrl.includes('?') ? '&' : '?';
+      finalUrl = [
+        finalUrl,
+        sep,
+        encodeURIComponent(request.authentication?.key ?? 'token'),
+        '=',
+        encodeURIComponent(request.authentication?.value ?? ''),
+      ].join('');
+    } else {
+      request.headers = request.headers ?? [];
+      request.headers.push({
+        name: request.authentication?.key ?? 'X-Api-Key',
+        value: request.authentication?.value ?? '',
+      });
+    }
+  }
+
  xs.push(quote(finalUrl));
  xs.push(NEWLINE);

@@ -82,21 +102,49 @@ export async function convertToCurl(request: Partial<HttpRequest>) {
  }

  // Add basic/digest authentication
-  if (request.authenticationType === 'basic' || request.authenticationType === 'digest') {
-    if (request.authenticationType === 'digest') xs.push('--digest');
-    xs.push(
-      '--user',
-      quote(`${request.authentication?.username ?? ''}:${request.authentication?.password ?? ''}`),
-    );
-    xs.push(NEWLINE);
-  }
+  if (request.authentication?.disabled !== true) {
+    if (request.authenticationType === 'basic' || request.authenticationType === 'digest') {
+      if (request.authenticationType === 'digest') xs.push('--digest');
+      xs.push(
+        '--user',
+        quote(
+          `${request.authentication?.username ?? ''}:${request.authentication?.password ?? ''}`,
+        ),
+      );
+      xs.push(NEWLINE);
+    }

-  // Add bearer authentication
-  if (request.authenticationType === 'bearer') {
-    const value =
-      `${request.authentication?.prefix ?? 'Bearer'} ${request.authentication?.token ?? ''}`.trim();
-    xs.push('--header', quote(`Authorization: ${value}`));
-    xs.push(NEWLINE);
+    // Add bearer authentication
+    if (request.authenticationType === 'bearer') {
+      const value =
+        `${request.authentication?.prefix ?? 'Bearer'} ${request.authentication?.token ?? ''}`.trim();
+      xs.push('--header', quote(`Authorization: ${value}`));
+      xs.push(NEWLINE);
+    }
+
+    if (request.authenticationType === 'auth-aws-sig-v4') {
+      xs.push(
+        '--aws-sigv4',
+        [
+          'aws',
+          'amz',
+          request.authentication?.region ?? '',
+          request.authentication?.service ?? '',
+        ].join(':'),
+      );
+      xs.push(NEWLINE);
+      xs.push(
+        '--user',
+        quote(
+          `${request.authentication?.accessKeyId ?? ''}:${request.authentication?.secretAccessKey ?? ''}`,
+        ),
+      );
+      if (request.authentication?.sessionToken) {
+        xs.push(NEWLINE);
+        xs.push('--header', quote(`X-Amz-Security-Token: ${request.authentication.sessionToken}`));
+      }
+      xs.push(NEWLINE);
+    }
  }

  // Remove trailing newline
--- a/plugins/action-copy-curl/tests/index.test.ts
+++ b/plugins/action-copy-curl/tests/index.test.ts
@@ -27,6 +27,7 @@ describe('exporter-curl', () => {
      }),
    ).toEqual([`curl 'https://yaak.app/path?a=aaa&b=bbb#section'`].join(` \\n  `));
  });
+
  test('Exports POST with url form data', async () => {
    expect(
      await convertToCurl({
@@ -170,6 +171,20 @@ describe('exporter-curl', () => {
    ).toEqual([`curl 'https://yaak.app'`, `--user 'user:pass'`].join(` \\\n  `));
  });

+  test('Basic auth disabled', async () => {
+    expect(
+      await convertToCurl({
+        url: 'https://yaak.app',
+        authenticationType: 'basic',
+        authentication: {
+          disabled: true,
+          username: 'user',
+          password: 'pass',
+        },
+      }),
+    ).toEqual([`curl 'https://yaak.app'`].join(` \\\n  `));
+  });
+
  test('Broken basic auth', async () => {
    expect(
      await convertToCurl({
@@ -246,6 +261,145 @@ describe('exporter-curl', () => {
    ).toEqual([`curl 'https://yaak.app'`, `--header 'Authorization: Bearer'`].join(` \\\n  `));
  });

+  test('AWS v4 auth', async () => {
+    expect(
+      await convertToCurl({
+        url: 'https://yaak.app',
+        authenticationType: 'auth-aws-sig-v4',
+        authentication: {
+          accessKeyId: 'ak',
+          secretAccessKey: 'sk',
+          sessionToken: '',
+          region: 'us-east-1',
+          service: 's3',
+        },
+      }),
+    ).toEqual(
+      [`curl 'https://yaak.app'`, `--aws-sigv4 aws:amz:us-east-1:s3`, `--user 'ak:sk'`].join(
+        ` \\\n  `,
+      ),
+    );
+  });
+
+  test('AWS v4 auth with session', async () => {
+    expect(
+      await convertToCurl({
+        url: 'https://yaak.app',
+        authenticationType: 'auth-aws-sig-v4',
+        authentication: {
+          accessKeyId: 'ak',
+          secretAccessKey: 'sk',
+          sessionToken: 'st',
+          region: 'us-east-1',
+          service: 's3',
+        },
+      }),
+    ).toEqual(
+      [
+        `curl 'https://yaak.app'`,
+        `--aws-sigv4 aws:amz:us-east-1:s3`,
+        `--user 'ak:sk'`,
+        `--header 'X-Amz-Security-Token: st'`,
+      ].join(` \\\n  `),
+    );
+  });
+
+  test('API key auth header', async () => {
+    expect(
+      await convertToCurl({
+        url: 'https://yaak.app',
+        authenticationType: 'apikey',
+        authentication: {
+          location: 'header',
+          key: 'X-Header',
+          value: 'my-token',
+        },
+      }),
+    ).toEqual([`curl 'https://yaak.app'`, `--header 'X-Header: my-token'`].join(` \\\n  `));
+  });
+
+  test('API key auth header query', async () => {
+    expect(
+      await convertToCurl({
+        url: 'https://yaak.app?hi=there',
+        urlParameters: [{ name: 'param', value: 'hi' }],
+        authenticationType: 'apikey',
+        authentication: {
+          location: 'query',
+          key: 'foo',
+          value: 'bar',
+        },
+      }),
+    ).toEqual([`curl 'https://yaak.app?hi=there&param=hi&foo=bar'`].join(` \\\n  `));
+  });
+
+  test('API key auth header query with params', async () => {
+    expect(
+      await convertToCurl({
+        url: 'https://yaak.app',
+        urlParameters: [{ name: 'param', value: 'hi' }],
+        authenticationType: 'apikey',
+        authentication: {
+          location: 'query',
+          key: 'foo',
+          value: 'bar',
+        },
+      }),
+    ).toEqual([`curl 'https://yaak.app?param=hi&foo=bar'`].join(` \\\n  `));
+  });
+
+  test('API key auth header default', async () => {
+    expect(
+      await convertToCurl({
+        url: 'https://yaak.app',
+        authenticationType: 'apikey',
+        authentication: {
+          location: 'header',
+        },
+      }),
+    ).toEqual([`curl 'https://yaak.app'`, `--header 'X-Api-Key: '`].join(` \\\n  `));
+  });
+
+  test('API key auth query', async () => {
+    expect(
+      await convertToCurl({
+        url: 'https://yaak.app',
+        authenticationType: 'apikey',
+        authentication: {
+          location: 'query',
+          key: 'foo',
+          value: 'bar-baz',
+        },
+      }),
+    ).toEqual([`curl 'https://yaak.app?foo=bar-baz'`].join(` \\\n  `));
+  });
+
+  test('API key auth query with existing', async () => {
+    expect(
+      await convertToCurl({
+        url: 'https://yaak.app?foo=bar&baz=qux',
+        authenticationType: 'apikey',
+        authentication: {
+          location: 'query',
+          key: 'hi',
+          value: 'there',
+        },
+      }),
+    ).toEqual([`curl 'https://yaak.app?foo=bar&baz=qux&hi=there'`].join(` \\\n  `));
+  });
+
+  test('API key auth query default', async () => {
+    expect(
+      await convertToCurl({
+        url: 'https://yaak.app?foo=bar&baz=qux',
+        authenticationType: 'apikey',
+        authentication: {
+          location: 'query',
+        },
+      }),
+    ).toEqual([`curl 'https://yaak.app?foo=bar&baz=qux&token='`].join(` \\\n  `));
+  });
+
  test('Stale body data', async () => {
    expect(
      await convertToCurl({
--- a/plugins/action-copy-grpcurl/src/index.ts
+++ b/plugins/action-copy-grpcurl/src/index.ts
@@ -68,16 +68,37 @@ export async function convert(request: Partial<GrpcRequest>, allProtoFiles: stri
  }

  // Add basic authentication
-  if (request.authenticationType === 'basic') {
-    const user = request.authentication?.username ?? '';
-    const pass = request.authentication?.password ?? '';
-    const encoded = btoa(`${user}:${pass}`);
-    xs.push('-H', quote(`Authorization: Basic ${encoded}`));
-    xs.push(NEWLINE);
-  } else if (request.authenticationType === 'bearer') {
-    // Add bearer authentication
-    xs.push('-H', quote(`Authorization: Bearer ${request.authentication?.token ?? ''}`));
-    xs.push(NEWLINE);
+  if (request.authentication?.disabled !== true) {
+    if (request.authenticationType === 'basic') {
+      const user = request.authentication?.username ?? '';
+      const pass = request.authentication?.password ?? '';
+      const encoded = btoa(`${user}:${pass}`);
+      xs.push('-H', quote(`Authorization: Basic ${encoded}`));
+      xs.push(NEWLINE);
+    } else if (request.authenticationType === 'bearer') {
+      // Add bearer authentication
+      xs.push('-H', quote(`Authorization: Bearer ${request.authentication?.token ?? ''}`));
+      xs.push(NEWLINE);
+    } else if (request.authenticationType === 'apikey') {
+      if (request.authentication?.location === 'query') {
+        const sep = request.url?.includes('?') ? '&' : '?';
+        request.url = [
+          request.url,
+          sep,
+          encodeURIComponent(request.authentication?.key ?? 'token'),
+          '=',
+          encodeURIComponent(request.authentication?.value ?? ''),
+        ].join('');
+      } else {
+        xs.push(
+          '-H',
+          quote(
+            `${request.authentication?.key ?? 'X-Api-Key'}: ${request.authentication?.value ?? ''}`,
+          ),
+        );
+      }
+      xs.push(NEWLINE);
+    }
  }

  // Add form params
--- a/plugins/action-copy-grpcurl/tests/index.test.ts
+++ b/plugins/action-copy-grpcurl/tests/index.test.ts
@@ -27,6 +27,55 @@ describe('exporter-curl', () => {
      ),
    ).toEqual([`grpcurl -H 'aaa: AAA'`, `-H 'bbb: BBB'`, `yaak.app`].join(` \\\n  `));
  });
+  test('Basic auth', async () => {
+    expect(
+      await convert(
+        {
+          url: 'https://yaak.app',
+          authenticationType: 'basic',
+          authentication: {
+            username: 'user',
+            password: 'pass',
+          },
+        },
+        [],
+      ),
+    ).toEqual([`grpcurl -H 'Authorization: Basic dXNlcjpwYXNz'`, `yaak.app`].join(` \\\n  `));
+  });
+
+  test('API key auth', async () => {
+    expect(
+      await convert(
+        {
+          url: 'https://yaak.app',
+          authenticationType: 'apikey',
+          authentication: {
+            key: 'X-Token',
+            value: 'tok',
+          },
+        },
+        [],
+      ),
+    ).toEqual([`grpcurl -H 'X-Token: tok'`, `yaak.app`].join(` \\\n  `));
+  });
+
+  test('API key auth', async () => {
+    expect(
+      await convert(
+        {
+          url: 'https://yaak.app',
+          authenticationType: 'apikey',
+          authentication: {
+            location: 'query',
+            key: 'token',
+            value: 'tok 1',
+          },
+        },
+        [],
+      ),
+    ).toEqual([`grpcurl`, `yaak.app?token=tok%201`].join(` \\\n  `));
+  });
+
  test('Single proto file', async () => {
    expect(await convert({ url: 'https://yaak.app' }, ['/foo/bar/baz.proto'])).toEqual(
      [
--- a/plugins/auth-aws/src/index.ts
+++ b/plugins/auth-aws/src/index.ts
@@ -6,7 +6,7 @@ import { URL } from 'node:url';

 export const plugin: PluginDefinition = {
  authentication: {
-    name: 'auth-aws-sig-v4',
+    name: 'awsv4',
    label: 'AWS Signature',
    shortLabel: 'AWS v4',
    args: [
@@ -57,10 +57,6 @@ export const plugin: PluginDefinition = {
        }
      }

-      if (args.method !== 'GET') {
-        headers['x-amz-content-sha256'] = 'UNSIGNED-PAYLOAD';
-      }
-
      const signature = aws4.sign(
        {
          host: url.host,
@@ -68,6 +64,7 @@ export const plugin: PluginDefinition = {
          path: url.pathname + (url.search || ''),
          service: String(values.service || 'sts'),
          region: values.region ? String(values.region) : undefined,
+          body: values.body ? String(values.body) : undefined,
          headers,
        },
        {
@@ -77,11 +74,6 @@ export const plugin: PluginDefinition = {
        },
      );

-      // After signing, aws4 will set:
-      //  - opts.headers["Authorization"]
-      //  - opts.headers["X-Amz-Date"]
-      //  - optionally content sha256 header etc
-
      if (signature.headers == null) {
        return {};
      }
--- a/plugins/auth-jwt/src/index.ts
+++ b/plugins/auth-jwt/src/index.ts
@@ -46,6 +46,50 @@ export const plugin: PluginDefinition = {
        name: 'secretBase64',
        label: 'Secret is base64 encoded',
      },
+      {
+        type: 'select',
+        name: 'location',
+        label: 'Behavior',
+        defaultValue: 'header',
+        options: [
+          { label: 'Insert Header', value: 'header' },
+          { label: 'Append Query Parameter', value: 'query' },
+        ],
+      },
+      {
+        type: 'text',
+        name: 'name',
+        label: 'Header Name',
+        defaultValue: 'Authorization',
+        optional: true,
+        dynamic(_ctx, args) {
+          if (args.values.location === 'query') {
+            return {
+              label: 'Parameter Name',
+              description: 'The name of the query parameter to add to the request',
+            };
+          } else {
+            return {
+              label: 'Header Name',
+              description: 'The name of the header to add to the request',
+            };
+          }
+        },
+      },
+      {
+        type: 'text',
+        name: 'headerPrefix',
+        label: 'Header Prefix',
+        optional: true,
+        defaultValue: 'Bearer',
+        dynamic(_ctx, args) {
+          if (args.values.location === 'query') {
+            return {
+              hidden: true,
+            };
+          }
+        },
+      },
      {
        type: 'editor',
        name: 'payload',
@@ -61,8 +105,17 @@ export const plugin: PluginDefinition = {
      const token = jwt.sign(`${payload}`, secret, {
        algorithm: algorithm as (typeof algorithms)[number],
      });
-      const value = `Bearer ${token}`;
-      return { setHeaders: [{ name: 'Authorization', value }] };
+
+      if (values.location === 'query') {
+        const paramName = String(values.name || 'token');
+        const paramValue = String(values.value || '');
+        return { setQueryParameters: [{ name: paramName, value: paramValue }] };
+      } else {
+        const headerPrefix = values.headerPrefix != null ? values.headerPrefix : 'Bearer';
+        const headerName = String(values.name || 'Authorization');
+        const headerValue = `${headerPrefix} ${token}`.trim();
+        return { setHeaders: [{ name: headerName, value: headerValue }] };
+      }
    },
  },
 };
--- a/plugins/auth-ntlm/package.json
+++ b/plugins/auth-ntlm/package.json
@@ -0,0 +1,20 @@
+{
+  "name": "@yaak/auth-ntlm",
+  "displayName": "NTLM Authentication",
+  "description": "Authenticate requests using NTLM authentication",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mountain-loop/yaak.git",
+    "directory": "plugins/auth-ntlm"
+  },
+  "private": true,
+  "version": "0.1.0",
+  "scripts": {
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "tsc --noEmit && eslint . --ext .ts,.tsx"
+  },
+  "dependencies": {
+    "httpntlm": "^1.8.13"
+  }
+}
--- a/plugins/auth-ntlm/src/index.ts
+++ b/plugins/auth-ntlm/src/index.ts
@@ -0,0 +1,76 @@
+import type { PluginDefinition } from '@yaakapp/api';
+
+import { ntlm } from 'httpntlm';
+
+export const plugin: PluginDefinition = {
+  authentication: {
+    name: 'windows',
+    label: 'NTLM Auth',
+    shortLabel: 'NTLM',
+    args: [
+      {
+        type: 'text',
+        name: 'username',
+        label: 'Username',
+        optional: true,
+      },
+      {
+        type: 'text',
+        name: 'password',
+        label: 'Password',
+        optional: true,
+        password: true,
+      },
+      {
+        type: 'accordion',
+        label: 'Advanced',
+        inputs: [
+          { name: 'domain', label: 'Domain', type: 'text', optional: true },
+          { name: 'workstation', label: 'Workstation', type: 'text', optional: true },
+        ],
+      },
+    ],
+    async onApply(ctx, { values, method, url }) {
+      const username = values.username ? String(values.username) : undefined;
+      const password = values.password ? String(values.password) : undefined;
+      const domain = values.domain ? String(values.domain) : undefined;
+      const workstation = values.workstation ? String(values.workstation) : undefined;
+
+      const options = {
+        url,
+        username,
+        password,
+        workstation,
+        domain,
+      };
+
+      const type1 = ntlm.createType1Message(options);
+
+      const negotiateResponse = await ctx.httpRequest.send({
+        httpRequest: {
+          method,
+          url,
+          headers: [
+            { name: 'Authorization', value: type1 },
+            { name: 'Connection', value: 'keep-alive' },
+          ],
+        },
+      });
+
+      const wwwAuthenticateHeader = negotiateResponse.headers.find(
+        (h) => h.name.toLowerCase() === 'www-authenticate',
+      );
+
+      if (!wwwAuthenticateHeader?.value) {
+        throw new Error('Unable to find www-authenticate response header for NTLM');
+      }
+
+      const type2 = ntlm.parseType2Message(wwwAuthenticateHeader.value, (err: Error | null) => {
+        if (err != null) throw err;
+      });
+      const type3 = ntlm.createType3Message(type2, options);
+
+      return { setHeaders: [{ name: 'Authorization', value: type3 }] };
+    },
+  },
+};
--- a/plugins/auth-ntlm/src/modules.d.ts
+++ b/plugins/auth-ntlm/src/modules.d.ts
@@ -0,0 +1 @@
+declare module 'httpntlm';
--- a/plugins/auth-ntlm/tsconfig.json
+++ b/plugins/auth-ntlm/tsconfig.json
@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}
--- a/plugins/auth-oauth1/package.json
+++ b/plugins/auth-oauth1/package.json
@@ -0,0 +1,20 @@
+{
+  "name": "@yaak/auth-oauth1",
+  "displayName": "OAuth 1.0",
+  "description": "Authenticate requests using OAuth 1.0a",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/mountain-loop/yaak.git",
+    "directory": "plugins/auth-oauth1"
+  },
+  "private": true,
+  "version": "0.1.0",
+  "scripts": {
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "tsc --noEmit && eslint . --ext .ts,.tsx"
+  },
+  "dependencies": {
+    "oauth-1.0a": "^2.2.6"
+  }
+}
--- a/plugins/auth-oauth1/src/index.ts
+++ b/plugins/auth-oauth1/src/index.ts
@@ -0,0 +1,197 @@
+import type { Context, GetHttpAuthenticationConfigRequest, PluginDefinition } from '@yaakapp/api';
+import crypto from 'node:crypto';
+import OAuth from 'oauth-1.0a';
+
+const signatures = {
+  HMAC_SHA1: 'HMAC-SHA1',
+  HMAC_SHA256: 'HMAC-SHA256',
+  HMAC_SHA512: 'HMAC-SHA512',
+  RSA_SHA1: 'RSA-SHA1',
+  RSA_SHA256: 'RSA-SHA256',
+  RSA_SHA512: 'RSA-SHA512',
+  PLAINTEXT: 'PLAINTEXT',
+} as const;
+const defaultSig = signatures.HMAC_SHA1;
+
+const pkSigs = Object.values(signatures).filter((k) => k.startsWith('RSA-'));
+const nonPkSigs = Object.values(signatures).filter((k) => !pkSigs.includes(k));
+
+type SigMethod = (typeof signatures)[keyof typeof signatures];
+
+function hiddenIfNot(
+  sigMethod: SigMethod[],
+  ...other: ((values: GetHttpAuthenticationConfigRequest['values']) => boolean)[]
+) {
+  return (_ctx: Context, { values }: GetHttpAuthenticationConfigRequest) => {
+    const hasGrantType = sigMethod.find((t) => t === String(values.signatureMethod ?? defaultSig));
+    const hasOtherBools = other.every((t) => t(values));
+    const show = hasGrantType && hasOtherBools;
+    return { hidden: !show };
+  };
+}
+
+export const plugin: PluginDefinition = {
+  authentication: {
+    name: 'oauth1',
+    label: 'OAuth 1.0',
+    shortLabel: 'OAuth 1',
+    args: [
+      {
+        name: 'signatureMethod',
+        label: 'Signature Method',
+        type: 'select',
+        defaultValue: defaultSig,
+        options: Object.values(signatures).map((v) => ({ label: v, value: v })),
+      },
+      { name: 'consumerKey', label: 'Consumer Key', type: 'text', password: true, optional: true },
+      {
+        name: 'consumerSecret',
+        label: 'Consumer Secret',
+        type: 'text',
+        password: true,
+        optional: true,
+      },
+      {
+        name: 'tokenKey',
+        label: 'Access Token',
+        type: 'text',
+        password: true,
+        optional: true,
+      },
+      {
+        name: 'tokenSecret',
+        label: 'Token Secret',
+        type: 'text',
+        password: true,
+        optional: true,
+        dynamic: hiddenIfNot(nonPkSigs),
+      },
+      {
+        name: 'privateKey',
+        label: 'Private Key (RSA-SHA1)',
+        type: 'text',
+        multiLine: true,
+        optional: true,
+        password: true,
+        placeholder:
+          '-----BEGIN RSA PRIVATE KEY-----\nPrivate key in PEM format\n-----END RSA PRIVATE KEY-----',
+        dynamic: hiddenIfNot(pkSigs),
+      },
+      {
+        type: 'accordion',
+        label: 'Advanced',
+        inputs: [
+          { name: 'callback', label: 'Callback Url', type: 'text', optional: true },
+          { name: 'verifier', label: 'Verifier', type: 'text', optional: true, password: true },
+          { name: 'timestamp', label: 'Timestamp', type: 'text', optional: true },
+          { name: 'nonce', label: 'Nonce', type: 'text', optional: true },
+          {
+            name: 'version',
+            label: 'OAuth Version',
+            type: 'text',
+            optional: true,
+            defaultValue: '1.0',
+          },
+          { name: 'realm', label: 'Realm', type: 'text', optional: true },
+        ],
+      },
+    ],
+
+    onApply(
+      _ctx,
+      { values, method, url },
+    ): {
+      setHeaders?: { name: string; value: string }[];
+      setQueryParameters?: { name: string; value: string }[];
+    } {
+      const consumerKey = String(values.consumerKey || '');
+      const consumerSecret = String(values.consumerSecret || '');
+
+      const signatureMethod = String(values.signatureMethod || signatures.HMAC_SHA1) as SigMethod;
+      const version = String(values.version || '1.0');
+      const realm = String(values.realm || '') || undefined;
+
+      const oauth = new OAuth({
+        consumer: { key: consumerKey, secret: consumerSecret },
+        signature_method: signatureMethod,
+        version,
+        hash_function: hashFunction(signatureMethod),
+        realm,
+      });
+
+      if (pkSigs.includes(signatureMethod)) {
+        oauth.getSigningKey = (tokenSecret?: string) => tokenSecret || '';
+      }
+
+      const requestUrl = new URL(url);
+
+      // Base request options passed to oauth-1.0a
+      const requestData: Omit<OAuth.RequestOptions, 'data'> & {
+        data: Record<string, string | string[]>;
+      } = {
+        method,
+        url: requestUrl.toString(),
+        includeBodyHash: false,
+        data: {},
+      };
+
+      // (1) Include existing query params in signature base string
+      for (const key of requestUrl.searchParams.keys()) {
+        if (key.startsWith('oauth_')) continue;
+        const all = requestUrl.searchParams.getAll(key);
+        requestData.data[key] = all.length > 1 ? all : all[0]!;
+      }
+
+      // (2) Manual oauth_* overrides
+      if (values.callback) requestData.data.oauth_callback = String(values.callback);
+      if (values.nonce) requestData.data.oauth_nonce = String(values.nonce);
+      if (values.timestamp) requestData.data.oauth_timestamp = String(values.timestamp);
+      if (values.verifier) requestData.data.oauth_verifier = String(values.verifier);
+
+      let token: OAuth.Token | { key: string } | undefined;
+
+      if (pkSigs.includes(signatureMethod)) {
+        token = {
+          key: String(values.tokenKey || ''),
+          secret: String(values.privateKey || ''),
+        };
+      } else if (values.tokenKey && values.tokenSecret) {
+        token = { key: String(values.tokenKey), secret: String(values.tokenSecret) };
+      } else if (values.tokenKey) {
+        token = { key: String(values.tokenKey) };
+      }
+
+      const authParams = oauth.authorize(requestData, token as OAuth.Token | undefined);
+      const { Authorization } = oauth.toHeader(authParams);
+      return { setHeaders: [{ name: 'Authorization', value: Authorization }] };
+    },
+  },
+};
+
+function hashFunction(signatureMethod: SigMethod) {
+  switch (signatureMethod) {
+    case signatures.HMAC_SHA1:
+      return (base: string, key: string) =>
+        crypto.createHmac('sha1', key).update(base).digest('base64');
+    case signatures.HMAC_SHA256:
+      return (base: string, key: string) =>
+        crypto.createHmac('sha256', key).update(base).digest('base64');
+    case signatures.HMAC_SHA512:
+      return (base: string, key: string) =>
+        crypto.createHmac('sha512', key).update(base).digest('base64');
+    case signatures.RSA_SHA1:
+      return (base: string, privateKey: string) =>
+        crypto.createSign('RSA-SHA1').update(base).sign(privateKey, 'base64');
+    case signatures.RSA_SHA256:
+      return (base: string, privateKey: string) =>
+        crypto.createSign('RSA-SHA256').update(base).sign(privateKey, 'base64');
+    case signatures.RSA_SHA512:
+      return (base: string, privateKey: string) =>
+        crypto.createSign('RSA-SHA512').update(base).sign(privateKey, 'base64');
+    case signatures.PLAINTEXT:
+      return (base: string) => base;
+    default:
+      return (base: string, key: string) =>
+        crypto.createHmac('sha1', key).update(base).digest('base64');
+  }
+}
--- a/plugins/auth-oauth1/tsconfig.json
+++ b/plugins/auth-oauth1/tsconfig.json
@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}
--- a/plugins/auth-oauth2/src/index.ts
+++ b/plugins/auth-oauth2/src/index.ts
@@ -288,6 +288,7 @@ export const plugin: PluginDefinition = {
      {
        type: 'accordion',
        label: 'Access Token Response',
+        inputs: [],
        async dynamic(ctx, { contextId, values }) {
          const tokenArgs: TokenStoreArgs = {
            contextId,
@@ -304,6 +305,7 @@ export const plugin: PluginDefinition = {
            inputs: [
              {
                type: 'editor',
+                name: 'response',
                defaultValue: JSON.stringify(token.response, null, 2),
                hideLabel: true,
                readOnly: true,
--- a/plugins/importer-insomnia/src/common.ts
+++ b/plugins/importer-insomnia/src/common.ts
@@ -1,9 +1,3 @@
-
-export function convertSyntax(variable: string): string {
-  if (!isJSString(variable)) return variable;
-  return variable.replaceAll(/{{\s*(_\.)?([^}]+)\s*}}/g, '${[$2]}');
-}
-
 export function isJSObject(obj: unknown) {
  return Object.prototype.toString.call(obj) === '[object Object]';
 }
@@ -32,3 +26,18 @@ export function deleteUndefinedAttrs<T>(obj: T): T {
    return obj;
  }
 }
+
+/** Recursively render all nested object properties */
+export function convertTemplateSyntax<T>(obj: T): T {
+  if (typeof obj === 'string') {
+    return obj.replaceAll(/{{\s*(_\.)?([^}]+)\s*}}/g, '${[$2]}') as T;
+  } else if (Array.isArray(obj) && obj != null) {
+    return obj.map(convertTemplateSyntax) as T;
+  } else if (typeof obj === 'object' && obj != null) {
+    return Object.fromEntries(
+      Object.entries(obj).map(([k, v]) => [k, convertTemplateSyntax(v)]),
+    ) as T;
+  } else {
+    return obj;
+  }
+}
--- a/plugins/importer-insomnia/src/v4.ts
+++ b/plugins/importer-insomnia/src/v4.ts
@@ -1,6 +1,6 @@
 /* eslint-disable @typescript-eslint/no-explicit-any */
 import type { PartialImportResources } from '@yaakapp/api';
-import { convertId, convertSyntax, isJSObject } from './common';
+import { convertId, convertTemplateSyntax, isJSObject } from './common';

 export function convertInsomniaV4(parsed: any) {
  if (!Array.isArray(parsed.resources)) return null;
@@ -60,7 +60,7 @@ export function convertInsomniaV4(parsed: any) {
  resources.environments = resources.environments.filter(Boolean);
  resources.workspaces = resources.workspaces.filter(Boolean);

-  return { resources };
+  return { resources: convertTemplateSyntax(resources) };
 }

 function importHttpRequest(r: any, workspaceId: string): PartialImportResources['httpRequests'][0] {
@@ -90,10 +90,10 @@ function importHttpRequest(r: any, workspaceId: string): PartialImportResources[
    };
  } else if (r.body?.mimeType === 'application/graphql') {
    bodyType = 'graphql';
-    body = { text: convertSyntax(r.body.text ?? '') };
+    body = { text: r.body.text ?? '' };
  } else if (r.body?.mimeType === 'application/json') {
    bodyType = 'application/json';
-    body = { text: convertSyntax(r.body.text ?? '') };
+    body = { text: r.body.text ?? '' };
  }

  let authenticationType: string | null = null;
@@ -101,13 +101,13 @@ function importHttpRequest(r: any, workspaceId: string): PartialImportResources[
  if (r.authentication.type === 'bearer') {
    authenticationType = 'bearer';
    authentication = {
-      token: convertSyntax(r.authentication.token),
+      token: r.authentication.token,
    };
  } else if (r.authentication.type === 'basic') {
    authenticationType = 'basic';
    authentication = {
-      username: convertSyntax(r.authentication.username),
-      password: convertSyntax(r.authentication.password),
+      username: r.authentication.username,
+      password: r.authentication.password,
    };
  }

@@ -121,7 +121,12 @@ function importHttpRequest(r: any, workspaceId: string): PartialImportResources[
    sortPriority: r.metaSortKey,
    name: r.name,
    description: r.description || undefined,
-    url: convertSyntax(r.url),
+    url: r.url,
+    urlParameters: (r.parameters ?? []).map((p: any) => ({
+      enabled: !p.disabled,
+      name: p.name ?? '',
+      value: p.value ?? '',
+    })),
    body,
    bodyType,
    authentication,
@@ -152,7 +157,7 @@ function importGrpcRequest(r: any, workspaceId: string): PartialImportResources[
    sortPriority: r.metaSortKey,
    name: r.name,
    description: r.description || undefined,
-    url: convertSyntax(r.url),
+    url: r.url,
    service,
    method,
    message: r.body?.text ?? '',
@@ -190,9 +195,7 @@ function importEnvironment(
    createdAt: e.created ? new Date(e.created).toISOString().replace('Z', '') : undefined,
    updatedAt: e.modified ? new Date(e.modified).toISOString().replace('Z', '') : undefined,
    workspaceId: convertId(workspaceId),
-    // eslint-disable-next-line @typescript-eslint/ban-ts-comment
-    // @ts-expect-error
-    sortPriority: e.metaSortKey, // Will be added to Yaak later
+    sortPriority: e.metaSortKey,
    parentModel: isParent ? 'workspace' : 'environment',
    parentId: null,
    model: 'environment',
--- a/plugins/importer-insomnia/src/v5.ts
+++ b/plugins/importer-insomnia/src/v5.ts
@@ -1,6 +1,6 @@
 /* eslint-disable @typescript-eslint/no-explicit-any */
 import type { PartialImportResources } from '@yaakapp/api';
-import { convertId, convertSyntax, isJSObject } from './common';
+import { convertId, convertTemplateSyntax, isJSObject } from './common';

 export function convertInsomniaV5(parsed: any) {
  // Assert parsed is object
@@ -69,7 +69,7 @@ export function convertInsomniaV5(parsed: any) {
  resources.environments = resources.environments.filter(Boolean);
  resources.workspaces = resources.workspaces.filter(Boolean);

-  return { resources };
+  return { resources: convertTemplateSyntax(resources) };
 }

 function importHttpRequest(
@@ -108,10 +108,10 @@ function importHttpRequest(
    };
  } else if (r.body?.mimeType === 'application/graphql') {
    bodyType = 'graphql';
-    body = { text: convertSyntax(r.body.text ?? '') };
+    body = { text: r.body.text ?? '' };
  } else if (r.body?.mimeType === 'application/json') {
    bodyType = 'application/json';
-    body = { text: convertSyntax(r.body.text ?? '') };
+    body = { text: r.body.text ?? '' };
  }

  return {
@@ -124,7 +124,12 @@ function importHttpRequest(
    model: 'http_request',
    name: r.name,
    description: r.meta?.description || undefined,
-    url: convertSyntax(r.url),
+    url: r.url,
+    urlParameters: (r.parameters ?? []).map((p: any) => ({
+      enabled: !p.disabled,
+      name: p.name ?? '',
+      value: p.value ?? '',
+    })),
    body,
    bodyType,
    method: r.method,
@@ -157,7 +162,7 @@ function importGrpcRequest(
    sortPriority: sortKey,
    name: r.name,
    description: r.description || undefined,
-    url: convertSyntax(r.url),
+    url: r.url,
    service,
    method,
    message: r.body?.text ?? '',
@@ -191,7 +196,7 @@ function importWebsocketRequest(
    sortPriority: sortKey,
    name: r.name,
    description: r.description || undefined,
-    url: convertSyntax(r.url),
+    url: r.url,
    message: r.body?.text ?? '',
    ...importHeaders(r),
    ...importAuthentication(r),
@@ -215,13 +220,13 @@ function importAuthentication(obj: any) {
  if (obj.authentication?.type === 'bearer') {
    authenticationType = 'bearer';
    authentication = {
-      token: convertSyntax(obj.authentication.token),
+      token: obj.authentication.token,
    };
  } else if (obj.authentication?.type === 'basic') {
    authenticationType = 'basic';
    authentication = {
-      username: convertSyntax(obj.authentication.username),
-      password: convertSyntax(obj.authentication.password),
+      username: obj.authentication.username,
+      password: obj.authentication.password,
    };
  }

@@ -295,9 +300,7 @@ function importEnvironment(
    updatedAt: updated ? new Date(updated).toISOString().replace('Z', '') : undefined,
    workspaceId: convertId(workspaceId),
    public: !e.isPrivate,
-    // eslint-disable-next-line @typescript-eslint/ban-ts-comment
-    // @ts-expect-error
-    sortPriority: sortKey, // Will be added to Yaak later
+    sortPriority: sortKey,
    parentModel: isParent ? 'workspace' : 'environment',
    parentId: null,
    model: 'environment',
--- a/plugins/importer-insomnia/tests/fixtures/basic.output.json
+++ b/plugins/importer-insomnia/tests/fixtures/basic.output.json
@@ -113,6 +113,13 @@
        "model": "http_request",
        "name": "New Request",
        "url": "${[BASE_URL ]}/foo/:id",
+        "urlParameters": [
+          {
+            "name": "query",
+            "value": "qqq",
+            "enabled": true
+          }
+        ],
        "workspaceId": "GENERATE_ID::wrk_d4d92f7c0ee947b89159243506687019"
      }
    ],
--- a/plugins/importer-insomnia/tests/fixtures/version-5-minimal.output.json
+++ b/plugins/importer-insomnia/tests/fixtures/version-5-minimal.output.json
@@ -76,6 +76,7 @@
        "sortPriority": -1747414129276,
        "updatedAt": "2025-05-16T16:48:49.313",
        "url": "https://httpbin.org/post",
+        "urlParameters": [],
        "workspaceId": "GENERATE_ID::wrk_9717dd1c9e0c4b2e9ed6d2abcf3bd45c"
      },
      {
@@ -98,6 +99,7 @@
        "name": "New Request",
        "sortPriority": -1747414160498,
        "updatedAt": "2025-05-16T16:49:20.497",
+        "urlParameters": [],
        "workspaceId": "GENERATE_ID::wrk_9717dd1c9e0c4b2e9ed6d2abcf3bd45c"
      }
    ],
--- a/plugins/importer-insomnia/tests/fixtures/version-5.input.yaml
+++ b/plugins/importer-insomnia/tests/fixtures/version-5.input.yaml
@@ -46,6 +46,10 @@ collection:
            name: X-Header
            value: xxxx
            disabled: false
+          - id: pair_ab4b870278e943cba6babf5a73e213e3
+            name: "{{ _.ApiHeaderName }}"
+            value: "{{ _.ApiKey }}"
+            disabled: false
        authentication:
          type: basic
          useISO88591: false
--- a/plugins/importer-insomnia/tests/fixtures/version-5.output.json
+++ b/plugins/importer-insomnia/tests/fixtures/version-5.output.json
@@ -127,6 +127,11 @@
            "enabled": true,
            "name": "X-Header",
            "value": "xxxx"
+          },
+          {
+            "enabled": true,
+            "name": "${[ApiHeaderName ]}",
+            "value": "${[ApiKey ]}"
          }
        ],
        "id": "GENERATE_ID::req_d72fff2a6b104b91a2ebe9de9edd2785",
@@ -135,6 +140,13 @@
        "name": "New Request",
        "sortPriority": -1736781406672,
        "url": "${[BASE_URL ]}/foo/:id",
+        "urlParameters": [
+          {
+            "name": "query",
+            "value": "qqq",
+            "enabled": true
+          }
+        ],
        "workspaceId": "GENERATE_ID::wrk_c1eacfa750a04f3ea9985ef28043fa53"
      }
    ],
--- a/plugins/importer-postman/src/index.ts
+++ b/plugins/importer-postman/src/index.ts
@@ -68,6 +68,7 @@ export function convertPostman(contents: string): ImportPluginResponse | undefin
    id: generateId('workspace'),
    name: info.name ? String(info.name) : 'Postman Import',
    description,
+    ...globalAuth,
  };
  exportResources.workspaces.push(workspace);

@@ -105,8 +106,7 @@ export function convertPostman(contents: string): ImportPluginResponse | undefin
    } else if (typeof v.name === 'string' && 'request' in v) {
      const r = toRecord(v.request);
      const bodyPatch = importBody(r.body);
-      const requestAuthPath = importAuth(r.auth);
-      const authPatch = requestAuthPath.authenticationType == null ? globalAuth : requestAuthPath;
+      const requestAuth = importAuth(r.auth);

      const headers: HttpRequestHeader[] = toArray<{
        key: string;
@@ -145,10 +145,9 @@ export function convertPostman(contents: string): ImportPluginResponse | undefin
        urlParameters,
        body: bodyPatch.body,
        bodyType: bodyPatch.bodyType,
-        authentication: authPatch.authentication,
-        authenticationType: authPatch.authenticationType,
        sortPriority: sortPriorityIndex++,
        headers,
+        ...requestAuth,
      };
      exportResources.httpRequests.push(request);
    } else {
@@ -223,25 +222,159 @@ function convertUrl(rawUrl: string | unknown): Pick<HttpRequest, 'url' | 'urlPar
 }

 function importAuth(rawAuth: unknown): Pick<HttpRequest, 'authentication' | 'authenticationType'> {
-  const auth = toRecord<{ username?: string; password?: string; token?: string }>(rawAuth);
-  if ('basic' in auth) {
+  const auth = toRecord<Record<string, string>>(rawAuth);
+
+  // Helper: Postman stores auth params as an array of { key, value, ... }
+  const pmArrayToObj = (v: unknown): Record<string, unknown> => {
+    if (!Array.isArray(v)) return toRecord(v);
+    const o: Record<string, unknown> = {};
+    for (const i of v) {
+      const ii = toRecord(i);
+      if (typeof ii.key === 'string') {
+        o[ii.key] = ii.value;
+      }
+    }
+    return o;
+  };
+
+  const authType: string | undefined = auth.type ? String(auth.type) : undefined;
+
+  if (authType === 'noauth') {
+    return {
+      authenticationType: 'none',
+      authentication: {},
+    };
+  }
+
+  if ('basic' in auth && authType === 'basic') {
+    const b = pmArrayToObj(auth.basic);
    return {
      authenticationType: 'basic',
      authentication: {
-        username: auth.basic.username || '',
-        password: auth.basic.password || '',
+        username: String(b.username ?? ''),
+        password: String(b.password ?? ''),
      },
    };
-  } else if ('bearer' in auth) {
+  }
+
+  if ('bearer' in auth && authType === 'bearer') {
+    const b = pmArrayToObj(auth.bearer);
+    // Postman uses key "token"
    return {
      authenticationType: 'bearer',
      authentication: {
-        token: auth.bearer.token || '',
+        token: String(b.token ?? ''),
      },
    };
-  } else {
-    return { authenticationType: null, authentication: {} };
  }
+
+  if ('awsv4' in auth && authType === 'awsv4') {
+    const a = pmArrayToObj(auth.awsv4);
+    return {
+      authenticationType: 'awsv4',
+      authentication: {
+        accessKeyId: a.accessKey != null ? String(a.accessKey) : undefined,
+        secretAccessKey: a.secretKey != null ? String(a.secretKey) : undefined,
+        sessionToken: a.sessionToken != null ? String(a.sessionToken) : undefined,
+        region: a.region != null ? String(a.region) : undefined,
+        service: a.service != null ? String(a.service) : undefined,
+      },
+    };
+  }
+
+  if ('apikey' in auth && authType === 'apikey') {
+    const a = pmArrayToObj(auth.apikey);
+    return {
+      authenticationType: 'apikey',
+      authentication: {
+        location: a.in === 'query' ? 'query' : 'header',
+        key: a.value != null ? String(a.value) : undefined,
+        value: a.key != null ? String(a.key) : undefined,
+      },
+    };
+  }
+
+  if ('jwt' in auth && authType === 'jwt') {
+    const a = pmArrayToObj(auth.jwt);
+    return {
+      authenticationType: 'jwt',
+      authentication: {
+        algorithm: a.algorithm != null ? String(a.algorithm).toUpperCase() : undefined,
+        secret: a.secret != null ? String(a.secret) : undefined,
+        secretBase64: !!a.isSecretBase64Encoded,
+        payload: a.payload != null ? String(a.payload) : undefined,
+        headerPrefix: a.headerPrefix != null ? String(a.headerPrefix) : undefined,
+        location: a.addTokenTo === 'header' ? 'header' : 'query',
+      },
+    };
+  }
+
+  if ('oauth2' in auth && authType === 'oauth2') {
+    const o = pmArrayToObj(auth.oauth2);
+
+    let grantType = o.grant_type ? String(o.grant_type) : 'authorization_code';
+    let pkcePatch: Record<string, unknown> = {};
+
+    if (grantType === 'authorization_code_with_pkce') {
+      grantType = 'authorization_code';
+      pkcePatch =
+        o.grant_type === 'authorization_code_with_pkce'
+          ? {
+              usePkce: true,
+              pkceChallengeMethod: o.challengeAlgorithm ?? undefined,
+              pkceCodeVerifier: o.code_verifier != null ? String(o.code_verifier) : undefined,
+            }
+          : {};
+    } else if (grantType === 'password_credentials') {
+      grantType = 'password';
+    }
+
+    const accessTokenUrl = o.accessTokenUrl != null ? String(o.accessTokenUrl) : undefined;
+    const audience = o.audience != null ? String(o.audience) : undefined;
+    const authorizationUrl = o.authUrl != null ? String(o.authUrl) : undefined;
+    const clientId = o.clientId != null ? String(o.clientId) : undefined;
+    const clientSecret = o.clientSecret != null ? String(o.clientSecret) : undefined;
+    const credentials = o.client_authentication === 'body' ? 'body' : undefined;
+    const headerPrefix = o.headerPrefix ?? 'Bearer';
+    const password = o.password != null ? String(o.password) : undefined;
+    const redirectUri = o.redirect_uri != null ? String(o.redirect_uri) : undefined;
+    const scope = o.scope != null ? String(o.scope) : undefined;
+    const state = o.state != null ? String(o.state) : undefined;
+    const username = o.username != null ? String(o.username) : undefined;
+
+    let grantPatch: Record<string, unknown> = {};
+    if (grantType === 'authorization_code') {
+      grantPatch = {
+        clientSecret,
+        authorizationUrl,
+        accessTokenUrl,
+        redirectUri,
+        state,
+        ...pkcePatch,
+      };
+    } else if (grantType === 'implicit') {
+      grantPatch = { authorizationUrl, redirectUri, state };
+    } else if (grantType === 'password') {
+      grantPatch = { clientSecret, accessTokenUrl, username, password };
+    } else if (grantType === 'client_credentials') {
+      grantPatch = { clientSecret, accessTokenUrl };
+    }
+
+    const authentication = {
+      name: 'oauth2',
+      grantType,
+      audience,
+      clientId,
+      credentials,
+      headerPrefix,
+      scope,
+      ...grantPatch,
+    } as Record<string, unknown>;
+
+    return { authenticationType: 'oauth2', authentication };
+  }
+
+  return { authenticationType: null, authentication: {} };
 }

 function importBody(rawBody: unknown): Pick<HttpRequest, 'body' | 'bodyType' | 'headers'> {
@@ -376,7 +509,10 @@ function toArray<T>(value: unknown): T[] {
 /** Recursively render all nested object properties */
 function convertTemplateSyntax<T>(obj: T): T {
  if (typeof obj === 'string') {
-    return obj.replace(/{{\s*(_\.)?([^}]*)\s*}}/g, (_m, _dot, expr) => '${[' + expr.trim() + ']}') as T;
+    return obj.replace(
+      /{{\s*(_\.)?([^}]*)\s*}}/g,
+      (_m, _dot, expr) => '${[' + expr.trim().replace(/^vault:/, '') + ']}',
+    ) as T;
  } else if (Array.isArray(obj) && obj != null) {
    return obj.map(convertTemplateSyntax) as T;
  } else if (typeof obj === 'object' && obj != null) {
--- a/plugins/importer-postman/tests/fixtures/auth.input.json
+++ b/plugins/importer-postman/tests/fixtures/auth.input.json
@@ -0,0 +1,828 @@
+{
+	"info": {
+		"_postman_id": "9e6dfada-256c-49ea-a38f-7d1b05b7ca2d",
+		"name": "Authentication",
+		"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json",
+		"_exporter_id": "18798"
+	},
+	"item": [
+		{
+			"name": "No Auth",
+			"request": {
+				"auth": {
+					"type": "noauth"
+				},
+				"method": "GET",
+				"header": [],
+				"url": {
+					"raw": "https://yaak.app/x/echo",
+					"protocol": "https",
+					"host": [
+						"yaak",
+						"app"
+					],
+					"path": [
+						"x",
+						"echo"
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "Inherit",
+			"request": {
+				"method": "GET",
+				"header": [],
+				"url": {
+					"raw": "https://yaak.app/x/echo",
+					"protocol": "https",
+					"host": [
+						"yaak",
+						"app"
+					],
+					"path": [
+						"x",
+						"echo"
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "OAuth 2 Auth Code",
+			"protocolProfileBehavior": {
+				"disableBodyPruning": true
+			},
+			"request": {
+				"auth": {
+					"type": "oauth2",
+					"oauth2": [
+						{
+							"key": "grant_type",
+							"value": "authorization_code",
+							"type": "string"
+						},
+						{
+							"key": "headerPrefix",
+							"value": "Bearer",
+							"type": "string"
+						},
+						{
+							"key": "client_authentication",
+							"value": "header",
+							"type": "string"
+						},
+						{
+							"key": "challengeAlgorithm",
+							"value": "S256",
+							"type": "string"
+						},
+						{
+							"key": "refreshTokenUrl",
+							"value": "https://github.com/login/oauth/access_token",
+							"type": "string"
+						},
+						{
+							"key": "state",
+							"value": "state",
+							"type": "string"
+						},
+						{
+							"key": "scope",
+							"value": "scope",
+							"type": "string"
+						},
+						{
+							"key": "code_verifier",
+							"value": "verifier",
+							"type": "string"
+						},
+						{
+							"key": "clientSecret",
+							"value": "clientsecet",
+							"type": "string"
+						},
+						{
+							"key": "clientId",
+							"value": "cliend id",
+							"type": "string"
+						},
+						{
+							"key": "authUrl",
+							"value": "https://github.com/login/oauth/authorize",
+							"type": "string"
+						},
+						{
+							"key": "accessTokenUrl",
+							"value": "https://github.com/login/oauth/access_token",
+							"type": "string"
+						},
+						{
+							"key": "useBrowser",
+							"value": true,
+							"type": "boolean"
+						},
+						{
+							"key": "redirect_uri",
+							"value": "https://callback",
+							"type": "string"
+						},
+						{
+							"key": "tokenName",
+							"value": "name",
+							"type": "string"
+						},
+						{
+							"key": "addTokenTo",
+							"value": "header",
+							"type": "string"
+						}
+					]
+				},
+				"method": "GET",
+				"header": [],
+				"body": {
+					"mode": "raw",
+					"raw": "{\n    \"hello\": \"world\"\n}",
+					"options": {
+						"raw": {
+							"language": "json"
+						}
+					}
+				},
+				"url": {
+					"raw": "{{vault:hello}}",
+					"host": [
+						"{{vault:hello}}"
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "OAuth 2 Auth Code (PKCE)",
+			"protocolProfileBehavior": {
+				"disableBodyPruning": true
+			},
+			"request": {
+				"auth": {
+					"type": "oauth2",
+					"oauth2": [
+						{
+							"key": "headerPrefix",
+							"value": "Bearer",
+							"type": "string"
+						},
+						{
+							"key": "client_authentication",
+							"value": "header",
+							"type": "string"
+						},
+						{
+							"key": "challengeAlgorithm",
+							"value": "S256",
+							"type": "string"
+						},
+						{
+							"key": "refreshTokenUrl",
+							"value": "https://github.com/login/oauth/access_token",
+							"type": "string"
+						},
+						{
+							"key": "state",
+							"value": "state",
+							"type": "string"
+						},
+						{
+							"key": "scope",
+							"value": "scope",
+							"type": "string"
+						},
+						{
+							"key": "code_verifier",
+							"value": "verifier",
+							"type": "string"
+						},
+						{
+							"key": "grant_type",
+							"value": "authorization_code_with_pkce",
+							"type": "string"
+						},
+						{
+							"key": "clientSecret",
+							"value": "clientsecet",
+							"type": "string"
+						},
+						{
+							"key": "clientId",
+							"value": "cliend id",
+							"type": "string"
+						},
+						{
+							"key": "authUrl",
+							"value": "https://github.com/login/oauth/authorize",
+							"type": "string"
+						},
+						{
+							"key": "accessTokenUrl",
+							"value": "https://github.com/login/oauth/access_token",
+							"type": "string"
+						},
+						{
+							"key": "useBrowser",
+							"value": true,
+							"type": "boolean"
+						},
+						{
+							"key": "redirect_uri",
+							"value": "https://callback",
+							"type": "string"
+						},
+						{
+							"key": "tokenName",
+							"value": "name",
+							"type": "string"
+						},
+						{
+							"key": "addTokenTo",
+							"value": "header",
+							"type": "string"
+						}
+					]
+				},
+				"method": "GET",
+				"header": [],
+				"body": {
+					"mode": "raw",
+					"raw": "{\n    \"hello\": \"world\"\n}",
+					"options": {
+						"raw": {
+							"language": "json"
+						}
+					}
+				},
+				"url": {
+					"raw": "{{vault:hello}}",
+					"host": [
+						"{{vault:hello}}"
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "OAuth 2 Implicit",
+			"protocolProfileBehavior": {
+				"disableBodyPruning": true
+			},
+			"request": {
+				"auth": {
+					"type": "oauth2",
+					"oauth2": [
+						{
+							"key": "client_authentication",
+							"value": "header",
+							"type": "string"
+						},
+						{
+							"key": "redirect_uri",
+							"value": "https://yaak.app/x/echo",
+							"type": "string"
+						},
+						{
+							"key": "useBrowser",
+							"value": false,
+							"type": "boolean"
+						},
+						{
+							"key": "grant_type",
+							"value": "implicit",
+							"type": "string"
+						},
+						{
+							"key": "headerPrefix",
+							"value": "Bearer",
+							"type": "string"
+						},
+						{
+							"key": "challengeAlgorithm",
+							"value": "S256",
+							"type": "string"
+						},
+						{
+							"key": "refreshTokenUrl",
+							"value": "https://github.com/login/oauth/access_token",
+							"type": "string"
+						},
+						{
+							"key": "state",
+							"value": "state",
+							"type": "string"
+						},
+						{
+							"key": "scope",
+							"value": "scope",
+							"type": "string"
+						},
+						{
+							"key": "code_verifier",
+							"value": "verifier",
+							"type": "string"
+						},
+						{
+							"key": "clientSecret",
+							"value": "clientsecet",
+							"type": "string"
+						},
+						{
+							"key": "clientId",
+							"value": "cliend id",
+							"type": "string"
+						},
+						{
+							"key": "authUrl",
+							"value": "https://github.com/login/oauth/authorize",
+							"type": "string"
+						},
+						{
+							"key": "accessTokenUrl",
+							"value": "https://github.com/login/oauth/access_token",
+							"type": "string"
+						},
+						{
+							"key": "tokenName",
+							"value": "name",
+							"type": "string"
+						},
+						{
+							"key": "addTokenTo",
+							"value": "header",
+							"type": "string"
+						}
+					]
+				},
+				"method": "GET",
+				"header": [],
+				"body": {
+					"mode": "raw",
+					"raw": "{\n    \"hello\": \"world\"\n}",
+					"options": {
+						"raw": {
+							"language": "json"
+						}
+					}
+				},
+				"url": {
+					"raw": "{{vault:hello}}",
+					"host": [
+						"{{vault:hello}}"
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "OAuth 2 Password",
+			"protocolProfileBehavior": {
+				"disableBodyPruning": true
+			},
+			"request": {
+				"auth": {
+					"type": "oauth2",
+					"oauth2": [
+						{
+							"key": "password",
+							"value": "password",
+							"type": "string"
+						},
+						{
+							"key": "username",
+							"value": "username",
+							"type": "string"
+						},
+						{
+							"key": "clientSecret",
+							"value": "clientsecret",
+							"type": "string"
+						},
+						{
+							"key": "clientId",
+							"value": "clientid",
+							"type": "string"
+						},
+						{
+							"key": "grant_type",
+							"value": "password_credentials",
+							"type": "string"
+						},
+						{
+							"key": "client_authentication",
+							"value": "header",
+							"type": "string"
+						},
+						{
+							"key": "redirect_uri",
+							"value": "https://yaak.app/x/echo",
+							"type": "string"
+						},
+						{
+							"key": "useBrowser",
+							"value": false,
+							"type": "boolean"
+						},
+						{
+							"key": "headerPrefix",
+							"value": "Bearer",
+							"type": "string"
+						},
+						{
+							"key": "challengeAlgorithm",
+							"value": "S256",
+							"type": "string"
+						},
+						{
+							"key": "refreshTokenUrl",
+							"value": "https://github.com/login/oauth/access_token",
+							"type": "string"
+						},
+						{
+							"key": "state",
+							"value": "state",
+							"type": "string"
+						},
+						{
+							"key": "scope",
+							"value": "scope",
+							"type": "string"
+						},
+						{
+							"key": "code_verifier",
+							"value": "verifier",
+							"type": "string"
+						},
+						{
+							"key": "authUrl",
+							"value": "https://github.com/login/oauth/authorize",
+							"type": "string"
+						},
+						{
+							"key": "accessTokenUrl",
+							"value": "https://github.com/login/oauth/access_token",
+							"type": "string"
+						},
+						{
+							"key": "tokenName",
+							"value": "name",
+							"type": "string"
+						},
+						{
+							"key": "addTokenTo",
+							"value": "header",
+							"type": "string"
+						}
+					]
+				},
+				"method": "GET",
+				"header": [],
+				"body": {
+					"mode": "raw",
+					"raw": "{\n    \"hello\": \"world\"\n}",
+					"options": {
+						"raw": {
+							"language": "json"
+						}
+					}
+				},
+				"url": {
+					"raw": "{{vault:hello}}",
+					"host": [
+						"{{vault:hello}}"
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "OAuth 2 Client Credentials",
+			"protocolProfileBehavior": {
+				"disableBodyPruning": true
+			},
+			"request": {
+				"auth": {
+					"type": "oauth2",
+					"oauth2": [
+						{
+							"key": "grant_type",
+							"value": "client_credentials",
+							"type": "string"
+						},
+						{
+							"key": "password",
+							"value": "password",
+							"type": "string"
+						},
+						{
+							"key": "username",
+							"value": "username",
+							"type": "string"
+						},
+						{
+							"key": "clientSecret",
+							"value": "clientsecret",
+							"type": "string"
+						},
+						{
+							"key": "clientId",
+							"value": "clientid",
+							"type": "string"
+						},
+						{
+							"key": "client_authentication",
+							"value": "header",
+							"type": "string"
+						},
+						{
+							"key": "redirect_uri",
+							"value": "https://yaak.app/x/echo",
+							"type": "string"
+						},
+						{
+							"key": "useBrowser",
+							"value": false,
+							"type": "boolean"
+						},
+						{
+							"key": "headerPrefix",
+							"value": "Bearer",
+							"type": "string"
+						},
+						{
+							"key": "challengeAlgorithm",
+							"value": "S256",
+							"type": "string"
+						},
+						{
+							"key": "refreshTokenUrl",
+							"value": "https://github.com/login/oauth/access_token",
+							"type": "string"
+						},
+						{
+							"key": "state",
+							"value": "state",
+							"type": "string"
+						},
+						{
+							"key": "scope",
+							"value": "scope",
+							"type": "string"
+						},
+						{
+							"key": "code_verifier",
+							"value": "verifier",
+							"type": "string"
+						},
+						{
+							"key": "authUrl",
+							"value": "https://github.com/login/oauth/authorize",
+							"type": "string"
+						},
+						{
+							"key": "accessTokenUrl",
+							"value": "https://github.com/login/oauth/access_token",
+							"type": "string"
+						},
+						{
+							"key": "tokenName",
+							"value": "name",
+							"type": "string"
+						},
+						{
+							"key": "addTokenTo",
+							"value": "header",
+							"type": "string"
+						}
+					]
+				},
+				"method": "GET",
+				"header": [],
+				"body": {
+					"mode": "raw",
+					"raw": "{\n    \"hello\": \"world\"\n}",
+					"options": {
+						"raw": {
+							"language": "json"
+						}
+					}
+				},
+				"url": {
+					"raw": "{{vault:hello}}",
+					"host": [
+						"{{vault:hello}}"
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "AWS V4",
+			"request": {
+				"auth": {
+					"type": "awsv4",
+					"awsv4": [
+						{
+							"key": "sessionToken",
+							"value": "session",
+							"type": "string"
+						},
+						{
+							"key": "service",
+							"value": "s3",
+							"type": "string"
+						},
+						{
+							"key": "region",
+							"value": "us-west-1",
+							"type": "string"
+						},
+						{
+							"key": "secretKey",
+							"value": "secret",
+							"type": "string"
+						},
+						{
+							"key": "accessKey",
+							"value": "access",
+							"type": "string"
+						}
+					]
+				},
+				"method": "GET",
+				"header": [],
+				"url": {
+					"raw": "https://yaak.app/x/echo",
+					"protocol": "https",
+					"host": [
+						"yaak",
+						"app"
+					],
+					"path": [
+						"x",
+						"echo"
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "API Key",
+			"request": {
+				"auth": {
+					"type": "apikey",
+					"apikey": [
+						{
+							"key": "in",
+							"value": "query",
+							"type": "string"
+						},
+						{
+							"key": "value",
+							"value": "value",
+							"type": "string"
+						},
+						{
+							"key": "key",
+							"value": "key",
+							"type": "string"
+						}
+					]
+				},
+				"method": "GET",
+				"header": [],
+				"url": {
+					"raw": "https://yaak.app/x/echo",
+					"protocol": "https",
+					"host": [
+						"yaak",
+						"app"
+					],
+					"path": [
+						"x",
+						"echo"
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "JWT",
+			"request": {
+				"auth": {
+					"type": "jwt",
+					"jwt": [
+						{
+							"key": "header",
+							"value": "{\n    \"header\": \"foo\"\n}",
+							"type": "string"
+						},
+						{
+							"key": "headerPrefix",
+							"value": "Bearer",
+							"type": "string"
+						},
+						{
+							"key": "payload",
+							"value": "{\n    \"my\": \"payload\"\n}",
+							"type": "string"
+						},
+						{
+							"key": "isSecretBase64Encoded",
+							"value": false,
+							"type": "boolean"
+						},
+						{
+							"key": "secret",
+							"value": "mysecret",
+							"type": "string"
+						},
+						{
+							"key": "algorithm",
+							"value": "HS384",
+							"type": "string"
+						},
+						{
+							"key": "addTokenTo",
+							"value": "header",
+							"type": "string"
+						},
+						{
+							"key": "queryParamKey",
+							"value": "token",
+							"type": "string"
+						}
+					]
+				},
+				"method": "GET",
+				"header": [],
+				"url": {
+					"raw": "https://yaak.app/x/echo",
+					"protocol": "https",
+					"host": [
+						"yaak",
+						"app"
+					],
+					"path": [
+						"x",
+						"echo"
+					]
+				}
+			},
+			"response": []
+		}
+	],
+	"auth": {
+		"type": "basic",
+		"basic": [
+			{
+				"key": "password",
+				"value": "workspace_secret",
+				"type": "string"
+			},
+			{
+				"key": "username",
+				"value": "workspace",
+				"type": "string"
+			}
+		]
+	},
+	"event": [
+		{
+			"listen": "prerequest",
+			"script": {
+				"type": "text/javascript",
+				"packages": {},
+				"requests": {},
+				"exec": [
+					""
+				]
+			}
+		},
+		{
+			"listen": "test",
+			"script": {
+				"type": "text/javascript",
+				"packages": {},
+				"requests": {},
+				"exec": [
+					""
+				]
+			}
+		}
+	],
+	"variable": [
+		{
+			"key": "COLLECTION VARIABLE",
+			"value": "collection variable"
+		}
+	]
+}
--- a/plugins/importer-postman/tests/fixtures/auth.output.json
+++ b/plugins/importer-postman/tests/fixtures/auth.output.json
@@ -0,0 +1,304 @@
+{
+  "resources": {
+    "workspaces": [
+      {
+        "model": "workspace",
+        "id": "GENERATE_ID::WORKSPACE_0",
+        "name": "Authentication",
+        "authenticationType": "basic",
+        "authentication": {
+          "username": "workspace",
+          "password": "workspace_secret"
+        }
+      }
+    ],
+    "environments": [
+      {
+        "model": "environment",
+        "id": "GENERATE_ID::ENVIRONMENT_0",
+        "name": "Global Variables",
+        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "parentModel": "workspace",
+        "parentId": null,
+        "variables": [
+          {
+            "name": "COLLECTION VARIABLE",
+            "value": "collection variable"
+          }
+        ]
+      }
+    ],
+    "httpRequests": [
+      {
+        "model": "http_request",
+        "id": "GENERATE_ID::HTTP_REQUEST_0",
+        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "folderId": null,
+        "name": "No Auth",
+        "method": "GET",
+        "url": "https://yaak.app/x/echo",
+        "urlParameters": [],
+        "body": {},
+        "bodyType": null,
+        "sortPriority": 0,
+        "headers": [],
+        "authenticationType": "none",
+        "authentication": {}
+      },
+      {
+        "model": "http_request",
+        "id": "GENERATE_ID::HTTP_REQUEST_1",
+        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "folderId": null,
+        "name": "Inherit",
+        "method": "GET",
+        "url": "https://yaak.app/x/echo",
+        "urlParameters": [],
+        "body": {},
+        "bodyType": null,
+        "sortPriority": 1,
+        "headers": [],
+        "authenticationType": null,
+        "authentication": {}
+      },
+      {
+        "model": "http_request",
+        "id": "GENERATE_ID::HTTP_REQUEST_2",
+        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "folderId": null,
+        "name": "OAuth 2 Auth Code",
+        "method": "GET",
+        "url": "${[hello]}",
+        "urlParameters": [],
+        "body": {
+          "text": "{\n    \"hello\": \"world\"\n}"
+        },
+        "bodyType": "application/json",
+        "sortPriority": 2,
+        "headers": [
+          {
+            "name": "Content-Type",
+            "value": "application/json",
+            "enabled": true
+          }
+        ],
+        "authenticationType": "oauth2",
+        "authentication": {
+          "name": "oauth2",
+          "grantType": "authorization_code",
+          "clientId": "cliend id",
+          "headerPrefix": "Bearer",
+          "scope": "scope",
+          "clientSecret": "clientsecet",
+          "authorizationUrl": "https://github.com/login/oauth/authorize",
+          "accessTokenUrl": "https://github.com/login/oauth/access_token",
+          "redirectUri": "https://callback",
+          "state": "state"
+        }
+      },
+      {
+        "model": "http_request",
+        "id": "GENERATE_ID::HTTP_REQUEST_3",
+        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "folderId": null,
+        "name": "OAuth 2 Auth Code (PKCE)",
+        "method": "GET",
+        "url": "${[hello]}",
+        "urlParameters": [],
+        "body": {
+          "text": "{\n    \"hello\": \"world\"\n}"
+        },
+        "bodyType": "application/json",
+        "sortPriority": 3,
+        "headers": [
+          {
+            "name": "Content-Type",
+            "value": "application/json",
+            "enabled": true
+          }
+        ],
+        "authenticationType": "oauth2",
+        "authentication": {
+          "name": "oauth2",
+          "grantType": "authorization_code",
+          "clientId": "cliend id",
+          "headerPrefix": "Bearer",
+          "scope": "scope",
+          "clientSecret": "clientsecet",
+          "authorizationUrl": "https://github.com/login/oauth/authorize",
+          "accessTokenUrl": "https://github.com/login/oauth/access_token",
+          "redirectUri": "https://callback",
+          "state": "state",
+          "usePkce": true,
+          "pkceChallengeMethod": "S256",
+          "pkceCodeVerifier": "verifier"
+        }
+      },
+      {
+        "model": "http_request",
+        "id": "GENERATE_ID::HTTP_REQUEST_4",
+        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "folderId": null,
+        "name": "OAuth 2 Implicit",
+        "method": "GET",
+        "url": "${[hello]}",
+        "urlParameters": [],
+        "body": {
+          "text": "{\n    \"hello\": \"world\"\n}"
+        },
+        "bodyType": "application/json",
+        "sortPriority": 4,
+        "headers": [
+          {
+            "name": "Content-Type",
+            "value": "application/json",
+            "enabled": true
+          }
+        ],
+        "authenticationType": "oauth2",
+        "authentication": {
+          "name": "oauth2",
+          "grantType": "implicit",
+          "clientId": "cliend id",
+          "headerPrefix": "Bearer",
+          "scope": "scope",
+          "authorizationUrl": "https://github.com/login/oauth/authorize",
+          "redirectUri": "https://yaak.app/x/echo",
+          "state": "state"
+        }
+      },
+      {
+        "model": "http_request",
+        "id": "GENERATE_ID::HTTP_REQUEST_5",
+        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "folderId": null,
+        "name": "OAuth 2 Password",
+        "method": "GET",
+        "url": "${[hello]}",
+        "urlParameters": [],
+        "body": {
+          "text": "{\n    \"hello\": \"world\"\n}"
+        },
+        "bodyType": "application/json",
+        "sortPriority": 5,
+        "headers": [
+          {
+            "name": "Content-Type",
+            "value": "application/json",
+            "enabled": true
+          }
+        ],
+        "authenticationType": "oauth2",
+        "authentication": {
+          "name": "oauth2",
+          "grantType": "password",
+          "clientId": "clientid",
+          "headerPrefix": "Bearer",
+          "scope": "scope",
+          "clientSecret": "clientsecret",
+          "accessTokenUrl": "https://github.com/login/oauth/access_token",
+          "username": "username",
+          "password": "password"
+        }
+      },
+      {
+        "model": "http_request",
+        "id": "GENERATE_ID::HTTP_REQUEST_6",
+        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "folderId": null,
+        "name": "OAuth 2 Client Credentials",
+        "method": "GET",
+        "url": "${[hello]}",
+        "urlParameters": [],
+        "body": {
+          "text": "{\n    \"hello\": \"world\"\n}"
+        },
+        "bodyType": "application/json",
+        "sortPriority": 6,
+        "headers": [
+          {
+            "name": "Content-Type",
+            "value": "application/json",
+            "enabled": true
+          }
+        ],
+        "authenticationType": "oauth2",
+        "authentication": {
+          "name": "oauth2",
+          "grantType": "client_credentials",
+          "clientId": "clientid",
+          "headerPrefix": "Bearer",
+          "scope": "scope",
+          "clientSecret": "clientsecret",
+          "accessTokenUrl": "https://github.com/login/oauth/access_token"
+        }
+      },
+      {
+        "model": "http_request",
+        "id": "GENERATE_ID::HTTP_REQUEST_7",
+        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "folderId": null,
+        "name": "AWS V4",
+        "method": "GET",
+        "url": "https://yaak.app/x/echo",
+        "urlParameters": [],
+        "body": {},
+        "bodyType": null,
+        "sortPriority": 7,
+        "headers": [],
+        "authenticationType": "awsv4",
+        "authentication": {
+          "accessKeyId": "access",
+          "secretAccessKey": "secret",
+          "sessionToken": "session",
+          "region": "us-west-1",
+          "service": "s3"
+        }
+      },
+      {
+        "model": "http_request",
+        "id": "GENERATE_ID::HTTP_REQUEST_8",
+        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "folderId": null,
+        "name": "API Key",
+        "method": "GET",
+        "url": "https://yaak.app/x/echo",
+        "urlParameters": [],
+        "body": {},
+        "bodyType": null,
+        "sortPriority": 8,
+        "headers": [],
+        "authenticationType": "apikey",
+        "authentication": {
+          "location": "query",
+          "key": "value",
+          "value": "key"
+        }
+      },
+      {
+        "model": "http_request",
+        "id": "GENERATE_ID::HTTP_REQUEST_9",
+        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "folderId": null,
+        "name": "JWT",
+        "method": "GET",
+        "url": "https://yaak.app/x/echo",
+        "urlParameters": [],
+        "body": {},
+        "bodyType": null,
+        "sortPriority": 9,
+        "headers": [],
+        "authenticationType": "jwt",
+        "authentication": {
+          "algorithm": "HS384",
+          "secret": "mysecret",
+          "secretBase64": false,
+          "payload": "{\n    \"my\": \"payload\"\n}",
+          "headerPrefix": "Bearer",
+          "location": "header"
+        }
+      }
+    ],
+    "folders": []
+  }
+}
--- a/plugins/importer-postman/tests/fixtures/nested.output.json
+++ b/plugins/importer-postman/tests/fixtures/nested.output.json
@@ -3,86 +3,88 @@
    "workspaces": [
      {
        "model": "workspace",
-        "id": "GENERATE_ID::WORKSPACE_0",
-        "name": "New Collection"
+        "id": "GENERATE_ID::WORKSPACE_1",
+        "name": "New Collection",
+        "authenticationType": null,
+        "authentication": {}
      }
    ],
    "environments": [
      {
-        "id": "GENERATE_ID::ENVIRONMENT_0",
        "model": "environment",
+        "id": "GENERATE_ID::ENVIRONMENT_1",
        "name": "Global Variables",
-        "variables": [],
-        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "workspaceId": "GENERATE_ID::WORKSPACE_1",
+        "parentModel": "workspace",
        "parentId": null,
-        "parentModel": "workspace"
+        "variables": []
      }
    ],
    "httpRequests": [
      {
        "model": "http_request",
-        "id": "GENERATE_ID::HTTP_REQUEST_0",
-        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "id": "GENERATE_ID::HTTP_REQUEST_10",
+        "workspaceId": "GENERATE_ID::WORKSPACE_1",
        "folderId": "GENERATE_ID::FOLDER_1",
        "name": "Request 1",
        "method": "GET",
        "url": "",
-        "sortPriority": 2,
        "urlParameters": [],
        "body": {},
        "bodyType": null,
-        "authentication": {},
+        "sortPriority": 2,
+        "headers": [],
        "authenticationType": null,
-        "headers": []
+        "authentication": {}
      },
      {
        "model": "http_request",
-        "id": "GENERATE_ID::HTTP_REQUEST_1",
-        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "id": "GENERATE_ID::HTTP_REQUEST_11",
+        "workspaceId": "GENERATE_ID::WORKSPACE_1",
        "folderId": "GENERATE_ID::FOLDER_0",
        "name": "Request 2",
        "method": "GET",
-        "sortPriority": 3,
        "url": "",
        "urlParameters": [],
        "body": {},
        "bodyType": null,
-        "authentication": {},
+        "sortPriority": 3,
+        "headers": [],
        "authenticationType": null,
-        "headers": []
+        "authentication": {}
      },
      {
        "model": "http_request",
-        "id": "GENERATE_ID::HTTP_REQUEST_2",
-        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "id": "GENERATE_ID::HTTP_REQUEST_12",
+        "workspaceId": "GENERATE_ID::WORKSPACE_1",
        "folderId": null,
-        "sortPriority": 4,
        "name": "Request 3",
        "method": "GET",
        "url": "",
        "urlParameters": [],
        "body": {},
        "bodyType": null,
-        "authentication": {},
+        "sortPriority": 4,
+        "headers": [],
        "authenticationType": null,
-        "headers": []
+        "authentication": {}
      }
    ],
    "folders": [
      {
        "model": "folder",
-        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "sortPriority": 0,
+        "workspaceId": "GENERATE_ID::WORKSPACE_1",
        "id": "GENERATE_ID::FOLDER_0",
        "name": "Top Folder",
-        "sortPriority": 0,
        "folderId": null
      },
      {
        "model": "folder",
-        "workspaceId": "GENERATE_ID::WORKSPACE_0",
+        "sortPriority": 1,
+        "workspaceId": "GENERATE_ID::WORKSPACE_1",
        "id": "GENERATE_ID::FOLDER_1",
        "name": "Nested Folder",
-        "sortPriority": 1,
        "folderId": "GENERATE_ID::FOLDER_0"
      }
    ]
--- a/plugins/importer-postman/tests/fixtures/params.input.json
+++ b/plugins/importer-postman/tests/fixtures/params.input.json
@@ -14,7 +14,7 @@
          "bearer": [
            {
              "key": "token",
-              "value": "baeare",
+              "value": "my-token",
              "type": "string"
            }
          ]
--- a/plugins/importer-postman/tests/fixtures/params.output.json
+++ b/plugins/importer-postman/tests/fixtures/params.output.json
@@ -3,18 +3,23 @@
    "workspaces": [
      {
        "model": "workspace",
-        "id": "GENERATE_ID::WORKSPACE_1",
-        "name": "New Collection"
+        "id": "GENERATE_ID::WORKSPACE_2",
+        "name": "New Collection",
+        "authenticationType": "basic",
+        "authentication": {
+          "username": "globaluser",
+          "password": "globalpass"
+        }
      }
    ],
    "environments": [
      {
-        "id": "GENERATE_ID::ENVIRONMENT_1",
-        "workspaceId": "GENERATE_ID::WORKSPACE_1",
        "model": "environment",
+        "id": "GENERATE_ID::ENVIRONMENT_2",
        "name": "Global Variables",
-        "parentId": null,
+        "workspaceId": "GENERATE_ID::WORKSPACE_2",
        "parentModel": "workspace",
+        "parentId": null,
        "variables": [
          {
            "name": "COLLECTION VARIABLE",
@@ -26,11 +31,10 @@
    "httpRequests": [
      {
        "model": "http_request",
-        "id": "GENERATE_ID::HTTP_REQUEST_3",
-        "workspaceId": "GENERATE_ID::WORKSPACE_1",
+        "id": "GENERATE_ID::HTTP_REQUEST_13",
+        "workspaceId": "GENERATE_ID::WORKSPACE_2",
        "folderId": null,
        "name": "Form URL",
-        "sortPriority": 0,
        "method": "POST",
        "url": "example.com/:foo/:bar",
        "urlParameters": [
@@ -71,10 +75,7 @@
          ]
        },
        "bodyType": "multipart/form-data",
-        "authentication": {
-          "token": ""
-        },
-        "authenticationType": "bearer",
+        "sortPriority": 0,
        "headers": [
          {
            "name": "X-foo",
@@ -91,7 +92,11 @@
            "value": "multipart/form-data",
            "enabled": true
          }
-        ]
+        ],
+        "authenticationType": "bearer",
+        "authentication": {
+          "token": "my-token"
+        }
      }
    ],
    "folders": []
--- a/plugins/importer-postman/tests/index.test.ts
+++ b/plugins/importer-postman/tests/index.test.ts
@@ -17,7 +17,9 @@ describe('importer-postman', () => {
      const expected = fs.readFileSync(path.join(p, fixture.replace('.input', '.output')), 'utf-8');
      const result = convertPostman(contents);
      // console.log(JSON.stringify(result, null, 2))
-      expect(result).toEqual(JSON.parse(expected));
+      expect(JSON.stringify(result, null, 2)).toEqual(
+        JSON.stringify(JSON.parse(expected), null, 2),
+      );
    });
  }
 });
--- a/plugins/template-function-ctx/package.json
+++ b/plugins/template-function-ctx/package.json
@@ -0,0 +1,12 @@
+{
+  "name": "@yaak/template-function-ctx",
+  "displayName": "Window Template Functions",
+  "description": "Template functions for accessing attributes of the current window",
+  "private": true,
+  "version": "0.1.0",
+  "scripts": {
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint": "tsc --noEmit && eslint . --ext .ts,.tsx"
+  }
+}
--- a/plugins/template-function-ctx/src/index.ts
+++ b/plugins/template-function-ctx/src/index.ts
@@ -0,0 +1,30 @@
+import type { PluginDefinition } from '@yaakapp/api';
+
+export const plugin: PluginDefinition = {
+  templateFunctions: [
+    {
+      name: 'ctx.request',
+      description: 'Get the ID of the currently active request',
+      args: [],
+      async onRender(ctx) {
+        return ctx.window.requestId();
+      },
+    },
+    {
+      name: 'ctx.environment',
+      description: 'Get the ID of the currently active environment',
+      args: [],
+      async onRender(ctx) {
+        return ctx.window.environmentId();
+      },
+    },
+    {
+      name: 'ctx.workspace',
+      description: 'Get the ID of the currently active workspace',
+      args: [],
+      async onRender(ctx) {
+        return ctx.window.workspaceId();
+      },
+    },
+  ],
+};
--- a/plugins/template-function-ctx/tsconfig.json
+++ b/plugins/template-function-ctx/tsconfig.json
@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}
--- a/plugins/template-function-encode/src/index.ts
+++ b/plugins/template-function-encode/src/index.ts
@@ -5,9 +5,29 @@ export const plugin: PluginDefinition = {
    {
      name: 'base64.encode',
      description: 'Encode a value to base64',
-      args: [{ label: 'Plain Text', type: 'text', name: 'value', multiLine: true }],
+      args: [
+        {
+          label: 'Encoding',
+          type: 'select',
+          name: 'encoding',
+          defaultValue: 'base64',
+          options: [
+            {
+              label: 'Base64',
+              value: 'base64',
+            },
+            {
+              label: 'Base64 URL-safe',
+              value: 'base64url',
+            },
+          ],
+        },
+        { label: 'Plain Text', type: 'text', name: 'value', multiLine: true },
+      ],
      async onRender(_ctx: Context, args: CallTemplateFunctionArgs): Promise<string | null> {
-        return Buffer.from(String(args.values.value ?? '')).toString('base64');
+        return Buffer.from(String(args.values.value ?? '')).toString(
+          args.values.encoding === 'base64url' ? 'base64url' : 'base64',
+        );
      },
    },
    {
--- a/plugins/template-function-fs/src/index.ts
+++ b/plugins/template-function-fs/src/index.ts
@@ -1,9 +1,10 @@
 import type { CallTemplateFunctionArgs, Context, PluginDefinition } from '@yaakapp/api';
 import fs from 'node:fs';

+const UTF8 = 'utf8';
 const options = [
  { label: 'ASCII', value: 'ascii' },
-  { label: 'UTF-8', value: 'utf8' },
+  { label: 'UTF-8', value: UTF8 },
  { label: 'UTF-16 LE', value: 'utf16le' },
  { label: 'Base64', value: 'base64' },
  { label: 'Base64 URL-safe', value: 'base64url' },
@@ -18,12 +19,11 @@ export const plugin: PluginDefinition = {
      args: [
        { title: 'Select File', type: 'file', name: 'path', label: 'File' },
        {
-          title: 'Select encoding',
          type: 'select',
          name: 'encoding',
          label: 'Encoding',
-          defaultValue: 'utf8',
-          description: 'Specifies how the file’s bytes are decoded into text when read',
+          defaultValue: UTF8,
+          description: "Specifies how the file's bytes are decoded into text when read",
          options,
        },
      ],
--- a/plugins/template-function-hash/src/index.ts
+++ b/plugins/template-function-hash/src/index.ts
@@ -8,7 +8,7 @@ type TemplateFunctionPlugin = NonNullable<PluginDefinition['templateFunctions']>

 const hashFunctions: TemplateFunctionPlugin[] = algorithms.map(algorithm => ({
  name: `hash.${algorithm}`,
-  description: 'Hash a value to its hexidecimal representation',
+  description: 'Hash a value to its hexadecimal representation',
  args: [
    {
      type: 'text',
--- a/plugins/template-function-json/package.json
+++ b/plugins/template-function-json/package.json
@@ -4,6 +4,8 @@
  "description": "Template functions for working with JSON data",
  "private": true,
  "version": "0.1.0",
+  "main": "build/index.js",
+  "types": "src/index.ts",
  "scripts": {
    "build": "yaakcli build",
    "dev": "yaakcli dev",
--- a/plugins/template-function-json/src/index.ts
+++ b/plugins/template-function-json/src/index.ts
@@ -1,6 +1,11 @@
+import type { XPathResult } from '@yaak/template-function-xml';
 import type { CallTemplateFunctionArgs, Context, PluginDefinition } from '@yaakapp/api';
 import { JSONPath } from 'jsonpath-plus';

+const RETURN_FIRST = 'first';
+const RETURN_ALL = 'all';
+const RETURN_JOIN = 'join';
+
 export const plugin: PluginDefinition = {
  templateFunctions: [
    {
@@ -8,32 +13,58 @@ export const plugin: PluginDefinition = {
      description: 'Filter JSON-formatted text using JSONPath syntax',
      args: [
        {
-          type: 'text',
+          type: 'editor',
          name: 'input',
          label: 'Input',
-          multiLine: true,
+          language: 'json',
          placeholder: '{ "foo": "bar" }',
        },
+        {
+          type: 'h_stack',
+          inputs: [
+            {
+              type: 'select',
+              name: 'result',
+              label: 'Return Format',
+              defaultValue: RETURN_FIRST,
+              options: [
+                { label: 'First result', value: RETURN_FIRST },
+                { label: 'All results', value: RETURN_ALL },
+                { label: 'Join with separator', value: RETURN_JOIN },
+              ],
+            },
+            {
+              name: 'join',
+              type: 'text',
+              label: 'Separator',
+              optional: true,
+              defaultValue: ', ',
+              dynamic(_ctx, args) {
+                return { hidden: args.values.result !== RETURN_JOIN };
+              },
+            },
+          ],
+        },
+        {
+          type: 'checkbox',
+          name: 'formatted',
+          label: 'Pretty Print',
+          description: 'Format the output as JSON',
+          dynamic(_ctx, args) {
+            return { hidden: args.values.result === RETURN_JOIN };
+          },
+        },
        { type: 'text', name: 'query', label: 'Query', placeholder: '$..foo' },
-        { type: 'checkbox', name: 'formatted', label: 'Format Output' },
      ],
      async onRender(_ctx: Context, args: CallTemplateFunctionArgs): Promise<string | null> {
        try {
-          const parsed = JSON.parse(String(args.values.input));
-          const query = String(args.values.query ?? '$').trim();
-          let filtered = JSONPath({ path: query, json: parsed });
-          if (Array.isArray(filtered)) {
-            filtered = filtered[0];
-          }
-          if (typeof filtered === 'string') {
-            return filtered;
-          }
-
-          if (args.values.formatted) {
-            return JSON.stringify(filtered, null, 2);
-          } else {
-            return JSON.stringify(filtered);
-          }
+          return filterJSONPath(
+            String(args.values.input),
+            String(args.values.query),
+            (args.values.result || RETURN_FIRST) as XPathResult,
+            args.values.join == null ? null : String(args.values.join),
+            Boolean(args.values.formatted),
+          );
        } catch {
          return null;
        }
@@ -79,3 +110,41 @@ export const plugin: PluginDefinition = {
    },
  ],
 };
+
+export type JSONPathResult = 'first' | 'join' | 'all';
+
+export function filterJSONPath(
+  body: string,
+  path: string,
+  result: JSONPathResult,
+  join: string | null,
+  formatted: boolean = false,
+): string {
+  const parsed = JSON.parse(body);
+  let items = JSONPath({ path, json: parsed });
+
+  if (items == null) {
+    return '';
+  }
+
+  if (!Array.isArray(items)) {
+    // Already good
+  } else if (result === 'first') {
+    items = items[0] ?? '';
+  } else if (result === 'join') {
+    items = items.map((i) => objToStr(i, false)).join(join ?? '');
+  }
+
+  return objToStr(items, formatted);
+}
+
+function objToStr(o: unknown, formatted: boolean = false): string {
+  if (
+    Object.prototype.toString.call(o) === '[object Array]' ||
+    Object.prototype.toString.call(o) === '[object Object]'
+  ) {
+    return formatted ? JSON.stringify(o, null, 2) : JSON.stringify(o);
+  } else {
+    return String(o);
+  }
+}
--- a/plugins/template-function-prompt/package.json
+++ b/plugins/template-function-prompt/package.json
@@ -7,6 +7,9 @@
  "scripts": {
    "build": "yaakcli build",
    "dev": "yaakcli dev",
-    "lint":"tsc --noEmit && eslint . --ext .ts,.tsx"
+    "lint": "tsc --noEmit && eslint . --ext .ts,.tsx"
+  },
+  "dependencies": {
+    "slugify": "^1.6.6"
  }
 }
--- a/plugins/template-function-prompt/src/index.ts
+++ b/plugins/template-function-prompt/src/index.ts
@@ -1,25 +1,174 @@
 import type { CallTemplateFunctionArgs, Context, PluginDefinition } from '@yaakapp/api';
+import slugify from 'slugify';
+
+const STORE_NONE = 'none';
+const STORE_FOREVER = 'forever';
+const STORE_EXPIRE = 'expire';
+
+interface Saved {
+  value: string;
+  createdAt: number;
+}

 export const plugin: PluginDefinition = {
-  templateFunctions: [{
-    name: 'prompt.text',
-    description: 'Prompt the user for input when sending a request',
-    args: [
-      { type: 'text', name: 'title', label: 'Title' },
-      { type: 'text', name: 'label', label: 'Label', optional: true },
-      { type: 'text', name: 'defaultValue', label: 'Default Value', optional: true },
-      { type: 'text', name: 'placeholder', label: 'Placeholder', optional: true },
-    ],
-    async onRender(ctx: Context, args: CallTemplateFunctionArgs): Promise<string | null> {
-      if (args.purpose !== 'send') return null;
+  templateFunctions: [
+    {
+      name: 'prompt.text',
+      description: 'Prompt the user for input when sending a request',
+      previewType: 'click',
+      args: [
+        { type: 'text', name: 'label', label: 'Label' },
+        {
+          type: 'select',
+          name: 'store',
+          label: 'Store Input',
+          defaultValue: STORE_NONE,
+          options: [
+            { label: 'Never', value: STORE_NONE },
+            { label: 'Expire', value: STORE_EXPIRE },
+            { label: 'Forever', value: STORE_FOREVER },
+          ],
+        },
+        {
+          type: 'h_stack',
+          dynamic(_ctx, args) {
+            return { hidden: args.values.store === STORE_NONE };
+          },
+          inputs: [
+            {
+              type: 'text',
+              name: 'namespace',
+              label: 'Namespace',
+              defaultValue: '${[ctx.workspace()]}',
+              optional: true,
+            },
+            {
+              type: 'text',
+              name: 'key',
+              label: 'Key (defaults to Label)',
+              optional: true,
+              dynamic(_ctx, args) {
+                return { placeholder: String(args.values.label || '') };
+              },
+            },
+            {
+              type: 'text',
+              name: 'ttl',
+              label: 'TTL (seconds)',
+              placeholder: '0',
+              defaultValue: '0',
+              optional: true,
+              dynamic(_ctx, args) {
+                return { hidden: args.values.store !== STORE_EXPIRE };
+              },
+            },
+          ],
+        },
+        {
+          type: 'banner',
+          color: 'info',
+          dynamic(_ctx, args) {
+            return { hidden: args.values.store === STORE_NONE };
+          },
+          inputs: [
+            {
+              type: 'markdown',
+              content: '',
+              async dynamic(_ctx, args) {
+                const key = buildKey(args);
+                return {
+                  content: ['Value will be saved under: `' + key + '`'].join('\n\n'),
+                };
+              },
+            },
+          ],
+        },
+        {
+          type: 'accordion',
+          label: 'Advanced',
+          inputs: [
+            {
+              type: 'text',
+              name: 'title',
+              label: 'Prompt Title',
+              optional: true,
+              placeholder: 'Enter Value',
+            },
+            { type: 'text', name: 'defaultValue', label: 'Default Value', optional: true },
+            { type: 'text', name: 'placeholder', label: 'Input Placeholder', optional: true },
+            { type: 'checkbox', name: 'password', label: 'Mask Value' },
+          ],
+        },
+      ],
+      async onRender(ctx: Context, args: CallTemplateFunctionArgs): Promise<string | null> {
+        if (args.purpose !== 'send') return null;

-      return await ctx.prompt.text({
-        id: `prompt-${args.values.label}`,
-        label: String(args.values.title ?? ''),
-        title: String(args.values.title ?? ''),
-        defaultValue: String(args.values.defaultValue),
-        placeholder: String(args.values.placeholder),
-      });
+        if (args.values.store !== STORE_NONE && !args.values.namespace) {
+          throw new Error('Namespace is required when storing values')
+        }
+
+        const existing = await maybeGetValue(ctx, args);
+        if (existing != null) {
+          return existing;
+        }
+
+        const value = await ctx.prompt.text({
+          id: `prompt-${args.values.label ?? 'none'}`,
+          label: String(args.values.label || 'Value'),
+          title: String(args.values.title ?? 'Enter Value'),
+          defaultValue: String(args.values.defaultValue ?? ''),
+          placeholder: String(args.values.placeholder ?? ''),
+          password: Boolean(args.values.password),
+          required: false,
+        });
+
+        if (value == null) {
+          throw new Error('Prompt cancelled');
+        }
+
+        if (args.values.store !== STORE_NONE) {
+          await maybeSetValue(ctx, args, value);
+        }
+
+        return value;
+      },
    },
-  }],
+  ],
 };
+
+function buildKey(args: CallTemplateFunctionArgs) {
+  return [args.values.namespace, args.values.key || args.values.label]
+    .filter((v) => !!v)
+    .map((v) => slugify(String(v), { lower: true, trim: true }))
+    .join('.');
+}
+
+async function maybeGetValue(ctx: Context, args: CallTemplateFunctionArgs) {
+  if (args.values.store === STORE_NONE) return null;
+
+  const existing = await ctx.store.get<Saved>(buildKey(args));
+  if (existing == null) {
+    return null;
+  }
+
+  if (args.values.store === STORE_FOREVER) {
+    return existing.value;
+  }
+
+  const ttlSeconds = parseInt(String(args.values.ttl)) || 0;
+  const ageSeconds = (Date.now() - existing.createdAt) / 1000;
+  if (ageSeconds > ttlSeconds) {
+    ctx.store.delete(buildKey(args)).catch(console.error);
+    return null;
+  }
+
+  return existing.value;
+}
+
+async function maybeSetValue(ctx: Context, args: CallTemplateFunctionArgs, value: string) {
+  if (args.values.store === STORE_NONE) {
+    return;
+  }
+
+  await ctx.store.set<Saved>(buildKey(args), { value, createdAt: Date.now() });
+}
--- a/plugins/template-function-random/package.json
+++ b/plugins/template-function-random/package.json
@@ -0,0 +1,12 @@
+{
+  "name": "@yaak/template-function-random",
+  "displayName": "Random Template Functions",
+  "description": "Template functions for generating random values",
+  "private": true,
+  "version": "0.1.0",
+  "scripts": {
+    "build": "yaakcli build",
+    "dev": "yaakcli dev",
+    "lint":"tsc --noEmit && eslint . --ext .ts,.tsx"
+  }
+}
--- a/plugins/template-function-random/src/index.ts
+++ b/plugins/template-function-random/src/index.ts
@@ -0,0 +1,43 @@
+import type { CallTemplateFunctionArgs, Context, PluginDefinition } from '@yaakapp/api';
+
+export const plugin: PluginDefinition = {
+  templateFunctions: [
+    {
+      name: 'random.range',
+      description: 'Generate a random number between two values',
+      args: [
+        {
+          type: 'text',
+          name: 'min',
+          label: 'Minimum',
+          defaultValue: '0',
+        },
+        {
+          type: 'text',
+          name: 'max',
+          label: 'Maximum',
+          defaultValue: '1',
+        },
+        {
+          type: 'text',
+          name: 'decimals',
+          optional: true,
+          label: 'Decimal Places',
+        },
+      ],
+      async onRender(_ctx: Context, args: CallTemplateFunctionArgs): Promise<string | null> {
+        const min = args.values.min ? parseInt(String(args.values.min ?? '0')) : 0;
+        const max = args.values.max ? parseInt(String(args.values.max ?? '1')) : 1;
+        const decimals = args.values.decimals
+          ? parseInt(String(args.values.decimals ?? '0'))
+          : null;
+
+        let value = Math.random() * (max - min) + min;
+        if (decimals !== null) {
+          value = Math.round(value * Math.pow(10, decimals)) / Math.pow(10, decimals);
+        }
+        return String(value);
+      },
+    },
+  ],
+};
--- a/plugins/template-function-random/tsconfig.json
+++ b/plugins/template-function-random/tsconfig.json
@@ -0,0 +1,3 @@
+{
+  "extends": "../../tsconfig.json"
+}
--- a/plugins/template-function-response/package.json
+++ b/plugins/template-function-response/package.json
@@ -10,11 +10,6 @@
    "lint":"tsc --noEmit && eslint . --ext .ts,.tsx"
  },
  "dependencies": {
-    "jsonpath-plus": "^10.3.0",
-    "xpath": "^0.0.34",
-    "@xmldom/xmldom": "^0.9.8"
-  },
-  "devDependencies": {
-    "@types/jsonpath": "^0.2.4"
+    "@yaak/template-function-xml": "*"
  }
 }
--- a/plugins/template-function-response/src/index.ts
+++ b/plugins/template-function-response/src/index.ts
@@ -1,44 +1,53 @@
-import { DOMParser } from '@xmldom/xmldom';
+import type { JSONPathResult } from '../../template-function-json';
+import { filterJSONPath } from '../../template-function-json';
+import type { XPathResult } from '../../template-function-xml';
+import { filterXPath } from '../../template-function-xml';
 import type {
  CallTemplateFunctionArgs,
  Context,
+  DynamicTemplateFunctionArg,
  FormInput,
-  GetHttpAuthenticationConfigRequest,
  HttpResponse,
  PluginDefinition,
  RenderPurpose,
 } from '@yaakapp/api';
-import type { DynamicTemplateFunctionArg } from '@yaakapp/api/lib/plugins/TemplateFunctionPlugin';
-import { JSONPath } from 'jsonpath-plus';
 import { readFileSync } from 'node:fs';
-import xpath from 'xpath';

 const BEHAVIOR_TTL = 'ttl';
 const BEHAVIOR_ALWAYS = 'always';
 const BEHAVIOR_SMART = 'smart';

-const behaviorArg: FormInput = {
-  type: 'select',
-  name: 'behavior',
-  label: 'Sending Behavior',
-  defaultValue: 'smart',
-  options: [
-    { label: 'When no responses', value: BEHAVIOR_SMART },
-    { label: 'Always', value: BEHAVIOR_ALWAYS },
-    { label: 'When expired', value: BEHAVIOR_TTL },
-  ],
-};
+const RETURN_FIRST = 'first';
+const RETURN_ALL = 'all';
+const RETURN_JOIN = 'join';

-const ttlArg: DynamicTemplateFunctionArg = {
-  type: 'text',
-  name: 'ttl',
-  label: 'Expiration Time (seconds)',
-  placeholder: '0',
-  description: 'Resend the request when the latest response is older than this many seconds, or if there are no responses yet.',
-  dynamic(_ctx: Context, { values }: GetHttpAuthenticationConfigRequest) {
-    const show = values.behavior === BEHAVIOR_TTL;
-    return { hidden: !show };
-  },
+const behaviorArgs: DynamicTemplateFunctionArg = {
+  type: 'h_stack',
+  inputs: [
+    {
+      type: 'select',
+      name: 'behavior',
+      label: 'Sending Behavior',
+      defaultValue: BEHAVIOR_SMART,
+      options: [
+        { label: 'When no responses', value: BEHAVIOR_SMART },
+        { label: 'Always', value: BEHAVIOR_ALWAYS },
+        { label: 'When expired', value: BEHAVIOR_TTL },
+      ],
+    },
+    {
+      type: 'text',
+      name: 'ttl',
+      label: 'TTL (seconds)',
+      placeholder: '0',
+      defaultValue: '0',
+      description:
+        'Resend the request when the latest response is older than this many seconds, or if there are no responses yet. "0" means never expires',
+      dynamic(_ctx, args) {
+        return { hidden: args.values.behavior !== BEHAVIOR_TTL };
+      },
+    },
+  ],
 };

 const requestArg: FormInput = {
@@ -54,14 +63,13 @@ export const plugin: PluginDefinition = {
      description: 'Read the value of a response header, by name',
      args: [
        requestArg,
+        behaviorArgs,
        {
          type: 'text',
          name: 'header',
          label: 'Header Name',
          placeholder: 'Content-Type',
        },
-        behaviorArg,
-        ttlArg,
      ],
      async onRender(ctx: Context, args: CallTemplateFunctionArgs): Promise<string | null> {
        if (!args.values.request || !args.values.header) return null;
@@ -86,14 +94,67 @@ export const plugin: PluginDefinition = {
      aliases: ['response'],
      args: [
        requestArg,
+        behaviorArgs,
+        {
+          type: 'h_stack',
+          inputs: [
+            {
+              type: 'select',
+              name: 'result',
+              label: 'Return Format',
+              defaultValue: RETURN_FIRST,
+              options: [
+                { label: 'First result', value: RETURN_FIRST },
+                { label: 'All results', value: RETURN_ALL },
+                { label: 'Join with separator', value: RETURN_JOIN },
+              ],
+            },
+            {
+              name: 'join',
+              type: 'text',
+              label: 'Separator',
+              optional: true,
+              defaultValue: ', ',
+              dynamic(_ctx, args) {
+                return { hidden: args.values.result !== RETURN_JOIN };
+              },
+            },
+          ],
+        },
        {
          type: 'text',
          name: 'path',
          label: 'JSONPath or XPath',
          placeholder: '$.books[0].id or /books[0]/id',
+          dynamic: async (ctx, args) => {
+            const resp = await getResponse(ctx, {
+              requestId: String(args.values.request || ''),
+              purpose: 'preview',
+              behavior: args.values.behavior ? String(args.values.behavior) : null,
+              ttl: String(args.values.ttl || ''),
+            });
+
+            if (resp == null) {
+              return null;
+            }
+
+            const contentType =
+              resp?.headers.find((h) => h.name.toLowerCase() === 'content-type')?.value ?? '';
+            if (contentType.includes('xml') || contentType?.includes('html')) {
+              return {
+                label: 'XPath',
+                placeholder: '/books[0]/id',
+                description: 'Enter an XPath expression used to filter the results',
+              };
+            } else {
+              return {
+                label: 'JSONPath',
+                placeholder: '$.books[0].id',
+                description: 'Enter a JSONPath expression used to filter the results',
+              };
+            }
+          },
        },
-        behaviorArg,
-        ttlArg,
      ],
      async onRender(ctx: Context, args: CallTemplateFunctionArgs): Promise<string | null> {
        if (!args.values.request || !args.values.path) return null;
@@ -118,13 +179,35 @@ export const plugin: PluginDefinition = {
        }

        try {
-          return filterJSONPath(body, String(args.values.path || ''));
+          const result: JSONPathResult =
+            args.values.result === RETURN_ALL
+              ? 'all'
+              : args.values.result === RETURN_JOIN
+                ? 'join'
+                : 'first';
+          return filterJSONPath(
+            body,
+            String(args.values.path || ''),
+            result,
+            args.values.join == null ? null : String(args.values.join),
+          );
        } catch {
          // Probably not JSON, try XPath
        }

        try {
-          return filterXPath(body, String(args.values.path || ''));
+          const result: XPathResult =
+            args.values.result === RETURN_ALL
+              ? 'all'
+              : args.values.result === RETURN_JOIN
+                ? 'join'
+                : 'first';
+          return filterXPath(
+            body,
+            String(args.values.path || ''),
+            result,
+            args.values.join == null ? null : String(args.values.join),
+          );
        } catch {
          // Probably not XML
        }
@@ -136,7 +219,7 @@ export const plugin: PluginDefinition = {
      name: 'response.body.raw',
      description: 'Access the entire response body, as text',
      aliases: ['response'],
-      args: [requestArg, behaviorArg, ttlArg],
+      args: [requestArg, behaviorArgs],
      async onRender(ctx: Context, args: CallTemplateFunctionArgs): Promise<string | null> {
        if (!args.values.request) return null;

@@ -165,36 +248,6 @@ export const plugin: PluginDefinition = {
  ],
 };

-function filterJSONPath(body: string, path: string): string {
-  const parsed = JSON.parse(body);
-  const items = JSONPath({ path, json: parsed })[0];
-  if (items == null) {
-    return '';
-  }
-
-  if (
-    Object.prototype.toString.call(items) === '[object Array]' ||
-    Object.prototype.toString.call(items) === '[object Object]'
-  ) {
-    return JSON.stringify(items);
-  } else {
-    return String(items);
-  }
-}
-
-function filterXPath(body: string, path: string): string {
-  // eslint-disable-next-line @typescript-eslint/no-explicit-any
-  const doc: any = new DOMParser().parseFromString(body, 'text/xml');
-  const items = xpath.select(path, doc, false);
-
-  if (Array.isArray(items)) {
-    return items[0] != null ? String(items[0].firstChild ?? '') : '';
-  } else {
-    // Not sure what cases this happens in (?)
-    return String(items);
-  }
-}
-
 async function getResponse(
  ctx: Context,
  {
@@ -244,8 +297,8 @@ async function getResponse(

 function shouldSendExpired(response: HttpResponse | null, ttl: string | null): boolean {
  if (response == null) return true;
-  const ttlSeconds = parseInt(ttl || '0');
-  if (isNaN(ttlSeconds)) throw new Error(`Invalid TTL "${ttl}"`);
+  const ttlSeconds = parseInt(ttl || '0') || 0;
+  if (ttlSeconds === 0) return false;
  const nowMillis = Date.now();
  const respMillis = new Date(response.createdAt + 'Z').getTime();
  return respMillis + ttlSeconds * 1000 < nowMillis;
--- a/plugins/template-function-timestamp/src/index.ts
+++ b/plugins/template-function-timestamp/src/index.ts
@@ -52,21 +52,30 @@ export const plugin: PluginDefinition = {
  templateFunctions: [
    {
      name: 'timestamp.unix',
-      description: 'Get the current timestamp in seconds',
-      args: [],
-      onRender: async () => String(Math.floor(Date.now() / 1000)),
+      description: 'Get the timestamp in seconds',
+      args: [dateArg],
+      onRender: async (_ctx, args) => {
+        const d = parseDateString(String(args.values.date ?? ''));
+        return String(Math.floor(d.getTime() / 1000));
+      },
    },
    {
      name: 'timestamp.unixMillis',
-      description: 'Get the current timestamp in milliseconds',
-      args: [],
-      onRender: async () => String(Date.now()),
+      description: 'Get the timestamp in milliseconds',
+      args: [dateArg],
+      onRender: async (_ctx, args) => {
+        const d = parseDateString(String(args.values.date ?? ''));
+        return String(d.getTime());
+      },
    },
    {
      name: 'timestamp.iso8601',
-      description: 'Get the current date in ISO8601 format',
-      args: [],
-      onRender: async () => new Date().toISOString(),
+      description: 'Get the date in ISO8601 format',
+      args: [dateArg],
+      onRender: async (_ctx, args) => {
+        const d = parseDateString(String(args.values.date ?? ''));
+        return d.toISOString();
+      },
    },
    {
      name: 'timestamp.format',
--- a/plugins/template-function-xml/package.json
+++ b/plugins/template-function-xml/package.json
@@ -4,6 +4,8 @@
  "description": "Template functions for working with XML data",
  "private": true,
  "version": "0.1.0",
+  "main": "build/index.js",
+  "types": "src/index.ts",
  "scripts": {
    "build": "yaakcli build",
    "dev": "yaakcli dev",
--- a/plugins/template-function-xml/src/index.ts
+++ b/plugins/template-function-xml/src/index.ts
@@ -2,6 +2,10 @@ import { DOMParser } from '@xmldom/xmldom';
 import type { CallTemplateFunctionArgs, Context, PluginDefinition } from '@yaakapp/api';
 import xpath from 'xpath';

+const RETURN_FIRST = 'first';
+const RETURN_ALL = 'all';
+const RETURN_JOIN = 'join';
+
 export const plugin: PluginDefinition = {
  templateFunctions: [
    {
@@ -15,20 +19,39 @@ export const plugin: PluginDefinition = {
          multiLine: true,
          placeholder: '<foo></foo>',
        },
+        {
+          type: 'h_stack',
+          inputs: [
+            {
+              type: 'select',
+              name: 'result',
+              label: 'Return Format',
+              defaultValue: RETURN_FIRST,
+              options: [
+                { label: 'First result', value: RETURN_FIRST },
+                { label: 'All results', value: RETURN_ALL },
+                { label: 'Join with separator', value: RETURN_JOIN },
+              ],
+            },
+            {
+              name: 'join',
+              type: 'text',
+              label: 'Separator',
+              optional: true,
+              defaultValue: ', ',
+              dynamic(_ctx, args) {
+                return { hidden: args.values.result !== RETURN_JOIN };
+              },
+            },
+          ],
+        },
        { type: 'text', name: 'query', label: 'Query', placeholder: '//foo' },
      ],
      async onRender(_ctx: Context, args: CallTemplateFunctionArgs): Promise<string | null> {
        try {
-          // eslint-disable-next-line @typescript-eslint/no-explicit-any
-          const doc: any = new DOMParser().parseFromString(String(args.values.input), 'text/xml');
-          const result = xpath.select(String(args.values.query), doc, false);
-          if (Array.isArray(result)) {
-            return String(result.map((c) => String(c.firstChild))[0] ?? '');
-          } else if (result instanceof Node) {
-            return String(result.firstChild);
-          } else {
-            return String(result);
-          }
+          const result = (args.values.result || RETURN_FIRST) as XPathResult;
+          const join = args.values.join == null ? null : String(args.values.join);
+          return filterXPath(String(args.values.input), String(args.values.query), result, join);
        } catch {
          return null;
        }
@@ -36,3 +59,26 @@ export const plugin: PluginDefinition = {
    },
  ],
 };
+
+export type XPathResult = 'first' | 'join' | 'all';
+export function filterXPath(
+  body: string,
+  path: string,
+  result: XPathResult,
+  join: string | null,
+): string {
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  const doc: any = new DOMParser().parseFromString(body, 'text/xml');
+  const items = xpath.select(path, doc, false);
+
+  if (!Array.isArray(items)) {
+    return String(items);
+  } else if (!Array.isArray(items) || result === 'first') {
+    return items[0] != null ? String(items[0].firstChild ?? '') : '';
+  } else if (result === 'join') {
+    return items.map((item) => String(item.firstChild ?? '')).join(join ?? '');
+  } else {
+    // Not sure what cases this happens in (?)
+    return String(items);
+  }
+}
--- a/plugins/themes-yaak/src/index.ts
+++ b/plugins/themes-yaak/src/index.ts
@@ -745,5 +745,47 @@ export const plugin: PluginDefinition = {
        },
      },
    },
+    {
+      id: 'triangle',
+      dark: true,
+      label: 'Triangle',
+      base: {
+        surface: 'rgb(0,0,0)',
+        surfaceHighlight: 'rgb(21,21,21)',
+        surfaceActive: 'rgb(31,31,31)',
+        text: 'rgb(237,237,237)',
+        textSubtle: 'rgb(161,161,161)',
+        textSubtlest: 'rgb(115,115,115)',
+        border: 'rgb(31,31,31)',
+        primary: 'rgb(196,114,251)',
+        secondary: 'rgb(161,161,161)',
+        info: 'rgb(71,168,255)',
+        success: 'rgb(0,202,81)',
+        notice: 'rgb(255,175,0)',
+        warning: '#FF4C8D',
+        danger: '#fd495a',
+      },
+      components: {
+        editor: {
+          danger: '#FF4C8D',
+          warning: '#fd495a',
+        },
+        dialog: {
+          surface: 'rgb(10,10,10)',
+          border: 'rgb(31,31,31)',
+        },
+        sidebar: {
+          border: 'rgb(31,31,31)',
+        },
+        responsePane: {
+          surface: 'rgb(10,10,10)',
+          border: 'rgb(31,31,31)',
+        },
+        appHeader: {
+          surface: 'rgb(10,10,10)',
+          border: 'rgb(31,31,31)',
+        },
+      },
+    },
  ],
 };
--- a/scripts/vendor-plugins.cjs
+++ b/scripts/vendor-plugins.cjs
@@ -1,6 +1,5 @@
 const { readdirSync, cpSync } = require('node:fs');
 const path = require('node:path');
-const { execSync } = require('node:child_process');

 const pluginsDir = path.join(__dirname, '..', 'plugins');

@@ -9,7 +8,6 @@ console.log('Copying Yaak plugins to', pluginsDir);
 for (const name of readdirSync(pluginsDir)) {
  const dir = path.join(pluginsDir, name);
  if (name.startsWith('.')) continue;
-  execSync('npm run build', { cwd: dir });
  const destDir = path.join(__dirname, '../src-tauri/vendored/plugins/', name);
  console.log(`Copying ${name} to ${destDir}`);
  cpSync(path.join(dir, 'package.json'), path.join(destDir, 'package.json'));
--- a/src-tauri/Cargo.lock
+++ b/src-tauri/Cargo.lock
@@ -2790,7 +2790,7 @@ dependencies = [
 "dbus-secret-service",
 "log",
 "security-framework 2.11.1",
- "security-framework 3.2.0",
+ "security-framework 3.5.1",
 "windows-sys 0.60.2",
 "zeroize",
 ]
@@ -3009,9 +3009,9 @@ dependencies = [

 [[package]]
 name = "log"
-version = "0.4.27"
+version = "0.4.28"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "13dc2df351e3202783a1fe0d44375f7295ffb4049267b0f3018346dc122a1d94"
+checksum = "34080505efa8e45a4b816c349525ebe327ceaa8559756f0356cba97ef3bf7432"
 dependencies = [
 "value-bag",
 ]
@@ -4763,9 +4763,9 @@ dependencies = [

 [[package]]
 name = "rustls"
-version = "0.23.33"
+version = "0.23.34"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "751e04a496ca00bb97a5e043158d23d66b5aabf2e1d5aa2a0aaebb1aafe6f82c"
+checksum = "6a9586e9ee2b4f8fab52a0048ca7334d7024eef48e2cb9407e3497bb7cab7fa7"
 dependencies = [
 "once_cell",
 "ring",
@@ -4784,7 +4784,7 @@ dependencies = [
 "openssl-probe",
 "rustls-pki-types",
 "schannel",
- "security-framework 3.2.0",
+ "security-framework 3.5.1",
 ]

 [[package]]
@@ -4799,9 +4799,9 @@ dependencies = [

 [[package]]
 name = "rustls-platform-verifier"
-version = "0.6.1"
+version = "0.6.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "be59af91596cac372a6942530653ad0c3a246cdd491aaa9dcaee47f88d67d5a0"
+checksum = "1d99feebc72bae7ab76ba994bb5e121b8d83d910ca40b36e0921f53becc41784"
 dependencies = [
 "core-foundation 0.10.1",
 "core-foundation-sys",
@@ -4812,10 +4812,10 @@ dependencies = [
 "rustls-native-certs",
 "rustls-platform-verifier-android",
 "rustls-webpki",
- "security-framework 3.2.0",
+ "security-framework 3.5.1",
 "security-framework-sys",
 "webpki-root-certs",
- "windows-sys 0.59.0",
+ "windows-sys 0.61.2",
 ]

 [[package]]
@@ -4963,9 +4963,9 @@ dependencies = [

 [[package]]
 name = "security-framework"
-version = "3.2.0"
+version = "3.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "271720403f46ca04f7ba6f55d438f8bd878d6b8ca0a1046e8228c4145bcbb316"
+checksum = "b3297343eaf830f66ede390ea39da1d462b6b0c1b000f420d0a83f898bbbe6ef"
 dependencies = [
 "bitflags 2.9.1",
 "core-foundation 0.10.1",
@@ -4976,9 +4976,9 @@ dependencies = [

 [[package]]
 name = "security-framework-sys"
-version = "2.14.0"
+version = "2.15.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "49db231d56a190491cb4aeda9527f1ad45345af50b0851622a7adb8c03b01c32"
+checksum = "cc1f0cbffaac4852523ce30d8bd3c5cdc873501d96ff467ca09b6767bb8cd5c0"
 dependencies = [
 "core-foundation-sys",
 "libc",
@@ -5620,9 +5620,9 @@ checksum = "61c41af27dd6d1e27b1b16b489db798443478cef1f06a660c96db617ba5de3b1"

 [[package]]
 name = "tauri"
-version = "2.9.0"
+version = "2.9.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7f07c6590706b2fc0ab287b041cf5ce9c435b3850bdae5571e19d9d27584e89d"
+checksum = "8bceb52453e507c505b330afe3398510e87f428ea42b6e76ecb6bd63b15965b5"
 dependencies = [
 "anyhow",
 "bytes",
@@ -5664,7 +5664,6 @@ dependencies = [
 "tokio",
 "tray-icon",
 "url",
- "urlpattern",
 "webkit2gtk",
 "webview2-com",
 "window-vibrancy",
@@ -5673,9 +5672,9 @@ dependencies = [

 [[package]]
 name = "tauri-build"
-version = "2.5.0"
+version = "2.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f71be1f494b683ac439e6d61c16ab5c472c6f9c6ee78995b29556d9067c021a1"
+checksum = "a924b6c50fe83193f0f8b14072afa7c25b7a72752a2a73d9549b463f5fe91a38"
 dependencies = [
 "anyhow",
 "cargo_toml",
@@ -5736,9 +5735,9 @@ dependencies = [

 [[package]]
 name = "tauri-plugin"
-version = "2.5.0"
+version = "2.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3d7ce9aab979296b2f91e6fbf154207c2e3512b12ddca0b24bfa0e0cde6b2976"
+checksum = "076c78a474a7247c90cad0b6e87e593c4c620ed4efdb79cbe0214f0021f6c39d"
 dependencies = [
 "anyhow",
 "glob",
@@ -5789,9 +5788,9 @@ dependencies = [

 [[package]]
 name = "tauri-plugin-dialog"
-version = "2.4.0"
+version = "2.4.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0beee42a4002bc695550599b011728d9dfabf82f767f134754ed6655e434824e"
+checksum = "313f8138692ddc4a2127c4c9607d616a46f5c042e77b3722450866da0aad2f19"
 dependencies = [
 "log",
 "raw-window-handle",
@@ -5807,9 +5806,9 @@ dependencies = [

 [[package]]
 name = "tauri-plugin-fs"
-version = "2.4.2"
+version = "2.4.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "315784ec4be45e90a987687bae7235e6be3d6e9e350d2b75c16b8a4bf22c1db7"
+checksum = "47df422695255ecbe7bac7012440eddaeefd026656171eac9559f5243d3230d9"
 dependencies = [
 "anyhow",
 "dunce",
@@ -5891,9 +5890,9 @@ dependencies = [

 [[package]]
 name = "tauri-plugin-shell"
-version = "2.3.1"
+version = "2.3.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "54777d0c0d8add34eea3ced84378619ef5b97996bd967d3038c668feefd21071"
+checksum = "c374b6db45f2a8a304f0273a15080d98c70cde86178855fc24653ba657a1144c"
 dependencies = [
 "encoding_rs",
 "log",
@@ -5975,9 +5974,9 @@ dependencies = [

 [[package]]
 name = "tauri-runtime"
-version = "2.9.0"
+version = "2.9.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3367f0b47df90e9195cd9f04a56b0055a2cba45aa11923c6c253d748778176fc"
+checksum = "9368f09358496f2229313fccb37682ad116b7f46fa76981efe116994a0628926"
 dependencies = [
 "cookie",
 "dpi",
@@ -6000,9 +5999,9 @@ dependencies = [

 [[package]]
 name = "tauri-runtime-wry"
-version = "2.9.0"
+version = "2.9.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "80d91d29ca680c545364cf75ba2f2e3c7ea2ab6376bfa3be26b56fa2463a5b5e"
+checksum = "929f5df216f5c02a9e894554401bcdab6eec3e39ec6a4a7731c7067fc8688a93"
 dependencies = [
 "gtk",
 "http",
@@ -7816,7 +7815,6 @@ dependencies = [
 "cookie",
 "eventsource-client",
 "http",
- "hyper-util",
 "log",
 "md5 0.8.0",
 "mime_guess",
@@ -7842,7 +7840,6 @@ dependencies = [
 "thiserror 2.0.17",
 "tokio",
 "tokio-stream",
- "tower-service",
 "ts-rs",
 "uuid",
 "yaak-common",
@@ -7948,9 +7945,18 @@ dependencies = [
 name = "yaak-http"
 version = "0.1.0"
 dependencies = [
+ "hyper-util",
+ "log",
 "regex",
+ "reqwest",
+ "reqwest_cookie_store",
 "rustls",
 "rustls-platform-verifier",
+ "serde",
+ "tauri",
+ "thiserror 2.0.17",
+ "tokio",
+ "tower-service",
 "urlencoding",
 "yaak-models",
 ]
--- a/src-tauri/Cargo.toml
+++ b/src-tauri/Cargo.toml
@@ -48,7 +48,7 @@ chrono = { workspace = true, features = ["serde"] }
 cookie = "0.18.1"
 eventsource-client = { git = "https://github.com/yaakapp/rust-eventsource-client", version = "0.14.0" }
 http = { version = "1.2.0", default-features = false }
-log = "0.4.27"
+log = { workspace = true }
 md5 = "0.8.0"
 mime_guess = "2.0.5"
 rand = "0.9.0"
@@ -68,8 +68,6 @@ tauri-plugin-shell = { workspace = true }
 tauri-plugin-single-instance = { version = "2.3.4", features = ["deep-link"] }
 tauri-plugin-updater = "2.9.0"
 tauri-plugin-window-state = "2.4.0"
-hyper-util = { version = "0.1.17", default-features = false, features = ["client-legacy"] }
-tower-service = "0.3.3"
 thiserror = { workspace = true }
 tokio = { workspace = true, features = ["sync"] }
 tokio-stream = "0.1.17"
@@ -96,15 +94,16 @@ hex = "0.4.3"
 keyring = "3.6.3"
 reqwest = "0.12.20"
 reqwest_cookie_store = "0.8.0"
-rustls = { version = "0.23.33", default-features = false }
-rustls-platform-verifier = "0.6.1"
+rustls = { version = "0.23.34", default-features = false }
+rustls-platform-verifier = "0.6.2"
 serde = "1.0.228"
 serde_json = "1.0.145"
 sha2 = "0.10.9"
-tauri = "2.9.0"
-tauri-plugin = "2.5.0"
-tauri-plugin-dialog = "2.4.0"
-tauri-plugin-shell = "2.3.1"
+log = "0.4.28"
+tauri = "2.9.2"
+tauri-plugin = "2.5.1"
+tauri-plugin-dialog = "2.4.2"
+tauri-plugin-shell = "2.3.3"
 thiserror = "2.0.17"
 tokio = "1.48.0"
 ts-rs = "11.1.0"
--- a/src-tauri/src/commands.rs
+++ b/src-tauri/src/commands.rs
@@ -2,7 +2,7 @@ use crate::error::Result;
 use tauri::{command, AppHandle, Manager, Runtime, State, WebviewWindow};
 use tauri_plugin_dialog::{DialogExt, MessageDialogKind};
 use yaak_crypto::manager::EncryptionManagerExt;
-use yaak_plugins::events::{GetThemesResponse, PluginWindowContext};
+use yaak_plugins::events::{GetThemesResponse, PluginContext};
 use yaak_plugins::manager::PluginManager;
 use yaak_plugins::native_template_functions::{
    decrypt_secure_template_function, encrypt_secure_template_function,
@@ -28,8 +28,8 @@ pub(crate) async fn cmd_decrypt_template<R: Runtime>(
    template: &str,
 ) -> Result<String> {
    let app_handle = window.app_handle();
-    let window_context = &PluginWindowContext::new(&window);
-    Ok(decrypt_secure_template_function(&app_handle, window_context, template)?)
+    let plugin_context = &PluginContext::new(&window);
+    Ok(decrypt_secure_template_function(&app_handle, plugin_context, template)?)
 }

 #[command]
@@ -38,8 +38,8 @@ pub(crate) async fn cmd_secure_template<R: Runtime>(
    window: WebviewWindow<R>,
    template: &str,
 ) -> Result<String> {
-    let window_context = &PluginWindowContext::new(&window);
-    Ok(encrypt_secure_template_function(&app_handle, window_context, template)?)
+    let plugin_context = &PluginContext::new(&window);
+    Ok(encrypt_secure_template_function(&app_handle, plugin_context, template)?)
 }

 #[command]
--- a/src-tauri/src/encoding.rs
+++ b/src-tauri/src/encoding.rs
@@ -1,5 +1,4 @@
-use log::debug;
-use mime_guess::{Mime, mime};
+use mime_guess::{mime, Mime};
 use std::path::Path;
 use std::str::FromStr;
 use tokio::fs;
@@ -7,14 +6,8 @@ use tokio::fs;
 pub async fn read_response_body(body_path: impl AsRef<Path>, content_type: &str) -> Option<String> {
    let body = fs::read(body_path).await.ok()?;
    let body_charset = parse_charset(content_type).unwrap_or("utf-8".to_string());
-    debug!("body_charset: {}", body_charset);
    if let Some(decoder) = charset::Charset::for_label(body_charset.as_bytes()) {
-        debug!("Using decoder for charset: {}", body_charset);
-        let (cow, real_encoding, exist_replace) = decoder.decode(&body);
-        debug!(
-            "Decoded body with charset: {}, real_encoding: {:?}, exist_replace: {}",
-            body_charset, real_encoding, exist_replace
-        );
+        let (cow, _real_encoding, _exist_replace) = decoder.decode(&body);
        return cow.into_owned().into();
    }

--- a/src-tauri/src/error.rs
+++ b/src-tauri/src/error.rs
@@ -16,6 +16,9 @@ pub enum Error {
    #[error(transparent)]
    CryptoError(#[from] yaak_crypto::error::Error),

+    #[error(transparent)]
+    HttpError(#[from] yaak_http::error::Error),
+
    #[error(transparent)]
    GitError(#[from] yaak_git::error::Error),

--- a/src-tauri/src/grpc.rs
+++ b/src-tauri/src/grpc.rs
@@ -6,7 +6,7 @@ use tauri::{Manager, Runtime, WebviewWindow};
 use yaak_grpc::{KeyAndValueRef, MetadataMap};
 use yaak_models::models::GrpcRequest;
 use yaak_models::query_manager::QueryManagerExt;
-use yaak_plugins::events::{CallHttpAuthenticationRequest, HttpHeader};
+use yaak_plugins::events::{CallHttpAuthenticationRequest, HttpHeader, PluginContext};
 use yaak_plugins::manager::PluginManager;

 pub(crate) fn metadata_to_map(metadata: MetadataMap) -> BTreeMap<String, String> {
@@ -81,7 +81,12 @@ pub(crate) async fn build_metadata<R: Runtime>(
                    .collect(),
            };
            let plugin_result = plugin_manager
-                .call_http_authentication(&window, &authentication_type, plugin_req)
+                .call_http_authentication(
+                    &window,
+                    &authentication_type,
+                    plugin_req,
+                    &PluginContext::new(window),
+                )
                .await?;
            for header in plugin_result.set_headers.unwrap_or_default() {
                metadata.insert(header.name, header.value);
--- a/src-tauri/src/http_request.rs
+++ b/src-tauri/src/http_request.rs
@@ -6,9 +6,9 @@ use http::header::{ACCEPT, USER_AGENT};
 use http::{HeaderMap, HeaderName, HeaderValue};
 use log::{debug, error, warn};
 use mime_guess::Mime;
-use reqwest::redirect::Policy;
-use reqwest::{Method, NoProxy, Response};
-use reqwest::{Proxy, Url, multipart};
+use reqwest::{Method, Response};
+use reqwest::{Url, multipart};
+use reqwest_cookie_store::{CookieStore, CookieStoreMutex};
 use serde_json::Value;
 use std::collections::BTreeMap;
 use std::path::PathBuf;
@@ -21,6 +21,10 @@ use tokio::fs::{File, create_dir_all};
 use tokio::io::AsyncWriteExt;
 use tokio::sync::watch::Receiver;
 use tokio::sync::{Mutex, oneshot};
+use yaak_http::client::{
+    HttpConnectionOptions, HttpConnectionProxySetting, HttpConnectionProxySettingAuth,
+};
+use yaak_http::manager::HttpConnectionManager;
 use yaak_models::models::{
    Cookie, CookieJar, Environment, HttpRequest, HttpResponse, HttpResponseHeader,
    HttpResponseState, ProxySetting, ProxySettingAuth,
@@ -28,12 +32,11 @@ use yaak_models::models::{
 use yaak_models::query_manager::QueryManagerExt;
 use yaak_models::util::UpdateSource;
 use yaak_plugins::events::{
-    CallHttpAuthenticationRequest, HttpHeader, PluginWindowContext, RenderPurpose,
+    CallHttpAuthenticationRequest, HttpHeader, PluginContext, RenderPurpose,
 };
 use yaak_plugins::manager::PluginManager;
 use yaak_plugins::template_callback::PluginTemplateCallback;
 use yaak_templates::{RenderErrorBehavior, RenderOptions};
-use crate::dns::LocalhostResolver;

 pub async fn send_http_request<R: Runtime>(
    window: &WebviewWindow<R>,
@@ -42,9 +45,31 @@ pub async fn send_http_request<R: Runtime>(
    environment: Option<Environment>,
    cookie_jar: Option<CookieJar>,
    cancelled_rx: &mut Receiver<bool>,
+) -> Result<HttpResponse> {
+    send_http_request_with_context(
+        window,
+        unrendered_request,
+        og_response,
+        environment,
+        cookie_jar,
+        cancelled_rx,
+        &PluginContext::new(window),
+    )
+    .await
+}
+
+pub async fn send_http_request_with_context<R: Runtime>(
+    window: &WebviewWindow<R>,
+    unrendered_request: &HttpRequest,
+    og_response: &HttpResponse,
+    environment: Option<Environment>,
+    cookie_jar: Option<CookieJar>,
+    cancelled_rx: &mut Receiver<bool>,
+    plugin_context: &PluginContext,
 ) -> Result<HttpResponse> {
    let app_handle = window.app_handle().clone();
    let plugin_manager = app_handle.state::<PluginManager>();
+    let connection_manager = app_handle.state::<HttpConnectionManager>();
    let settings = window.db().get_settings();
    let workspace = window.db().get_workspace(&unrendered_request.workspace_id)?;
    let environment_id = environment.map(|e| e.id);
@@ -72,11 +97,7 @@ pub async fn send_http_request<R: Runtime>(
        }
    };

-    let cb = PluginTemplateCallback::new(
-        window.app_handle(),
-        &PluginWindowContext::new(window),
-        RenderPurpose::Send,
-    );
+    let cb = PluginTemplateCallback::new(window.app_handle(), &plugin_context, RenderPurpose::Send);

    let opt = RenderOptions {
        error_behavior: RenderErrorBehavior::Throw,
@@ -102,65 +123,33 @@ pub async fn send_http_request<R: Runtime>(
    }
    debug!("Sending request to {} {url_string}", request.method);

-    let mut client_builder = reqwest::Client::builder()
-        .redirect(match workspace.setting_follow_redirects {
-            true => Policy::limited(10), // TODO: Handle redirects natively
-            false => Policy::none(),
-        })
-        .connection_verbose(true)
-        .gzip(true)
-        .brotli(true)
-        .deflate(true)
-        .dns_resolver(LocalhostResolver::new())
-        .referer(false)
-        .tls_info(true);
-
-    let tls_config = yaak_http::tls::get_config(workspace.setting_validate_certificates, true);
-    client_builder = client_builder.use_preconfigured_tls(tls_config);
-
-    match settings.proxy {
-        Some(ProxySetting::Disabled) => client_builder = client_builder.no_proxy(),
+    let proxy_setting = match settings.proxy {
+        None => HttpConnectionProxySetting::System,
+        Some(ProxySetting::Disabled) => HttpConnectionProxySetting::Disabled,
        Some(ProxySetting::Enabled {
            http,
            https,
            auth,
-            disabled,
            bypass,
-        }) if !disabled => {
-            debug!("Using proxy http={http} https={https} bypass={bypass}");
-            if !http.is_empty() {
-                match Proxy::http(http) {
-                    Ok(mut proxy) => {
-                        if let Some(ProxySettingAuth { user, password }) = auth.clone() {
-                            debug!("Using http proxy auth");
-                            proxy = proxy.basic_auth(user.as_str(), password.as_str());
+            disabled,
+        }) => {
+            if disabled {
+                HttpConnectionProxySetting::System
+            } else {
+                HttpConnectionProxySetting::Enabled {
+                    http,
+                    https,
+                    bypass,
+                    auth: match auth {
+                        None => None,
+                        Some(ProxySettingAuth { user, password }) => {
+                            Some(HttpConnectionProxySettingAuth { user, password })
                        }
-                        proxy = proxy.no_proxy(NoProxy::from_string(&bypass));
-                        client_builder = client_builder.proxy(proxy);
-                    }
-                    Err(e) => {
-                        warn!("Failed to apply http proxy {e:?}");
-                    }
-                };
-            }
-            if !https.is_empty() {
-                match Proxy::https(https) {
-                    Ok(mut proxy) => {
-                        if let Some(ProxySettingAuth { user, password }) = auth {
-                            debug!("Using https proxy auth");
-                            proxy = proxy.basic_auth(user.as_str(), password.as_str());
-                        }
-                        proxy = proxy.no_proxy(NoProxy::from_string(&bypass));
-                        client_builder = client_builder.proxy(proxy);
-                    }
-                    Err(e) => {
-                        warn!("Failed to apply https proxy {e:?}");
-                    }
-                };
+                    },
+                }
            }
        }
-        _ => {} // Nothing to do for this one, as it is the default
-    }
+    };

    // Add cookie store if specified
    let maybe_cookie_manager = match cookie_jar.clone() {
@@ -179,23 +168,33 @@ pub async fn send_http_request<R: Runtime>(
                .map(|c| Ok(c))
                .collect::<Vec<Result<_>>>();

-            let store = reqwest_cookie_store::CookieStore::from_cookies(cookies, true)?;
-            let cookie_store = reqwest_cookie_store::CookieStoreMutex::new(store);
+            let cookie_store = CookieStore::from_cookies(cookies, true)?;
+            let cookie_store = CookieStoreMutex::new(cookie_store);
            let cookie_store = Arc::new(cookie_store);
-            client_builder = client_builder.cookie_provider(Arc::clone(&cookie_store));
-
-            Some((cookie_store, cj))
+            let cookie_provider = Arc::clone(&cookie_store);
+            Some((cookie_provider, cj))
        }
        None => None,
    };

-    if workspace.setting_request_timeout > 0 {
-        client_builder = client_builder.timeout(Duration::from_millis(
-            workspace.setting_request_timeout.unsigned_abs() as u64,
-        ));
-    }
-
-    let client = client_builder.build()?;
+    let client = connection_manager
+        .get_client(
+            &plugin_context.id,
+            &HttpConnectionOptions {
+                follow_redirects: workspace.setting_follow_redirects,
+                validate_certificates: workspace.setting_validate_certificates,
+                proxy: proxy_setting,
+                cookie_provider: maybe_cookie_manager.as_ref().map(|(p, _)| Arc::clone(&p)),
+                timeout: if workspace.setting_request_timeout > 0 {
+                    Some(Duration::from_millis(
+                        workspace.setting_request_timeout.unsigned_abs() as u64
+                    ))
+                } else {
+                    None
+                },
+            },
+        )
+        .await?;

    // Render query parameters
    let mut query_params = Vec::new();
@@ -469,8 +468,9 @@ pub async fn send_http_request<R: Runtime>(
                    })
                    .collect(),
            };
-            let auth_result =
-                plugin_manager.call_http_authentication(&window, &authentication_type, req).await;
+            let auth_result = plugin_manager
+                .call_http_authentication(&window, &authentication_type, req, plugin_context)
+                .await;
            let plugin_result = match auth_result {
                Ok(r) => r,
                Err(e) => {
--- a/src-tauri/src/lib.rs
+++ b/src-tauri/src/lib.rs
@@ -23,7 +23,7 @@ use tauri::{Listener, Runtime};
 use tauri::{Manager, WindowEvent};
 use tauri_plugin_deep_link::DeepLinkExt;
 use tauri_plugin_log::fern::colors::ColoredLevelConfig;
-use tauri_plugin_log::{Builder, Target, TargetKind};
+use tauri_plugin_log::{Builder, Target, TargetKind, log};
 use tauri_plugin_window_state::{AppHandleExt, StateFlags};
 use tokio::sync::Mutex;
 use tokio::task::block_in_place;
@@ -38,14 +38,20 @@ use yaak_models::models::{
 };
 use yaak_models::query_manager::QueryManagerExt;
 use yaak_models::util::{BatchUpsertResult, UpdateSource, get_workspace_export_resources};
-use yaak_plugins::events::{CallGrpcRequestActionArgs, CallGrpcRequestActionRequest, CallHttpRequestActionArgs, CallHttpRequestActionRequest, Color, FilterResponse, GetGrpcRequestActionsResponse, GetHttpAuthenticationConfigResponse, GetHttpAuthenticationSummaryResponse, GetHttpRequestActionsResponse, GetTemplateFunctionSummaryResponse, GetTemplateFunctionConfigResponse, InternalEvent, InternalEventPayload, JsonPrimitive, PluginWindowContext, RenderPurpose, ShowToastRequest};
+use yaak_plugins::events::{
+    CallGrpcRequestActionArgs, CallGrpcRequestActionRequest, CallHttpRequestActionArgs,
+    CallHttpRequestActionRequest, Color, FilterResponse, GetGrpcRequestActionsResponse,
+    GetHttpAuthenticationConfigResponse, GetHttpAuthenticationSummaryResponse,
+    GetHttpRequestActionsResponse, GetTemplateFunctionConfigResponse,
+    GetTemplateFunctionSummaryResponse, InternalEvent, InternalEventPayload, JsonPrimitive,
+    PluginContext, RenderPurpose, ShowToastRequest,
+};
 use yaak_plugins::manager::PluginManager;
 use yaak_plugins::plugin_meta::PluginMetadata;
 use yaak_plugins::template_callback::PluginTemplateCallback;
 use yaak_sse::sse::ServerSentEvent;
-use yaak_templates::format::format_json;
+use yaak_templates::format_json::format_json;
 use yaak_templates::{RenderErrorBehavior, RenderOptions, Tokens, transform_args};
-use yaak_templates::format_xml::format_xml;

 mod commands;
 mod encoding;
@@ -61,7 +67,6 @@ mod updates;
 mod uri_scheme;
 mod window;
 mod window_menu;
-mod dns;

 #[derive(serde::Serialize)]
 #[serde(default, rename_all = "camelCase")]
@@ -98,7 +103,7 @@ async fn cmd_template_tokens_to_string<R: Runtime>(
 ) -> YaakResult<String> {
    let cb = PluginTemplateCallback::new(
        &app_handle,
-        &PluginWindowContext::new(&window),
+        &PluginContext::new(&window),
        RenderPurpose::Preview,
    );
    let new_tokens = transform_args(tokens, &cb)?;
@@ -112,6 +117,7 @@ async fn cmd_render_template<R: Runtime>(
    template: &str,
    workspace_id: &str,
    environment_id: Option<&str>,
+    purpose: Option<RenderPurpose>,
 ) -> YaakResult<String> {
    let environment_chain =
        app_handle.db().resolve_environments(workspace_id, None, environment_id)?;
@@ -120,8 +126,8 @@ async fn cmd_render_template<R: Runtime>(
        environment_chain,
        &PluginTemplateCallback::new(
            &app_handle,
-            &PluginWindowContext::new(&window),
-            RenderPurpose::Preview,
+            &PluginContext::new(&window),
+            purpose.unwrap_or(RenderPurpose::Preview),
        ),
        &RenderOptions {
            error_behavior: RenderErrorBehavior::Throw,
@@ -164,7 +170,7 @@ async fn cmd_grpc_reflect<R: Runtime>(
        environment_chain,
        &PluginTemplateCallback::new(
            &app_handle,
-            &PluginWindowContext::new(&window),
+            &PluginContext::new(&window),
            RenderPurpose::Send,
        ),
        &RenderOptions {
@@ -213,7 +219,7 @@ async fn cmd_grpc_go<R: Runtime>(
        environment_chain.clone(),
        &PluginTemplateCallback::new(
            &app_handle,
-            &PluginWindowContext::new(&window),
+            &PluginContext::new(&window),
            RenderPurpose::Send,
        ),
        &RenderOptions {
@@ -338,7 +344,7 @@ async fn cmd_grpc_go<R: Runtime>(
                                environment_chain,
                                &PluginTemplateCallback::new(
                                    &app_handle,
-                                    &PluginWindowContext::new(&window),
+                                    &PluginContext::new(&window),
                                    RenderPurpose::Send,
                                ),
                                &RenderOptions {
@@ -410,7 +416,7 @@ async fn cmd_grpc_go<R: Runtime>(
            environment_chain,
            &PluginTemplateCallback::new(
                &app_handle,
-                &PluginWindowContext::new(&window),
+                &PluginContext::new(&window),
                RenderPurpose::Send,
            ),
            &RenderOptions {
@@ -740,11 +746,6 @@ async fn cmd_format_json(text: &str) -> YaakResult<String> {
    Ok(format_json(text, "  "))
 }

-#[tauri::command]
-async fn cmd_format_xml(text: &str) -> YaakResult<String> {
-    Ok(format_xml(text, "  "))
-}
-
 #[tauri::command]
 async fn cmd_http_response_body<R: Runtime>(
    window: WebviewWindow<R>,
@@ -852,12 +853,16 @@ async fn cmd_template_function_config<R: Runtime>(
        AnyModel::Folder(m) => (m.workspace_id, m.folder_id),
        AnyModel::Workspace(m) => (m.id, None),
        m => {
-            return Err(GenericError(format!("Unsupported model to call template functions {m:?}")));
+            return Err(GenericError(format!(
+                "Unsupported model to call template functions {m:?}"
+            )));
        }
    };
    let environment_chain =
        window.db().resolve_environments(&workspace_id, folder_id.as_deref(), environment_id)?;
-    Ok(plugin_manager.get_template_function_config(&window, function_name, environment_chain, values, model.id()).await?)
+    Ok(plugin_manager
+        .get_template_function_config(&window, function_name, environment_chain, values, model.id())
+        .await?)
 }

 #[tauri::command]
@@ -1157,7 +1162,7 @@ async fn cmd_install_plugin<R: Runtime>(
    app_handle: AppHandle<R>,
    window: WebviewWindow<R>,
 ) -> YaakResult<Plugin> {
-    plugin_manager.add_plugin_by_dir(&PluginWindowContext::new(&window), &directory).await?;
+    plugin_manager.add_plugin_by_dir(&PluginContext::new(&window), &directory).await?;

    Ok(app_handle.db().upsert_plugin(
        &Plugin {
@@ -1173,7 +1178,7 @@ async fn cmd_install_plugin<R: Runtime>(
 async fn cmd_create_grpc_request<R: Runtime>(
    workspace_id: &str,
    name: &str,
-    sort_priority: f32,
+    sort_priority: f64,
    folder_id: Option<&str>,
    app_handle: AppHandle<R>,
    window: WebviewWindow<R>,
@@ -1196,7 +1201,7 @@ async fn cmd_reload_plugins<R: Runtime>(
    window: WebviewWindow<R>,
    plugin_manager: State<'_, PluginManager>,
 ) -> YaakResult<()> {
-    plugin_manager.initialize_all_plugins(&app_handle, &PluginWindowContext::new(&window)).await?;
+    plugin_manager.initialize_all_plugins(&app_handle, &PluginContext::new(&window)).await?;
    Ok(())
 }

@@ -1346,6 +1351,7 @@ pub fn run() {
        .plugin(yaak_crypto::init())
        .plugin(yaak_fonts::init())
        .plugin(yaak_git::init())
+        .plugin(yaak_http::init())
        .plugin(yaak_ws::init())
        .plugin(yaak_sync::init());

@@ -1421,7 +1427,6 @@ pub fn run() {
            cmd_export_data,
            cmd_http_response_body,
            cmd_format_json,
-            cmd_format_xml,
            cmd_get_http_authentication_summaries,
            cmd_get_http_authentication_config,
            cmd_get_sse_events,
@@ -1617,13 +1622,13 @@ async fn call_frontend<R: Runtime>(
    v.to_owned()
 }

-fn get_window_from_window_context<R: Runtime>(
+fn get_window_from_plugin_context<R: Runtime>(
    app_handle: &AppHandle<R>,
-    window_context: &PluginWindowContext,
+    plugin_context: &PluginContext,
 ) -> Result<WebviewWindow<R>> {
-    let label = match window_context {
-        PluginWindowContext::Label { label, .. } => label,
-        PluginWindowContext::None => {
+    let label = match &plugin_context.label {
+        Some(label) => label,
+        None => {
            return app_handle
                .webview_windows()
                .iter()
@@ -1639,7 +1644,7 @@ fn get_window_from_window_context<R: Runtime>(
        .find_map(|(_, w)| if w.label() == label { Some(w.to_owned()) } else { None });

    if window.is_none() {
-        error!("Failed to find window by {window_context:?}");
+        error!("Failed to find window by {plugin_context:?}");
    }

    Ok(window.ok_or(GenericError(format!("Failed to find window for {}", label)))?)
--- a/src-tauri/src/notifications.rs
+++ b/src-tauri/src/notifications.rs
@@ -3,13 +3,13 @@ use std::time::SystemTime;
 use crate::error::Result;
 use crate::history::get_or_upsert_launch_info;
 use chrono::{DateTime, Utc};
-use log::debug;
+use log::{debug, info};
 use reqwest::Method;
 use serde::{Deserialize, Serialize};
 use tauri::{AppHandle, Emitter, Manager, Runtime, WebviewWindow};
 use ts_rs::TS;
 use yaak_common::api_client::yaak_api_client;
-use yaak_common::platform::get_os;
+use yaak_common::platform::get_os_str;
 use yaak_models::query_manager::QueryManagerExt;
 use yaak_models::util::UpdateSource;

@@ -77,9 +77,16 @@ impl YaakNotifier {

        self.last_check = SystemTime::now();

+        if !app_handle.db().get_settings().check_notifications {
+            info!("Notifications are disabled. Skipping check.");
+            return Ok(());
+        }
+
+        debug!("Checking for notifications");
+
        #[cfg(feature = "license")]
        let license_check = {
-            use yaak_license::{check_license, LicenseCheckStatus};
+            use yaak_license::{LicenseCheckStatus, check_license};
            match check_license(window).await {
                Ok(LicenseCheckStatus::PersonalUse { .. }) => "personal".to_string(),
                Ok(LicenseCheckStatus::CommercialUse) => "commercial".to_string(),
@@ -101,7 +108,7 @@ impl YaakNotifier {
                ("installed", &launch_info.user_since.format("%Y-%m-%d").to_string()),
                ("license", &license_check),
                ("updates", &get_updater_status(app_handle).to_string()),
-                ("platform", &get_os().to_string()),
+                ("platform", &get_os_str().to_string()),
            ]);
        let resp = req.send().await?;
        if resp.status() != 200 {
@@ -132,6 +139,7 @@ async fn get_kv<R: Runtime>(app_handle: &AppHandle<R>) -> Result<Vec<String>> {
    }
 }

+#[allow(unused)]
 fn get_updater_status<R: Runtime>(app_handle: &AppHandle<R>) -> &'static str {
    #[cfg(not(feature = "updater"))]
    {
--- a/src-tauri/src/plugin_events.rs
+++ b/src-tauri/src/plugin_events.rs
@@ -1,9 +1,9 @@
 use crate::error::Result;
-use crate::http_request::send_http_request;
+use crate::http_request::send_http_request_with_context;
 use crate::render::{render_grpc_request, render_http_request, render_json_value};
 use crate::window::{CreateWindowConfig, create_window};
 use crate::{
-    call_frontend, cookie_jar_from_window, environment_from_window, get_window_from_window_context,
+    call_frontend, cookie_jar_from_window, environment_from_window, get_window_from_plugin_context,
    workspace_from_window,
 };
 use chrono::Utc;
@@ -16,12 +16,13 @@ use yaak_models::models::{HttpResponse, Plugin};
 use yaak_models::queries::any_request::AnyRequest;
 use yaak_models::query_manager::QueryManagerExt;
 use yaak_models::util::UpdateSource;
+use yaak_plugins::error::Error::PluginErr;
 use yaak_plugins::events::{
    Color, DeleteKeyValueResponse, EmptyPayload, ErrorResponse, FindHttpResponsesResponse,
    GetCookieValueResponse, GetHttpRequestByIdResponse, GetKeyValueResponse, Icon, InternalEvent,
-    InternalEventPayload, ListCookieNamesResponse, PluginWindowContext, RenderGrpcRequestResponse,
+    InternalEventPayload, ListCookieNamesResponse, RenderGrpcRequestResponse,
    RenderHttpRequestResponse, SendHttpRequestResponse, SetKeyValueResponse, ShowToastRequest,
-    TemplateRenderResponse, WindowNavigateEvent,
+    TemplateRenderResponse, WindowInfoResponse, WindowNavigateEvent,
 };
 use yaak_plugins::plugin_handle::PluginHandle;
 use yaak_plugins::template_callback::PluginTemplateCallback;
@@ -32,24 +33,22 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
    event: &InternalEvent,
    plugin_handle: &PluginHandle,
 ) -> Result<Option<InternalEventPayload>> {
-    // debug!("Got event to app {event:?}");
-    let window_context = event.window_context.to_owned();
+    // log::debug!("Got event to app {event:?}");
+    let plugin_context = event.context.to_owned();
    match event.clone().payload {
        InternalEventPayload::CopyTextRequest(req) => {
            app_handle.clipboard().write_text(req.text.as_str())?;
            Ok(Some(InternalEventPayload::CopyTextResponse(EmptyPayload {})))
        }
        InternalEventPayload::ShowToastRequest(req) => {
-            match window_context {
-                PluginWindowContext::Label { label, .. } => {
-                    app_handle.emit_to(label, "show_toast", req)?
-                }
-                _ => app_handle.emit("show_toast", req)?,
+            match plugin_context.label {
+                Some(label) => app_handle.emit_to(label, "show_toast", req)?,
+                None => app_handle.emit("show_toast", req)?,
            };
            Ok(Some(InternalEventPayload::ShowToastResponse(EmptyPayload {})))
        }
        InternalEventPayload::PromptTextRequest(_) => {
-            let window = get_window_from_window_context(app_handle, &window_context)?;
+            let window = get_window_from_plugin_context(app_handle, &plugin_context)?;
            Ok(call_frontend(&window, event).await)
        }
        InternalEventPayload::FindHttpResponsesRequest(req) => {
@@ -68,7 +67,7 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
            })))
        }
        InternalEventPayload::RenderGrpcRequestRequest(req) => {
-            let window = get_window_from_window_context(app_handle, &window_context)?;
+            let window = get_window_from_plugin_context(app_handle, &plugin_context)?;

            let workspace =
                workspace_from_window(&window).expect("Failed to get workspace_id from window URL");
@@ -78,7 +77,7 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
                req.grpc_request.folder_id.as_deref(),
                environment_id.as_deref(),
            )?;
-            let cb = PluginTemplateCallback::new(app_handle, &window_context, req.purpose);
+            let cb = PluginTemplateCallback::new(app_handle, &plugin_context, req.purpose);
            let opt = RenderOptions {
                error_behavior: RenderErrorBehavior::Throw,
            };
@@ -89,7 +88,7 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
            })))
        }
        InternalEventPayload::RenderHttpRequestRequest(req) => {
-            let window = get_window_from_window_context(app_handle, &window_context)?;
+            let window = get_window_from_plugin_context(app_handle, &plugin_context)?;

            let workspace =
                workspace_from_window(&window).expect("Failed to get workspace_id from window URL");
@@ -99,7 +98,7 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
                req.http_request.folder_id.as_deref(),
                environment_id.as_deref(),
            )?;
-            let cb = PluginTemplateCallback::new(app_handle, &window_context, req.purpose);
+            let cb = PluginTemplateCallback::new(app_handle, &plugin_context, req.purpose);
            let opt = &RenderOptions {
                error_behavior: RenderErrorBehavior::Throw,
            };
@@ -110,7 +109,7 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
            })))
        }
        InternalEventPayload::TemplateRenderRequest(req) => {
-            let window = get_window_from_window_context(app_handle, &window_context)?;
+            let window = get_window_from_plugin_context(app_handle, &plugin_context)?;

            let workspace =
                workspace_from_window(&window).expect("Failed to get workspace_id from window URL");
@@ -130,7 +129,7 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
                folder_id.as_deref(),
                environment_id.as_deref(),
            )?;
-            let cb = PluginTemplateCallback::new(app_handle, &window_context, req.purpose);
+            let cb = PluginTemplateCallback::new(app_handle, &plugin_context, req.purpose);
            let opt = RenderOptions {
                error_behavior: RenderErrorBehavior::Throw,
            };
@@ -140,7 +139,7 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
        InternalEventPayload::ErrorResponse(resp) => {
            error!("Plugin error: {}: {:?}", resp.error, resp);
            let toast_event = plugin_handle.build_event_to_send(
-                &window_context,
+                &plugin_context,
                &InternalEventPayload::ShowToastRequest(ShowToastRequest {
                    message: format!(
                        "Plugin error from {}: {}",
@@ -172,7 +171,7 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
            if !req.silent {
                let info = plugin_handle.info();
                let toast_event = plugin_handle.build_event_to_send(
-                    &window_context,
+                    &plugin_context,
                    &InternalEventPayload::ShowToastRequest(ShowToastRequest {
                        message: format!("Reloaded plugin {}@{}", info.name, info.version),
                        icon: Some(Icon::Info),
@@ -187,7 +186,7 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
            }
        }
        InternalEventPayload::SendHttpRequestRequest(req) => {
-            let window = get_window_from_window_context(app_handle, &window_context)?;
+            let window = get_window_from_plugin_context(app_handle, &plugin_context)?;
            let mut http_request = req.http_request;
            let workspace =
                workspace_from_window(&window).expect("Failed to get workspace_id from window URL");
@@ -211,13 +210,14 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
                )?
            };

-            let http_response = send_http_request(
+            let http_response = send_http_request_with_context(
                &window,
                &http_request,
                &http_response,
                environment,
                cookie_jar,
                &mut tokio::sync::watch::channel(false).1, // No-op cancel channel
+                &plugin_context,
            )
            .await?;

@@ -240,7 +240,7 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
            };
            if let Err(e) = create_window(app_handle, win_config) {
                let error_event = plugin_handle.build_event_to_send(
-                    &window_context,
+                    &plugin_context,
                    &InternalEventPayload::ErrorResponse(ErrorResponse {
                        error: format!("Failed to create window: {:?}", e),
                    }),
@@ -253,12 +253,12 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
            {
                let event_id = event.id.clone();
                let plugin_handle = plugin_handle.clone();
-                let window_context = window_context.clone();
+                let plugin_context = plugin_context.clone();
                tauri::async_runtime::spawn(async move {
                    while let Some(url) = navigation_rx.recv().await {
                        let url = url.to_string();
                        let event_to_send = plugin_handle.build_event_to_send(
-                            &window_context, // NOTE: Sending existing context on purpose here
+                            &plugin_context, // NOTE: Sending existing context on purpose here
                            &InternalEventPayload::WindowNavigateEvent(WindowNavigateEvent { url }),
                            Some(event_id.clone()),
                        );
@@ -270,11 +270,11 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
            {
                let event_id = event.id.clone();
                let plugin_handle = plugin_handle.clone();
-                let window_context = window_context.clone();
+                let plugin_context = plugin_context.clone();
                tauri::async_runtime::spawn(async move {
                    while let Some(_) = close_rx.recv().await {
                        let event_to_send = plugin_handle.build_event_to_send(
-                            &window_context,
+                            &plugin_context,
                            &InternalEventPayload::WindowCloseEvent,
                            Some(event_id.clone()),
                        );
@@ -309,7 +309,7 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
            })))
        }
        InternalEventPayload::ListCookieNamesRequest(_req) => {
-            let window = get_window_from_window_context(app_handle, &window_context)?;
+            let window = get_window_from_plugin_context(app_handle, &plugin_context)?;
            let names = match cookie_jar_from_window(&window) {
                None => Vec::new(),
                Some(j) => j
@@ -323,7 +323,7 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
            })))
        }
        InternalEventPayload::GetCookieValueRequest(req) => {
-            let window = get_window_from_window_context(app_handle, &window_context)?;
+            let window = get_window_from_plugin_context(app_handle, &plugin_context)?;
            let value = match cookie_jar_from_window(&window) {
                None => None,
                Some(j) => j.cookies.into_iter().find_map(|c| match Cookie::parse(c.raw_cookie) {
@@ -335,6 +335,29 @@ pub(crate) async fn handle_plugin_event<R: Runtime>(
            };
            Ok(Some(InternalEventPayload::GetCookieValueResponse(GetCookieValueResponse { value })))
        }
+        InternalEventPayload::WindowInfoRequest(req) => {
+            let w = app_handle
+                .get_webview_window(&req.label)
+                .ok_or(PluginErr(format!("Failed to find window for {}", req.label)))?;
+
+            // Actually look up the data so we never return an invalid ID
+            let environment_id = environment_from_window(&w).map(|m| m.id);
+            let workspace_id = workspace_from_window(&w).map(|m| m.id);
+            let request_id =
+                match app_handle.db().get_any_request(&w.request_id().unwrap_or_default()) {
+                    Ok(AnyRequest::HttpRequest(r)) => Some(r.id),
+                    Ok(AnyRequest::WebsocketRequest(r)) => Some(r.id),
+                    Ok(AnyRequest::GrpcRequest(r)) => Some(r.id),
+                    Err(_) => None,
+                };
+
+            Ok(Some(InternalEventPayload::WindowInfoResponse(WindowInfoResponse {
+                label: w.label().to_string(),
+                request_id,
+                workspace_id,
+                environment_id,
+            })))
+        }
        _ => Ok(None),
    }
 }
--- a/src-tauri/src/render.rs
+++ b/src-tauri/src/render.rs
@@ -1,11 +1,11 @@
 use serde_json::Value;
 use std::collections::BTreeMap;
-use yaak_http::apply_path_placeholders;
+use yaak_http::path_placeholders::apply_path_placeholders;
 use yaak_models::models::{
    Environment, GrpcRequest, HttpRequest, HttpRequestHeader, HttpUrlParameter,
 };
 use yaak_models::render::make_vars_hashmap;
-use yaak_templates::{RenderOptions, TemplateCallback, parse_and_render, render_json_value_raw};
+use yaak_templates::{parse_and_render, render_json_value_raw, RenderOptions, TemplateCallback};

 pub async fn render_template<T: TemplateCallback>(
    template: &str,
@@ -70,6 +70,9 @@ pub async fn render_http_request<T: TemplateCallback>(

    let mut url_parameters = Vec::new();
    for p in r.url_parameters.clone() {
+        if !p.enabled {
+            continue;
+        }
        url_parameters.push(HttpUrlParameter {
            enabled: p.enabled,
            name: parse_and_render(p.name.as_str(), vars, cb, &opt).await?,
@@ -80,6 +83,9 @@ pub async fn render_http_request<T: TemplateCallback>(

    let mut headers = Vec::new();
    for p in r.headers.clone() {
+        if !p.enabled {
+            continue;
+        }
        headers.push(HttpRequestHeader {
            enabled: p.enabled,
            name: parse_and_render(p.name.as_str(), vars, cb, &opt).await?,
--- a/src-tauri/src/window.rs
+++ b/src-tauri/src/window.rs
@@ -3,7 +3,7 @@ use crate::window_menu::app_menu;
 use log::{info, warn};
 use rand::random;
 use tauri::{
-    AppHandle, Emitter, LogicalSize, Manager, Runtime, WebviewUrl, WebviewWindow, WindowEvent,
+    AppHandle, Emitter, LogicalSize, Manager, PhysicalSize, Runtime, WebviewUrl, WebviewWindow, WindowEvent
 };
 use tauri_plugin_opener::OpenerExt;
 use tokio::sync::mpsc;
@@ -160,6 +160,11 @@ pub(crate) fn create_window<R: Runtime>(
            "dev.reset_size" => webview_window
                .set_size(LogicalSize::new(DEFAULT_WINDOW_WIDTH, DEFAULT_WINDOW_HEIGHT))
                .unwrap(),
+            "dev.reset_size_record" => {
+                let width = webview_window.outer_size().unwrap().width;
+                let height = width * 9 / 16;
+                webview_window.set_size(PhysicalSize::new(width, height)).unwrap()
+            }
            "dev.refresh" => webview_window.eval("location.reload()").unwrap(),
            "dev.generate_theme_css" => {
                w.emit("generate_theme_css", true).unwrap();
--- a/src-tauri/src/window_menu.rs
+++ b/src-tauri/src/window_menu.rs
@@ -143,6 +143,8 @@ pub fn app_menu<R: Runtime>(app_handle: &AppHandle<R>) -> tauri::Result<Menu<R>>
                        .build(app_handle)?,
                    &MenuItemBuilder::with_id("dev.reset_size".to_string(), "Reset Size")
                        .build(app_handle)?,
+                    &MenuItemBuilder::with_id("dev.reset_size_record".to_string(), "Reset Size 16x9")
+                        .build(app_handle)?,
                    &MenuItemBuilder::with_id(
                        "dev.generate_theme_css".to_string(),
                        "Generate Theme CSS",
--- a/src-tauri/yaak-common/src/lib.rs
+++ b/src-tauri/yaak-common/src/lib.rs
@@ -1,4 +1,4 @@
 pub mod window;
 pub mod platform;
 pub mod api_client;
-pub mod error;
+pub mod error;
--- a/src-tauri/yaak-common/src/platform.rs
+++ b/src-tauri/yaak-common/src/platform.rs
@@ -1,12 +1,30 @@
-pub fn get_os() -> &'static str {
+use crate::platform::OperatingSystem::{Linux, MacOS, Unknown, Windows};
+
+pub enum OperatingSystem {
+    Windows,
+    MacOS,
+    Linux,
+    Unknown,
+}
+
+pub fn get_os() -> OperatingSystem {
    if cfg!(target_os = "windows") {
-        "windows"
+        Windows
    } else if cfg!(target_os = "macos") {
-        "macos"
+        MacOS
    } else if cfg!(target_os = "linux") {
-        "linux"
+        Linux
    } else {
-        "unknown"
+        Unknown
+    }
+}
+
+pub fn get_os_str() -> &'static str {
+    match get_os() {
+        Windows => "windows",
+        MacOS => "macos",
+        Linux => "linux",
+        Unknown => "unknown",
    }
 }

@@ -33,4 +51,5 @@ pub fn get_ua_arch() -> &'static str {
        "ARM64"
    } else {
        "Unknown"
-    }}
+    }
+}
--- a/src-tauri/yaak-crypto/Cargo.toml
+++ b/src-tauri/yaak-crypto/Cargo.toml
@@ -10,7 +10,7 @@ base32 = "0.5.1" # For encoding human-readable key
 base64 = "0.22.1" # For encoding in the database
 chacha20poly1305 = "0.10.1"
 keyring = { workspace = true, features = ["apple-native", "windows-native", "sync-secret-service"] }
-log = "0.4.26"
+log = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
 tauri = { workspace = true }
 thiserror = { workspace = true }
--- a/src-tauri/yaak-git/Cargo.toml
+++ b/src-tauri/yaak-git/Cargo.toml
@@ -8,7 +8,7 @@ publish = false
 [dependencies]
 chrono = { workspace = true, features = ["serde"] }
 git2 = { version = "0.20.0", features = ["vendored-libgit2", "vendored-openssl"] }
-log = "0.4.22"
+log = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
 serde_json = { workspace = true }
 serde_yaml = "0.9.34"
--- a/src-tauri/yaak-git/bindings/gen_git.ts
+++ b/src-tauri/yaak-git/bindings/gen_git.ts
@@ -1,18 +1,18 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.
-import type { SyncModel } from "./gen_models.js";
+import type { SyncModel } from "./gen_models";

 export type GitAuthor = { name: string | null, email: string | null, };

 export type GitCommit = { author: GitAuthor, when: string, message: string | null, };

+export type GitRemote = { name: string, url: string | null, };
+
 export type GitStatus = "untracked" | "conflict" | "current" | "modified" | "removed" | "renamed" | "type_change";

 export type GitStatusEntry = { relaPath: string, status: GitStatus, staged: boolean, prev: SyncModel | null, next: SyncModel | null, };

 export type GitStatusSummary = { path: string, headRef: string | null, headRefShorthand: string | null, entries: Array<GitStatusEntry>, origins: Array<string>, localBranches: Array<string>, remoteBranches: Array<string>, };

-export type PullResult = { receivedBytes: number, receivedObjects: number, };
+export type PullResult = { "type": "success", message: string, } | { "type": "up_to_date" } | { "type": "needs_credentials", url: string, error: string | null, };

-export type PushResult = "success" | "nothing_to_push";
-
-export type PushType = "branch" | "tag";
+export type PushResult = { "type": "success", message: string, } | { "type": "up_to_date" } | { "type": "needs_credentials", url: string, error: string | null, };
--- a/src-tauri/yaak-git/bindings/gen_models.ts
+++ b/src-tauri/yaak-git/bindings/gen_models.ts
@@ -1,6 +1,6 @@
 // This file was generated by [ts-rs](https://github.com/Aleph-Alpha/ts-rs). Do not edit this file manually.

-export type Environment = { model: "environment", id: string, workspaceId: string, createdAt: string, updatedAt: string, name: string, public: boolean, parentModel: string, parentId: string | null, variables: Array<EnvironmentVariable>, color: string | null, };
+export type Environment = { model: "environment", id: string, workspaceId: string, createdAt: string, updatedAt: string, name: string, public: boolean, parentModel: string, parentId: string | null, variables: Array<EnvironmentVariable>, color: string | null, sortPriority: number, };

 export type EnvironmentVariable = { enabled?: boolean, name: string, value: string, id?: string, };

--- a/src-tauri/yaak-git/build.rs
+++ b/src-tauri/yaak-git/build.rs
@@ -1,5 +1,7 @@
 const COMMANDS: &[&str] = &[
    "add",
+    "add_credential",
+    "add_remote",
    "branch",
    "checkout",
    "commit",
@@ -10,6 +12,8 @@ const COMMANDS: &[&str] = &[
    "merge_branch",
    "pull",
    "push",
+    "remotes",
+    "rm_remote",
    "status",
    "unstage",
 ];
--- a/src-tauri/yaak-git/index.ts
+++ b/src-tauri/yaak-git/index.ts
@@ -1,96 +1,168 @@
-import { useMutation, useQuery, useQueryClient } from '@tanstack/react-query';
+import { useQuery } from '@tanstack/react-query';
 import { invoke } from '@tauri-apps/api/core';
-import { GitCommit, GitStatusSummary, PullResult, PushResult } from './bindings/gen_git';
+import { createFastMutation } from '@yaakapp/app/hooks/useFastMutation';
+import { queryClient } from '@yaakapp/app/lib/queryClient';
+import { useMemo } from 'react';
+import { GitCommit, GitRemote, GitStatusSummary, PullResult, PushResult } from './bindings/gen_git';

 export * from './bindings/gen_git';

-export function useGit(dir: string) {
-  const queryClient = useQueryClient();
-  const onSuccess = () => queryClient.invalidateQueries({ queryKey: ['git'] });
+export interface GitCredentials {
+  username: string;
+  password: string;
+}

+export interface GitCallbacks {
+  addRemote: () => Promise<GitRemote | null>;
+  promptCredentials: (
+    result: Extract<PushResult, { type: 'needs_credentials' }>,
+  ) => Promise<GitCredentials | null>;
+}
+
+const onSuccess = () => queryClient.invalidateQueries({ queryKey: ['git'] });
+
+export function useGit(dir: string, callbacks: GitCallbacks) {
+  const mutations = useMemo(() => gitMutations(dir, callbacks), [dir, callbacks]);
  return [
    {
-      log: useQuery<void, string, GitCommit[]>({
+      remotes: useQuery<GitRemote[], string>({
+        queryKey: ['git', 'remotes', dir],
+        queryFn: () => getRemotes(dir),
+      }),
+      log: useQuery<GitCommit[], string>({
        queryKey: ['git', 'log', dir],
        queryFn: () => invoke('plugin:yaak-git|log', { dir }),
      }),
-      status: useQuery<void, string, GitStatusSummary>({
+      status: useQuery<GitStatusSummary, string>({
        refetchOnMount: true,
        queryKey: ['git', 'status', dir],
        queryFn: () => invoke('plugin:yaak-git|status', { dir }),
      }),
    },
-    {
-      add: useMutation<void, string, { relaPaths: string[] }>({
-        mutationKey: ['git', 'add', dir],
-        mutationFn: (args) => invoke('plugin:yaak-git|add', { dir, ...args }),
-        onSuccess,
-      }),
-      branch: useMutation<void, string, { branch: string }>({
-        mutationKey: ['git', 'branch', dir],
-        mutationFn: (args) => invoke('plugin:yaak-git|branch', { dir, ...args }),
-        onSuccess,
-      }),
-      mergeBranch: useMutation<void, string, { branch: string; force: boolean }>({
-        mutationKey: ['git', 'merge', dir],
-        mutationFn: (args) => invoke('plugin:yaak-git|merge_branch', { dir, ...args }),
-        onSuccess,
-      }),
-      deleteBranch: useMutation<void, string, { branch: string }>({
-        mutationKey: ['git', 'delete-branch', dir],
-        mutationFn: (args) => invoke('plugin:yaak-git|delete_branch', { dir, ...args }),
-        onSuccess,
-      }),
-      checkout: useMutation<string, string, { branch: string; force: boolean }>({
-        mutationKey: ['git', 'checkout', dir],
-        mutationFn: (args) => invoke('plugin:yaak-git|checkout', { dir, ...args }),
-        onSuccess,
-      }),
-      commit: useMutation<void, string, { message: string }>({
-        mutationKey: ['git', 'commit', dir],
-        mutationFn: (args) => invoke('plugin:yaak-git|commit', { dir, ...args }),
-        onSuccess,
-      }),
-      commitAndPush: useMutation<PushResult, string, { message: string }>({
-        mutationKey: ['git', 'commit_push', dir],
-        mutationFn: async (args) => {
-          await invoke('plugin:yaak-git|commit', { dir, ...args });
-          return invoke('plugin:yaak-git|push', { dir });
-        },
-        onSuccess,
-      }),
-      fetchAll: useMutation<string, string, void>({
-        mutationKey: ['git', 'checkout', dir],
-        mutationFn: () => invoke('plugin:yaak-git|fetch_all', { dir }),
-        onSuccess,
-      }),
-      push: useMutation<PushResult, string, void>({
-        mutationKey: ['git', 'push', dir],
-        mutationFn: () => invoke('plugin:yaak-git|push', { dir }),
-        onSuccess,
-      }),
-      pull: useMutation<PullResult, string, void>({
-        mutationKey: ['git', 'pull', dir],
-        mutationFn: () => invoke('plugin:yaak-git|pull', { dir }),
-        onSuccess,
-      }),
-      unstage: useMutation<void, string, { relaPaths: string[] }>({
-        mutationKey: ['git', 'unstage', dir],
-        mutationFn: (args) => invoke('plugin:yaak-git|unstage', { dir, ...args }),
-        onSuccess,
-      }),
-      init: useGitInit(),
-    },
+    mutations,
  ] as const;
 }

-export function useGitInit() {
-  const queryClient = useQueryClient();
-  const onSuccess = () => queryClient.invalidateQueries({ queryKey: ['git'] });
+export const gitMutations = (dir: string, callbacks: GitCallbacks) => {
+  const push = async () => {
+    const remotes = await getRemotes(dir);
+    if (remotes.length === 0) {
+      const remote = await callbacks.addRemote();
+      if (remote == null) throw new Error('No remote found');
+    }

-  return useMutation<void, string, { dir: string }>({
-    mutationKey: ['git', 'init'],
-    mutationFn: (args) => invoke('plugin:yaak-git|initialize', { ...args }),
-    onSuccess,
-  });
+    const result = await invoke<PushResult>('plugin:yaak-git|push', { dir });
+    if (result.type !== 'needs_credentials') return result;
+
+    // Needs credentials, prompt for them
+    const creds = await callbacks.promptCredentials(result);
+    if (creds == null) throw new Error('Canceled');
+
+    await invoke('plugin:yaak-git|add_credential', {
+      dir,
+      remoteUrl: result.url,
+      username: creds.username,
+      password: creds.password,
+    });
+
+    // Push again
+    return invoke<PushResult>('plugin:yaak-git|push', { dir });
+  };
+
+  return {
+    init: createFastMutation<void, string, void>({
+      mutationKey: ['git', 'init'],
+      mutationFn: () => invoke('plugin:yaak-git|initialize', { dir }),
+      onSuccess,
+    }),
+    add: createFastMutation<void, string, { relaPaths: string[] }>({
+      mutationKey: ['git', 'add', dir],
+      mutationFn: (args) => invoke('plugin:yaak-git|add', { dir, ...args }),
+      onSuccess,
+    }),
+    addRemote: createFastMutation<GitRemote, string, GitRemote>({
+      mutationKey: ['git', 'add-remote'],
+      mutationFn: (args) => invoke('plugin:yaak-git|add_remote', { dir, ...args }),
+      onSuccess,
+    }),
+    rmRemote: createFastMutation<void, string, { name: string }>({
+      mutationKey: ['git', 'rm-remote', dir],
+      mutationFn: (args) => invoke('plugin:yaak-git|rm_remote', { dir, ...args }),
+      onSuccess,
+    }),
+    branch: createFastMutation<void, string, { branch: string }>({
+      mutationKey: ['git', 'branch', dir],
+      mutationFn: (args) => invoke('plugin:yaak-git|branch', { dir, ...args }),
+      onSuccess,
+    }),
+    mergeBranch: createFastMutation<void, string, { branch: string; force: boolean }>({
+      mutationKey: ['git', 'merge', dir],
+      mutationFn: (args) => invoke('plugin:yaak-git|merge_branch', { dir, ...args }),
+      onSuccess,
+    }),
+    deleteBranch: createFastMutation<void, string, { branch: string }>({
+      mutationKey: ['git', 'delete-branch', dir],
+      mutationFn: (args) => invoke('plugin:yaak-git|delete_branch', { dir, ...args }),
+      onSuccess,
+    }),
+    checkout: createFastMutation<string, string, { branch: string; force: boolean }>({
+      mutationKey: ['git', 'checkout', dir],
+      mutationFn: (args) => invoke('plugin:yaak-git|checkout', { dir, ...args }),
+      onSuccess,
+    }),
+    commit: createFastMutation<void, string, { message: string }>({
+      mutationKey: ['git', 'commit', dir],
+      mutationFn: (args) => invoke('plugin:yaak-git|commit', { dir, ...args }),
+      onSuccess,
+    }),
+    commitAndPush: createFastMutation<PushResult, string, { message: string }>({
+      mutationKey: ['git', 'commit_push', dir],
+      mutationFn: async (args) => {
+        await invoke('plugin:yaak-git|commit', { dir, ...args });
+        return push();
+      },
+      onSuccess,
+    }),
+    fetchAll: createFastMutation<string, string, void>({
+      mutationKey: ['git', 'checkout', dir],
+      mutationFn: () => invoke('plugin:yaak-git|fetch_all', { dir }),
+      onSuccess,
+    }),
+    push: createFastMutation<PushResult, string, void>({
+      mutationKey: ['git', 'push', dir],
+      mutationFn: push,
+      onSuccess,
+    }),
+    pull: createFastMutation<PullResult, string, void>({
+      mutationKey: ['git', 'pull', dir],
+      async mutationFn() {
+        const result = await invoke<PullResult>('plugin:yaak-git|pull', { dir });
+        if (result.type !== 'needs_credentials') return result;
+
+        // Needs credentials, prompt for them
+        const creds = await callbacks.promptCredentials(result);
+        if (creds == null) throw new Error('Canceled');
+
+        await invoke('plugin:yaak-git|add_credential', {
+          dir,
+          remoteUrl: result.url,
+          username: creds.username,
+          password: creds.password,
+        });
+
+        // Pull again
+        return invoke<PullResult>('plugin:yaak-git|pull', { dir });
+      },
+      onSuccess,
+    }),
+    unstage: createFastMutation<void, string, { relaPaths: string[] }>({
+      mutationKey: ['git', 'unstage', dir],
+      mutationFn: (args) => invoke('plugin:yaak-git|unstage', { dir, ...args }),
+      onSuccess,
+    }),
+  } as const;
+};
+
+async function getRemotes(dir: string) {
+  return invoke<GitRemote[]>('plugin:yaak-git|remotes', { dir });
 }
--- a/src-tauri/yaak-git/permissions/default.toml
+++ b/src-tauri/yaak-git/permissions/default.toml
@@ -2,6 +2,8 @@
 description = "Default permissions for the plugin"
 permissions = [
    "allow-add",
+    "allow-add-credential",
+    "allow-add-remote",
    "allow-branch",
    "allow-checkout",
    "allow-commit",
@@ -12,6 +14,8 @@ permissions = [
    "allow-merge-branch",
    "allow-pull",
    "allow-push",
+    "allow-remotes",
+    "allow-rm-remote",
    "allow-status",
    "allow-unstage",
 ]
--- a/src-tauri/yaak-git/src/add.rs
+++ b/src-tauri/yaak-git/src/add.rs
@@ -0,0 +1,16 @@
+use crate::error::Result;
+use crate::repository::open_repo;
+use git2::IndexAddOption;
+use log::info;
+use std::path::Path;
+
+pub(crate) fn git_add(dir: &Path, rela_path: &Path) -> Result<()> {
+    let repo = open_repo(dir)?;
+    let mut index = repo.index()?;
+
+    info!("Staging file {rela_path:?} to {dir:?}");
+    index.add_all(&[rela_path], IndexAddOption::DEFAULT, None)?;
+    index.write()?;
+
+    Ok(())
+}
--- a/src-tauri/yaak-git/src/binary.rs
+++ b/src-tauri/yaak-git/src/binary.rs
@@ -0,0 +1,16 @@
+use crate::error::Error::GitNotFound;
+use crate::error::Result;
+use std::path::Path;
+use std::process::Command;
+
+pub(crate) fn new_binary_command(dir: &Path) -> Result<Command> {
+    let status = Command::new("git").arg("--version").status();
+
+    if let Err(_) = status {
+        return Err(GitNotFound);
+    }
+
+    let mut cmd = Command::new("git");
+    cmd.arg("-C").arg(dir);
+    Ok(cmd)
+}
--- a/src-tauri/yaak-git/src/branch.rs
+++ b/src-tauri/yaak-git/src/branch.rs
@@ -2,26 +2,12 @@ use crate::error::Error::GenericError;
 use crate::error::Result;
 use crate::merge::do_merge;
 use crate::repository::open_repo;
-use crate::util::{
-    bytes_to_string, get_branch_by_name, get_current_branch, get_default_remote_for_push_in_repo,
-};
+use crate::util::{bytes_to_string, get_branch_by_name, get_current_branch};
+use git2::BranchType;
 use git2::build::CheckoutBuilder;
-use git2::{BranchType, Repository};
 use log::info;
 use std::path::Path;

-pub(crate) fn branch_set_upstream_after_push(repo: &Repository, branch_name: &str) -> Result<()> {
-    let mut branch = repo.find_branch(branch_name, BranchType::Local)?;
-
-    if branch.upstream().is_err() {
-        let remote = get_default_remote_for_push_in_repo(repo)?;
-        let upstream_name = format!("{remote}/{branch_name}");
-        branch.set_upstream(Some(upstream_name.as_str()))?;
-    }
-
-    Ok(())
-}
-
 pub(crate) fn git_checkout_branch(dir: &Path, branch_name: &str, force: bool) -> Result<String> {
    if branch_name.starts_with("origin/") {
        return git_checkout_remote_branch(dir, branch_name, force);
@@ -43,7 +29,11 @@ pub(crate) fn git_checkout_branch(dir: &Path, branch_name: &str, force: bool) ->
    Ok(branch_name.to_string())
 }

-pub(crate) fn git_checkout_remote_branch(dir: &Path, branch_name: &str, force: bool) -> Result<String> {
+pub(crate) fn git_checkout_remote_branch(
+    dir: &Path,
+    branch_name: &str,
+    force: bool,
+) -> Result<String> {
    let branch_name = branch_name.trim_start_matches("origin/");
    let repo = open_repo(dir)?;

@@ -55,7 +45,7 @@ pub(crate) fn git_checkout_remote_branch(dir: &Path, branch_name: &str, force: b
    let upstream_name = format!("origin/{}", branch_name);
    new_branch.set_upstream(Some(&upstream_name))?;

-    return git_checkout_branch(dir, branch_name, force)
+    git_checkout_branch(dir, branch_name, force)
 }

 pub(crate) fn git_create_branch(dir: &Path, name: &str) -> Result<()> {
--- a/src-tauri/yaak-git/src/callbacks.rs
+++ b/src-tauri/yaak-git/src/callbacks.rs
@@ -1,76 +0,0 @@
-use git2::{Cred, RemoteCallbacks};
-use log::{debug, info};
-use crate::util::find_ssh_key;
-
-pub(crate) fn default_callbacks<'s>() -> RemoteCallbacks<'s> {
-    let mut callbacks = RemoteCallbacks::new();
-
-    let mut fail_next_call = false;
-    let mut tried_agent = false;
-
-    callbacks.credentials(move |url, username_from_url, allowed_types| {
-        if fail_next_call {
-            info!("Failed to get credentials for push");
-            return Err(git2::Error::from_str("Bad credentials."));
-        }
-
-        debug!("getting credentials {url} {username_from_url:?} {allowed_types:?}");
-        match (allowed_types.is_ssh_key(), username_from_url) {
-            (true, Some(username)) => {
-                if !tried_agent {
-                    tried_agent = true;
-                    return Cred::ssh_key_from_agent(username);
-                }
-
-                fail_next_call = true; // This is our last try
-
-                // If the agent failed, try using the default SSH key
-                if let Some(key) = find_ssh_key() {
-                    Cred::ssh_key(username, None, key.as_path(), None)
-                } else {
-                    Err(git2::Error::from_str(
-                        "Bad credentials. Ensure your key was added using ssh-add",
-                    ))
-                }
-            }
-            (true, None) => Err(git2::Error::from_str("Couldn't get username from url")),
-            _ => {
-                return Err(git2::Error::from_str("https remotes are not (yet) supported"));
-            }
-        }
-    });
-
-    callbacks.push_transfer_progress(|current, total, bytes| {
-        debug!("progress: {}/{} ({} B)", current, total, bytes,);
-    });
-
-    callbacks.transfer_progress(|p| {
-        debug!("transfer: {}/{}", p.received_objects(), p.total_objects());
-        true
-    });
-
-    callbacks.pack_progress(|stage, current, total| {
-        debug!("packing: {:?} - {}/{}", stage, current, total);
-    });
-
-    callbacks.push_update_reference(|reference, msg| {
-        debug!("push_update_reference: '{}' {:?}", reference, msg);
-        Ok(())
-    });
-
-    callbacks.update_tips(|name, a, b| {
-        debug!("update tips: '{}' {} -> {}", name, a, b);
-        if a != b {
-            // let mut push_result = push_result.lock().unwrap();
-            // *push_result = PushResult::Success
-        }
-        true
-    });
-
-    callbacks.sideband_progress(|data| {
-        debug!("sideband transfer: '{}'", String::from_utf8_lossy(data).trim());
-        true
-    });
-
-    callbacks
-}
--- a/src-tauri/yaak-git/src/commands.rs
+++ b/src-tauri/yaak-git/src/commands.rs
@@ -1,13 +1,19 @@
+use crate::add::git_add;
 use crate::branch::{git_checkout_branch, git_create_branch, git_delete_branch, git_merge_branch};
+use crate::commit::git_commit;
+use crate::credential::git_add_credential;
 use crate::error::Result;
 use crate::fetch::git_fetch_all;
-use crate::git::{
-    git_add, git_commit, git_init, git_log, git_status, git_unstage, GitCommit, GitStatusSummary,
-};
-use crate::pull::{git_pull, PullResult};
-use crate::push::{git_push, PushResult};
+use crate::init::git_init;
+use crate::log::{GitCommit, git_log};
+use crate::pull::{PullResult, git_pull};
+use crate::push::{PushResult, git_push};
+use crate::remotes::{GitRemote, git_add_remote, git_remotes, git_rm_remote};
+use crate::status::{GitStatusSummary, git_status};
+use crate::unstage::git_unstage;
 use std::path::{Path, PathBuf};
 use tauri::command;
+
 // NOTE: All of these commands are async to prevent blocking work from locking up the UI

 #[command]
@@ -80,3 +86,28 @@ pub async fn unstage(dir: &Path, rela_paths: Vec<PathBuf>) -> Result<()> {
    }
    Ok(())
 }
+
+#[command]
+pub async fn add_credential(
+    dir: &Path,
+    remote_url: &str,
+    username: &str,
+    password: &str,
+) -> Result<()> {
+    git_add_credential(dir, remote_url, username, password).await
+}
+
+#[command]
+pub async fn remotes(dir: &Path) -> Result<Vec<GitRemote>> {
+    git_remotes(dir)
+}
+
+#[command]
+pub async fn add_remote(dir: &Path, name: &str, url: &str) -> Result<GitRemote> {
+    git_add_remote(dir, name, url)
+}
+
+#[command]
+pub async fn rm_remote(dir: &Path, name: &str) -> Result<()> {
+    git_rm_remote(dir, name)
+}
--- a/src-tauri/yaak-git/src/commit.rs
+++ b/src-tauri/yaak-git/src/commit.rs
@@ -0,0 +1,20 @@
+use crate::binary::new_binary_command;
+use crate::error::Error::GenericError;
+use log::info;
+use std::path::Path;
+
+pub(crate) fn git_commit(dir: &Path, message: &str) -> crate::error::Result<()> {
+    let out = new_binary_command(dir)?.args(["commit", "--message", message]).output()?;
+
+    let stdout = String::from_utf8_lossy(&out.stdout);
+    let stderr = String::from_utf8_lossy(&out.stderr);
+    let combined = stdout + stderr;
+
+    if !out.status.success() {
+        return Err(GenericError(format!("Failed to commit: {}", combined)));
+    }
+
+    info!("Committed to {dir:?}");
+
+    Ok(())
+}
--- a/src-tauri/yaak-git/src/credential.rs
+++ b/src-tauri/yaak-git/src/credential.rs
@@ -0,0 +1,47 @@
+use crate::binary::new_binary_command;
+use crate::error::Error::GenericError;
+use crate::error::Result;
+use std::io::Write;
+use std::path::Path;
+use std::process::Stdio;
+use tauri::Url;
+
+pub(crate) async fn git_add_credential(
+    dir: &Path,
+    remote_url: &str,
+    username: &str,
+    password: &str,
+) -> Result<()> {
+    let url = Url::parse(remote_url)
+        .map_err(|e| GenericError(format!("Failed to parse remote url {remote_url}: {e:?}")))?;
+    let protocol = url.scheme();
+    let host = url.host_str().unwrap();
+    let path = Some(url.path());
+
+    let mut child = new_binary_command(dir)?
+        .args(["credential", "approve"])
+        .stdin(Stdio::piped())
+        .stdout(Stdio::null())
+        .spawn()?;
+
+    {
+        let stdin = child.stdin.as_mut().unwrap();
+        writeln!(stdin, "protocol={}", protocol)?;
+        writeln!(stdin, "host={}", host)?;
+        if let Some(path) = path {
+            if !path.is_empty() {
+                writeln!(stdin, "path={}", path.trim_start_matches('/'))?;
+            }
+        }
+        writeln!(stdin, "username={}", username)?;
+        writeln!(stdin, "password={}", password)?;
+        writeln!(stdin)?; // blank line terminator
+    }
+
+    let status = child.wait()?;
+    if !status.success() {
+        return Err(GenericError("Failed to approve git credential".to_string()));
+    }
+
+    Ok(())
+}
--- a/src-tauri/yaak-git/src/error.rs
+++ b/src-tauri/yaak-git/src/error.rs
@@ -33,9 +33,18 @@ pub enum Error {
    #[error("Git error: {0}")]
    GenericError(String),

+    #[error("'git' not found. Please ensure it's installed and available in $PATH")]
+    GitNotFound,
+
+    #[error("Credentials required: {0}")]
+    CredentialsRequiredError(String),
+
    #[error("No default remote found")]
    NoDefaultRemoteFound,

+    #[error("No remotes found for repo")]
+    NoRemotesFound,
+
    #[error("Merge failed due to conflicts")]
    MergeConflicts,

--- a/src-tauri/yaak-git/src/fetch.rs
+++ b/src-tauri/yaak-git/src/fetch.rs
@@ -1,37 +1,20 @@
-use crate::callbacks::default_callbacks;
+use crate::binary::new_binary_command;
+use crate::error::Error::GenericError;
 use crate::error::Result;
-use crate::repository::open_repo;
-use git2::{FetchOptions, ProxyOptions, Repository};
 use std::path::Path;

 pub(crate) fn git_fetch_all(dir: &Path) -> Result<()> {
-    let repo = open_repo(dir)?;
-    let remotes = repo.remotes()?.iter().flatten().map(String::from).collect::<Vec<_>>();
+    let out = new_binary_command(dir)?
+        .args(["fetch", "--all", "--prune", "--tags"])
+        .output()
+        .map_err(|e| GenericError(format!("failed to run git pull: {e}")))?;
+    let stdout = String::from_utf8_lossy(&out.stdout);
+    let stderr = String::from_utf8_lossy(&out.stderr);
+    let combined = stdout + stderr;

-    for (_idx, remote) in remotes.into_iter().enumerate() {
-        fetch_from_remote(&repo, &remote)?;
+    if !out.status.success() {
+        return Err(GenericError(format!("Failed to fetch: {}", combined)));
    }

    Ok(())
 }
-
-fn fetch_from_remote(repo: &Repository, remote: &str) -> Result<()> {
-    let mut remote = repo.find_remote(remote)?;
-
-    let mut options = FetchOptions::new();
-    let callbacks = default_callbacks();
-
-    options.prune(git2::FetchPrune::On);
-    let mut proxy = ProxyOptions::new();
-    proxy.auto();
-
-    options.proxy_options(proxy);
-    options.download_tags(git2::AutotagOption::All);
-    options.remote_callbacks(callbacks);
-
-    remote.fetch(&[] as &[&str], Some(&mut options), None)?;
-    // fetch tags (also removing remotely deleted ones)
-    remote.fetch(&["refs/tags/*:refs/tags/*"], Some(&mut options), None)?;
-
-    Ok(())
-}
--- a/src-tauri/yaak-git/src/git.rs
+++ b/src-tauri/yaak-git/src/git.rs
@@ -1,673 +0,0 @@
-use crate::error::Result;
-use crate::repository::open_repo;
-use crate::util::{local_branch_names, remote_branch_names};
-use chrono::{DateTime, Utc};
-use git2::IndexAddOption;
-use log::{info, warn};
-use serde::{Deserialize, Serialize};
-use std::fs;
-use std::path::Path;
-use ts_rs::TS;
-use yaak_sync::models::SyncModel;
-
-#[derive(Debug, Clone, Serialize, Deserialize, TS, PartialEq)]
-#[serde(rename_all = "camelCase")]
-#[ts(export, export_to = "gen_git.ts")]
-pub struct GitStatusSummary {
-    pub path: String,
-    pub head_ref: Option<String>,
-    pub head_ref_shorthand: Option<String>,
-    pub entries: Vec<GitStatusEntry>,
-    pub origins: Vec<String>,
-    pub local_branches: Vec<String>,
-    pub remote_branches: Vec<String>,
-}
-
-#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export, export_to = "gen_git.ts")]
-pub struct GitStatusEntry {
-    pub rela_path: String,
-    pub status: GitStatus,
-    pub staged: bool,
-    pub prev: Option<SyncModel>,
-    pub next: Option<SyncModel>,
-}
-
-#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, TS)]
-#[serde(rename_all = "snake_case")]
-#[ts(export, export_to = "gen_git.ts")]
-pub enum GitStatus {
-    Untracked,
-    Conflict,
-    Current,
-    Modified,
-    Removed,
-    Renamed,
-    TypeChange,
-}
-
-#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export, export_to = "gen_git.ts")]
-pub struct GitCommit {
-    author: GitAuthor,
-    when: DateTime<Utc>,
-    message: Option<String>,
-}
-
-#[derive(Debug, Clone, PartialEq, Serialize, Deserialize, TS)]
-#[serde(rename_all = "camelCase")]
-#[ts(export, export_to = "gen_git.ts")]
-pub struct GitAuthor {
-    name: Option<String>,
-    email: Option<String>,
-}
-
-pub fn git_init(dir: &Path) -> Result<()> {
-    git2::Repository::init(dir)?;
-    let repo = open_repo(dir)?;
-    // Default to main instead of master, to align with
-    // the official Git and GitHub behavior
-    repo.set_head("refs/heads/main")?;
-    info!("Initialized {dir:?}");
-    Ok(())
-}
-
-pub fn git_add(dir: &Path, rela_path: &Path) -> Result<()> {
-    let repo = open_repo(dir)?;
-    let mut index = repo.index()?;
-
-    info!("Staging file {rela_path:?} to {dir:?}");
-    index.add_all(&[rela_path], IndexAddOption::DEFAULT, None)?;
-    index.write()?;
-
-    Ok(())
-}
-
-pub fn git_unstage(dir: &Path, rela_path: &Path) -> Result<()> {
-    let repo = open_repo(dir)?;
-
-    let head = match repo.head() {
-        Ok(h) => h,
-        Err(e) if e.code() == git2::ErrorCode::UnbornBranch => {
-            info!("Unstaging file in empty branch {rela_path:?} to {dir:?}");
-            // Repo has no commits, so "unstage" means remove from index
-            let mut index = repo.index()?;
-            index.remove_path(rela_path)?;
-            index.write()?;
-            return Ok(());
-        }
-        Err(e) => return Err(e.into()),
-    };
-
-    // If repo has commits, update the index entry back to HEAD
-    info!("Unstaging file {rela_path:?} to {dir:?}");
-    let commit = head.peel_to_commit()?;
-    repo.reset_default(Some(commit.as_object()), &[rela_path])?;
-
-    Ok(())
-}
-
-pub fn git_commit(dir: &Path, message: &str) -> Result<()> {
-    let repo = open_repo(dir)?;
-
-    // Clear the in-memory index, add the paths, and write the tree for committing
-    let tree_oid = repo.index()?.write_tree()?;
-    let tree = repo.find_tree(tree_oid)?;
-
-    // Make the signature
-    let config = repo.config()?.snapshot()?;
-    let name = config.get_str("user.name").unwrap_or("Unknown");
-    let email = config.get_str("user.email")?;
-    let sig = git2::Signature::now(name, email)?;
-
-    // Get the current HEAD commit (if it exists)
-    let parent_commit = match repo.head() {
-        Ok(head) => Some(head.peel_to_commit()?),
-        Err(_) => None, // No parent if no HEAD exists (initial commit)
-    };
-
-    let parents = parent_commit.as_ref().map(|p| vec![p]).unwrap_or_default();
-    repo.commit(Some("HEAD"), &sig, &sig, message, &tree, parents.as_slice())?;
-
-    info!("Committed to {dir:?}");
-
-    Ok(())
-}
-
-pub fn git_log(dir: &Path) -> Result<Vec<GitCommit>> {
-    let repo = open_repo(dir)?;
-
-    // Return empty if empty repo or no head (new repo)
-    if repo.is_empty()? || repo.head().is_err() {
-        return Ok(vec![]);
-    }
-
-    let mut revwalk = repo.revwalk()?;
-    revwalk.push_head()?;
-    revwalk.set_sorting(git2::Sort::TIME)?;
-
-    // Run git log
-    macro_rules! filter_try {
-        ($e:expr) => {
-            match $e {
-                Ok(t) => t,
-                Err(_) => return None,
-            }
-        };
-    }
-    let log: Vec<GitCommit> = revwalk
-        .filter_map(|oid| {
-            let oid = filter_try!(oid);
-            let commit = filter_try!(repo.find_commit(oid));
-            let author = commit.author();
-            Some(GitCommit {
-                author: GitAuthor {
-                    name: author.name().map(|s| s.to_string()),
-                    email: author.email().map(|s| s.to_string()),
-                },
-                when: convert_git_time_to_date(author.when()),
-                message: commit.message().map(|m| m.to_string()),
-            })
-        })
-        .collect();
-
-    Ok(log)
-}
-
-pub fn git_status(dir: &Path) -> Result<GitStatusSummary> {
-    let repo = open_repo(dir)?;
-    let (head_tree, head_ref, head_ref_shorthand) = match repo.head() {
-        Ok(head) => {
-            let tree = head.peel_to_tree().ok();
-            let head_ref_shorthand = head.shorthand().map(|s| s.to_string());
-            let head_ref = head.name().map(|s| s.to_string());
-
-            (tree, head_ref, head_ref_shorthand)
-        }
-        Err(_) => {
-            // For "unborn" repos, reading from HEAD is the only way to get the branch name
-            // See https://github.com/starship/starship/pull/1336
-            let head_path = repo.path().join("HEAD");
-            let head_ref = fs::read_to_string(&head_path)
-                .ok()
-                .unwrap_or_default()
-                .lines()
-                .next()
-                .map(|s| s.trim_start_matches("ref:").trim().to_string());
-            let head_ref_shorthand =
-                head_ref.clone().map(|r| r.split('/').last().unwrap_or("unknown").to_string());
-            (None, head_ref, head_ref_shorthand)
-        }
-    };
-
-    let mut opts = git2::StatusOptions::new();
-    opts.include_ignored(false)
-        .include_untracked(true) // Include untracked
-        .recurse_untracked_dirs(true) // Show all untracked
-        .include_unmodified(true); // Include unchanged
-
-    // TODO: Support renames
-
-    let mut entries: Vec<GitStatusEntry> = Vec::new();
-    for entry in repo.statuses(Some(&mut opts))?.into_iter() {
-        let rela_path = entry.path().unwrap().to_string();
-        let status = entry.status();
-        let index_status = match status {
-            // Note: order matters here, since we're checking a bitmap!
-            s if s.contains(git2::Status::CONFLICTED) => GitStatus::Conflict,
-            s if s.contains(git2::Status::INDEX_NEW) => GitStatus::Untracked,
-            s if s.contains(git2::Status::INDEX_MODIFIED) => GitStatus::Modified,
-            s if s.contains(git2::Status::INDEX_DELETED) => GitStatus::Removed,
-            s if s.contains(git2::Status::INDEX_RENAMED) => GitStatus::Renamed,
-            s if s.contains(git2::Status::INDEX_TYPECHANGE) => GitStatus::TypeChange,
-            s if s.contains(git2::Status::CURRENT) => GitStatus::Current,
-            s => {
-                warn!("Unknown index status {s:?}");
-                continue;
-            }
-        };
-
-        let worktree_status = match status {
-            // Note: order matters here, since we're checking a bitmap!
-            s if s.contains(git2::Status::CONFLICTED) => GitStatus::Conflict,
-            s if s.contains(git2::Status::WT_NEW) => GitStatus::Untracked,
-            s if s.contains(git2::Status::WT_MODIFIED) => GitStatus::Modified,
-            s if s.contains(git2::Status::WT_DELETED) => GitStatus::Removed,
-            s if s.contains(git2::Status::WT_RENAMED) => GitStatus::Renamed,
-            s if s.contains(git2::Status::WT_TYPECHANGE) => GitStatus::TypeChange,
-            s if s.contains(git2::Status::CURRENT) => GitStatus::Current,
-            s => {
-                warn!("Unknown worktree status {s:?}");
-                continue;
-            }
-        };
-
-        let status = if index_status == GitStatus::Current {
-            worktree_status.clone()
-        } else {
-            index_status.clone()
-        };
-
-        let staged = if index_status == GitStatus::Current && worktree_status == GitStatus::Current
-        {
-            // No change, so can't be added
-            false
-        } else if index_status != GitStatus::Current {
-            true
-        } else {
-            false
-        };
-
-        // Get previous content from Git, if it's in there
-        let prev = match head_tree.clone() {
-            None => None,
-            Some(t) => match t.get_path(&Path::new(&rela_path)) {
-                Ok(entry) => {
-                    let obj = entry.to_object(&repo)?;
-                    let content = obj.as_blob().unwrap().content();
-                    let name = Path::new(entry.name().unwrap_or_default());
-                    SyncModel::from_bytes(content.into(), name)?.map(|m| m.0)
-                }
-                Err(_) => None,
-            },
-        };
-
-        let next = {
-            let full_path = repo.workdir().unwrap().join(rela_path.clone());
-            SyncModel::from_file(full_path.as_path())?.map(|m| m.0)
-        };
-
-        entries.push(GitStatusEntry {
-            status,
-            staged,
-            rela_path,
-            prev: prev.clone(),
-            next: next.clone(),
-        })
-    }
-
-    let origins = repo.remotes()?.into_iter().filter_map(|o| Some(o?.to_string())).collect();
-    let local_branches = local_branch_names(&repo)?;
-    let remote_branches = remote_branch_names(&repo)?;
-
-    Ok(GitStatusSummary {
-        entries,
-        origins,
-        path: dir.to_string_lossy().to_string(),
-        head_ref,
-        head_ref_shorthand,
-        local_branches,
-        remote_branches,
-    })
-}
-
-#[cfg(test)]
-fn convert_git_time_to_date(_git_time: git2::Time) -> DateTime<Utc> {
-    DateTime::from_timestamp(0, 0).unwrap()
-}
-
-#[cfg(not(test))]
-fn convert_git_time_to_date(git_time: git2::Time) -> DateTime<Utc> {
-    let timestamp = git_time.seconds();
-    DateTime::from_timestamp(timestamp, 0).unwrap()
-}
-
-// // Write a test
-// #[cfg(test)]
-// mod test {
-//     use crate::error::Error::GitRepoNotFound;
-//     use crate::error::Result;
-//     use crate::git::{
-//         git_add, git_commit, git_init, git_log, git_status, git_unstage, open_repo, GitStatus,
-//         GitStatusEntry,
-//     };
-//     use std::fs::{create_dir_all, remove_file, File};
-//     use std::io::Write;
-//     use std::path::{Path, PathBuf};
-//     use tempdir::TempDir;
-//
-//     fn new_dir() -> PathBuf {
-//         let p = TempDir::new("yaak-git").unwrap().into_path();
-//         p
-//     }
-//
-//     fn new_file(path: &Path, content: &str) {
-//         let parent = path.parent().unwrap();
-//         create_dir_all(parent).unwrap();
-//         File::create(path).unwrap().write_all(content.as_bytes()).unwrap();
-//     }
-//
-//     #[tokio::test]
-//     async fn test_status_no_repo() {
-//         let dir = &new_dir();
-//         let result = git_status(dir).await;
-//         assert!(matches!(result, Err(GitRepoNotFound(_))));
-//     }
-//
-//     #[test]
-//     fn test_open_repo() -> Result<()> {
-//         let dir = &new_dir();
-//         git_init(dir)?;
-//         open_repo(dir.as_path())?;
-//         Ok(())
-//     }
-//
-//     #[test]
-//     fn test_open_repo_from_subdir() -> Result<()> {
-//         let dir = &new_dir();
-//         git_init(dir)?;
-//
-//         let sub_dir = dir.join("a").join("b");
-//         create_dir_all(sub_dir.as_path())?; // Create sub dir
-//
-//         open_repo(sub_dir.as_path())?;
-//         Ok(())
-//     }
-//
-//     #[tokio::test]
-//     async fn test_status() -> Result<()> {
-//         let dir = &new_dir();
-//         git_init(dir)?;
-//
-//         assert_eq!(git_status(dir).await?.entries, Vec::new());
-//
-//         new_file(&dir.join("foo.txt"), "foo");
-//         new_file(&dir.join("bar.txt"), "bar");
-//         new_file(&dir.join("dir/baz.txt"), "baz");
-//         assert_eq!(
-//             git_status(dir).await?.entries,
-//             vec![
-//                 GitStatusEntry {
-//                     rela_path: "bar.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: false,
-//                     prev: None,
-//                     next: Some("bar".to_string()),
-//                 },
-//                 GitStatusEntry {
-//                     rela_path: "dir/baz.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: false,
-//                     prev: None,
-//                     next: Some("baz".to_string()),
-//                 },
-//                 GitStatusEntry {
-//                     rela_path: "foo.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: false,
-//                     prev: None,
-//                     next: Some("foo".to_string()),
-//                 },
-//             ],
-//         );
-//         Ok(())
-//     }
-//
-//     #[tokio::test]
-//     fn test_add() -> Result<()> {
-//         let dir = &new_dir();
-//         git_init(dir)?;
-//
-//         new_file(&dir.join("foo.txt"), "foo");
-//         new_file(&dir.join("bar.txt"), "bar");
-//
-//         git_add(dir, Path::new("foo.txt"))?;
-//
-//         assert_eq!(
-//             git_status(dir).await?.entries,
-//             vec![
-//                 GitStatusEntry {
-//                     rela_path: "bar.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: false,
-//                     prev: None,
-//                     next: Some("bar".to_string()),
-//                 },
-//                 GitStatusEntry {
-//                     rela_path: "foo.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: true,
-//                     prev: None,
-//                     next: Some("foo".to_string()),
-//                 },
-//             ],
-//         );
-//
-//         new_file(&dir.join("foo.txt"), "foo foo");
-//         assert_eq!(
-//             git_status(dir).await?.entries,
-//             vec![
-//                 GitStatusEntry {
-//                     rela_path: "bar.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: false,
-//                     prev: None,
-//                     next: Some("bar".to_string()),
-//                 },
-//                 GitStatusEntry {
-//                     rela_path: "foo.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: true,
-//                     prev: None,
-//                     next: Some("foo foo".to_string()),
-//                 },
-//             ],
-//         );
-//         Ok(())
-//     }
-//
-//     #[tokio::test]
-//     fn test_unstage() -> Result<()> {
-//         let dir = &new_dir();
-//         git_init(dir)?;
-//
-//         new_file(&dir.join("foo.txt"), "foo");
-//         new_file(&dir.join("bar.txt"), "bar");
-//
-//         git_add(dir, Path::new("foo.txt"))?;
-//         assert_eq!(
-//             git_status(dir).await?.entries,
-//             vec![
-//                 GitStatusEntry {
-//                     rela_path: "bar.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: false,
-//                     prev: None,
-//                     next: Some("bar".to_string()),
-//                 },
-//                 GitStatusEntry {
-//                     rela_path: "foo.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: true,
-//                     prev: None,
-//                     next: Some("foo".to_string()),
-//                 },
-//             ]
-//         );
-//
-//         git_unstage(dir, Path::new("foo.txt"))?;
-//         assert_eq!(
-//             git_status(dir).await?.entries,
-//             vec![
-//                 GitStatusEntry {
-//                     rela_path: "bar.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: false,
-//                     prev: None,
-//                     next: Some("bar".to_string()),
-//                 },
-//                 GitStatusEntry {
-//                     rela_path: "foo.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: false,
-//                     prev: None,
-//                     next: Some("foo".to_string()),
-//                 }
-//             ]
-//         );
-//
-//         Ok(())
-//     }
-//
-//     #[tokio::test]
-//     fn test_commit() -> Result<()> {
-//         let dir = &new_dir();
-//         git_init(dir)?;
-//
-//         new_file(&dir.join("foo.txt"), "foo");
-//         new_file(&dir.join("bar.txt"), "bar");
-//
-//         assert_eq!(
-//             git_status(dir).await?.entries,
-//             vec![
-//                 GitStatusEntry {
-//                     rela_path: "bar.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: false,
-//                     prev: None,
-//                     next: Some("bar".to_string()),
-//                 },
-//                 GitStatusEntry {
-//                     rela_path: "foo.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: false,
-//                     prev: None,
-//                     next: Some("foo".to_string()),
-//                 },
-//             ]
-//         );
-//
-//         git_add(dir, Path::new("foo.txt"))?;
-//         git_commit(dir, "This is my message")?;
-//
-//         assert_eq!(
-//             git_status(dir).await?.entries,
-//             vec![
-//                 GitStatusEntry {
-//                     rela_path: "bar.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: false,
-//                     prev: None,
-//                     next: Some("bar".to_string()),
-//                 },
-//                 GitStatusEntry {
-//                     rela_path: "foo.txt".to_string(),
-//                     status: GitStatus::Current,
-//                     staged: false,
-//                     prev: Some("foo".to_string()),
-//                     next: Some("foo".to_string()),
-//                 },
-//             ]
-//         );
-//
-//         new_file(&dir.join("foo.txt"), "foo foo");
-//         git_add(dir, Path::new("foo.txt"))?;
-//         assert_eq!(
-//             git_status(dir).await?.entries,
-//             vec![
-//                 GitStatusEntry {
-//                     rela_path: "bar.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: false,
-//                     prev: None,
-//                     next: Some("bar".to_string()),
-//                 },
-//                 GitStatusEntry {
-//                     rela_path: "foo.txt".to_string(),
-//                     status: GitStatus::Modified,
-//                     staged: true,
-//                     prev: Some("foo".to_string()),
-//                     next: Some("foo foo".to_string()),
-//                 },
-//             ]
-//         );
-//         Ok(())
-//     }
-//
-//     #[tokio::test]
-//     async fn test_add_removed_file() -> Result<()> {
-//         let dir = &new_dir();
-//         git_init(dir)?;
-//
-//         let foo_path = &dir.join("foo.txt");
-//         let bar_path = &dir.join("bar.txt");
-//
-//         new_file(foo_path, "foo");
-//         new_file(bar_path, "bar");
-//
-//         git_add(dir, Path::new("foo.txt"))?;
-//         git_commit(dir, "Initial commit")?;
-//
-//         remove_file(foo_path)?;
-//         assert_eq!(
-//             git_status(dir).await?.entries,
-//             vec![
-//                 GitStatusEntry {
-//                     rela_path: "bar.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: false,
-//                     prev: None,
-//                     next: Some("bar".to_string()),
-//                 },
-//                 GitStatusEntry {
-//                     rela_path: "foo.txt".to_string(),
-//                     status: GitStatus::Removed,
-//                     staged: false,
-//                     prev: Some("foo".to_string()),
-//                     next: None,
-//                 },
-//             ],
-//         );
-//
-//         git_add(dir, Path::new("foo.txt"))?;
-//         assert_eq!(
-//             git_status(dir).await?.entries,
-//             vec![
-//                 GitStatusEntry {
-//                     rela_path: "bar.txt".to_string(),
-//                     status: GitStatus::Added,
-//                     staged: false,
-//                     prev: None,
-//                     next: Some("bar".to_string()),
-//                 },
-//                 GitStatusEntry {
-//                     rela_path: "foo.txt".to_string(),
-//                     status: GitStatus::Removed,
-//                     staged: true,
-//                     prev: Some("foo".to_string()),
-//                     next: None,
-//                 },
-//             ],
-//         );
-//         Ok(())
-//     }
-//
-//     #[tokio::test]
-//     fn test_log_empty() -> Result<()> {
-//         let dir = &new_dir();
-//         git_init(dir)?;
-//
-//         let log = git_log(dir)?;
-//         assert_eq!(log.len(), 0);
-//         Ok(())
-//     }
-//
-//     #[test]
-//     fn test_log() -> Result<()> {
-//         let dir = &new_dir();
-//         git_init(dir)?;
-//
-//         new_file(&dir.join("foo.txt"), "foo");
-//         new_file(&dir.join("bar.txt"), "bar");
-//
-//         git_add(dir, Path::new("foo.txt"))?;
-//         git_commit(dir, "This is my message")?;
-//
-//         let log = git_log(dir)?;
-//         assert_eq!(log.len(), 1);
-//         assert_eq!(log.get(0).unwrap().message, Some("This is my message".to_string()));
-//         Ok(())
-//     }
-// }
--- a/src-tauri/yaak-git/src/init.rs
+++ b/src-tauri/yaak-git/src/init.rs
@@ -0,0 +1,14 @@
+use crate::error::Result;
+use crate::repository::open_repo;
+use log::info;
+use std::path::Path;
+
+pub(crate) fn git_init(dir: &Path) -> Result<()> {
+    git2::Repository::init(dir)?;
+    let repo = open_repo(dir)?;
+    // Default to main instead of master, to align with
+    // the official Git and GitHub behavior
+    repo.set_head("refs/heads/main")?;
+    info!("Initialized {dir:?}");
+    Ok(())
+}
--- a/src-tauri/yaak-git/src/lib.rs
+++ b/src-tauri/yaak-git/src/lib.rs
@@ -1,26 +1,34 @@
-use crate::commands::{add, branch, checkout, commit, delete_branch, fetch_all, initialize, log, merge_branch, pull, push, status, unstage};
+use crate::commands::{add, add_credential, add_remote, branch, checkout, commit, delete_branch, fetch_all, initialize, log, merge_branch, pull, push, remotes, rm_remote, status, unstage};
 use tauri::{
-    generate_handler,
+    Runtime, generate_handler,
    plugin::{Builder, TauriPlugin},
-    Runtime,
 };

+mod add;
+mod binary;
 mod branch;
-mod callbacks;
 mod commands;
-pub mod error;
+mod commit;
+mod credential;
 mod fetch;
-mod git;
+mod init;
+mod log;
 mod merge;
 mod pull;
 mod push;
+mod remotes;
 mod repository;
+mod status;
+mod unstage;
 mod util;
+pub mod error;

 pub fn init<R: Runtime>() -> TauriPlugin<R> {
    Builder::new("yaak-git")
        .invoke_handler(generate_handler![
            add,
+            add_credential,
+            add_remote,
            branch,
            checkout,
            commit,
@@ -31,8 +39,10 @@ pub fn init<R: Runtime>() -> TauriPlugin<R> {
            merge_branch,
            pull,
            push,
+            remotes,
+            rm_remote,
            status,
-            unstage
+            unstage,
        ])
        .build()
 }
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Gregory Schier	0e98a3e498	Fix prompt default value	2025-11-19 10:10:13 -08:00
Gregory Schier	17b6c945e6	Cap max height on template function dialog	2025-11-19 09:39:43 -08:00
Gregory Schier	474e761eb7	Fix prompt	2025-11-19 09:21:59 -08:00
Gregory Schier	1fbf9e50c4	Better keychain function descriptions	2025-11-19 09:15:50 -08:00
Gregory Schier	6863decd8e	Fix sidebar scroll into view	2025-11-18 13:30:37 -08:00
Gregory Schier	569e506f32	Try rel imports	2025-11-18 09:09:56 -08:00
Gregory Schier	6d7a08758f	Try rel imports	2025-11-18 09:09:39 -08:00
Gregory Schier	20dfd50a7d	Try without &&	2025-11-18 09:08:16 -08:00
Gregory Schier	d747eb5e45	Try again	2025-11-18 09:02:10 -08:00
Gregory Schier	81fca7c54f	Reverse order	2025-11-18 08:55:46 -08:00
Gregory Schier	5465efea84	Don't build in vendor-plugins	2025-11-18 08:53:55 -08:00
Gregory Schier	96a3630725	Fix package build order	2025-11-18 08:48:58 -08:00
Gregory Schier	f1b6c89186	Fix package types?	2025-11-18 08:39:07 -08:00
Gregory Schier	9c52652a5e	Move a bunch of git ops to use the git binary (#302 )	2025-11-17 15:22:39 -08:00
Gregory Schier	84219571e8	Improved prompt function add add ctx.* functions (#301 )	2025-11-15 08:19:58 -08:00
iammordaty	7ced183b11	Change wording from "Show sidebar" to "Toggle sidebar" (#300 )	2025-11-13 13:40:51 -08:00
Gregor Majcen	593a7ab7e5	Add an option to allow jsonpath/xpath to return as array (#297 ) Co-authored-by: Gregory Schier <gschier1990@gmail.com>	2025-11-13 05:57:11 -08:00
Zhizhen He	a4c4663011	Merge pull request #298 * fix: replace unstable from_mins to stable from_secs	2025-11-12 07:01:58 -08:00
jzhangdev	5745a96106	Merge pull request #299 * Fix scroll bar layout in EventStreamViewer	2025-11-12 06:58:35 -08:00
Gregory Schier	5449e3c620	Add sidebar action to select the active request	2025-11-11 14:38:05 -08:00
Gregory Schier	7b6278405c	Focus request/folder after creation	2025-11-11 14:11:43 -08:00
goldlinker	8164a61376	chore: make some documents clearer (#276 )	2025-11-10 17:25:54 -08:00
Jeroen Van den Berghe	2e9f21f838	Convert Insomnia variables syntax in headers, parameters and form data (#291 ) Co-authored-by: Gregory Schier <gschier1990@gmail.com>	2025-11-10 17:24:30 -08:00
Gregory Schier	0d725b59bd	Verify trusted-signing-cli version	2025-11-10 15:02:10 -08:00
Gregory Schier	632860c29b	Try again	2025-11-10 14:58:54 -08:00
Gregory Schier	e1cf16f6e1	Try again	2025-11-10 14:49:15 -08:00
Gregory Schier	47c9cfb295	Fix release?	2025-11-10 14:46:09 -08:00
Gregory Schier	6389fd3b8f	Connection re-use for plugin networking and beta NTLM plugin (#295 )	2025-11-10 14:41:49 -08:00
Gregory Schier	d318546d0c	Back to vertical tabs in workspace settings	2025-11-10 06:21:26 -08:00
Gregory Schier	2f60b7b1f3	Switch trusted-signing-cli install method	2025-11-09 13:55:51 -08:00
Gregory Schier	75dc82570b	Rename BadgeButton to PillButton	2025-11-09 08:18:26 -08:00
Gregory Schier	d7a7a64ec4	New "Triangle" theme	2025-11-09 07:55:31 -08:00
Gregory Schier	3aae1b52d1	Update commercial use trial wording	2025-11-09 07:19:05 -08:00
Gregory Schier	9eddf716e1	Update commercial use trial wording	2025-11-09 07:07:18 -08:00
Gregory Schier	554e632c19	Minor license handling tweaks	2025-11-09 06:01:03 -08:00
Gregory Schier	054916b7af	JSON linting	2025-11-08 15:24:31 -08:00
Gregory Schier	f2a63087b0	Actually fix GraphQLEditor.tsx properly	2025-11-06 09:33:12 -08:00
Gregory Schier	6f0d4ad5e4	Fix GraphQL editor	2025-11-06 06:31:56 -08:00
Gregory Schier	cd3530f598	Dropdown to setup sync now opens the correct workspace settings tab	2025-11-06 05:13:18 -08:00
Gregory Schier	53aea914ac	Don't drag tree item when editing https://feedback.yaak.app/p/select-text-of-navbar-in-edit-mode	2025-11-06 05:10:23 -08:00
Gregory Schier	dc0c1decee	Fix copy-curl with API key https://feedback.yaak.app/p/copy-as-curl-bug-when-auth-use-api-key-with	2025-11-05 10:21:26 -08:00
Gregory Schier	32d56f2274	OAuth 1 Authentication Plugin (#292 )	2025-11-05 10:12:48 -08:00
Gregory Schier	ef86c1d189	Recursively collapse during "coolapse all"	2025-11-05 10:12:10 -08:00
Gregory Schier	e264c50427	Show more resopnse header y height	2025-11-05 10:11:55 -08:00
Gregory Schier	f05ad62301	Fix zoom hotkey https://feedback.yaak.app/p/zoom-in-not-working-on-linux-mint	2025-11-05 10:11:46 -08:00
Gregory Schier	0a6228bf16	Fix Input ref timing, PairEditor initialization, and environment variable focus	2025-11-04 14:04:12 -08:00
Gregory Schier	fa3a0b57f9	Fix Editor.tsx wonkiness	2025-11-04 13:44:18 -08:00
Gregory Schier	4390c02117	Fix gRPC message editing	2025-11-04 12:35:36 -08:00
Gregory Schier	77011176af	Fix tab flexbox issue	2025-11-04 09:22:28 -08:00
Gregory Schier	759fc503d3	Fix accidental typing	2025-11-04 08:51:46 -08:00
Gregory Schier	0cb633e479	A bunch of fixes	2025-11-04 08:44:08 -08:00
Gregory Schier	81ceb981e8	Oops	2025-11-03 15:05:50 -08:00
Gregory Schier	4dae1a7955	Improve selecting items during filter	2025-11-03 15:04:02 -08:00
Gregory Schier	d119f4cab2	Fix confirm with text autofocus	2025-11-03 14:42:30 -08:00
Gregory Schier	7e1eb90d29	Show error when enabling encryption fails	2025-11-03 14:34:43 -08:00
Gregory Schier	bf97ea1659	Some sidebar fixes	2025-11-03 14:17:11 -08:00
Gregory Schier	749ca968ec	Fix environment sorting	2025-11-03 13:53:41 -08:00
Gregory Schier	0c54b481fb	Fix unused variable	2025-11-03 13:29:47 -08:00
Jeroen Van den Berghe	4943bad8ec	Import query parameters from Insomnia v4 and v5 exports (#290 )	2025-11-03 13:03:24 -08:00
Gregory Schier	450dbd0053	Better syntax highlighting for filter expressions	2025-11-03 06:30:41 -08:00
Gregory Schier	236c8fa656	Fix sidebar reselection after dragging non-selelected item or renaming	2025-11-03 06:19:04 -08:00
Gregory Schier	1dfc2ee602	Support encoding values to base64 (url safe)	2025-11-03 06:07:34 -08:00
Gregory Schier	1d158082f6	Pass host environment variable to plugin runtime https://feedback.yaak.app/p/when-i-use-clash-yaak-fails-to-launch	2025-11-03 06:02:18 -08:00
Gregory Schier	f3e44c53d7	Show full paths in command palette switcher https://feedback.yaak.app/p/command-palette-search-should-include-parent-folder-names	2025-11-03 05:54:29 -08:00
Gregory Schier	c8d5e7c97b	Add support for API key authentication in cURL conversion https://feedback.yaak.app/p/copy-as-curl-without-api-key	2025-11-03 05:05:54 -08:00
Gregory Schier	9bde6bbd0a	More efficient editor state saves	2025-11-02 06:16:45 -08:00
Gregory Schier	df5be218a5	Remove debug console logs from Input component	2025-11-02 05:52:56 -08:00
Gregory Schier	2deb870bb6	Fix pair editor	2025-11-02 05:52:36 -08:00
Gregory Schier	0f9975339c	Fixes for last commit	2025-11-01 09:33:57 -07:00
Gregory Schier	6ad4e7bbb5	Click env var to edit AND improve input/editor ref handling	2025-11-01 08:39:07 -07:00
Gregory Schier	2bcf67aaa6	Fallback to jsonpath for response filter	2025-10-31 09:45:29 -07:00
Gregory Schier	c01b8ce4ca	Fix sort priority	2025-10-31 09:40:37 -07:00
Gregory Schier	f7bb649b16	Fix ref type	2025-10-31 09:25:04 -07:00
Gregory Schier	e3e67c8df7	Use TRee component for Environment dialog (#288 )	2025-10-31 09:16:29 -07:00
gschier	c9698c0f23	Deploying to main from @ mountain-loop/yaak@2cdd1d8136 🚀	2025-10-31 15:36:52 +00:00
Gregory Schier	2cdd1d8136	Tree fixes and sidebar filter DSL	2025-10-31 05:59:46 -07:00
gschier	8d8e5c0317	Deploying to main from @ mountain-loop/yaak@4e66a73677 🚀	2025-10-30 00:20:16 +00:00
Gregory Schier	4e66a73677	npm i	2025-10-29 15:37:46 -07:00
Gregory Schier	08f1bc4e65	Disable sidebar filtering for now	2025-10-29 15:30:18 -07:00
Gregory Schier	c6d9cb9c9e	Narrow vim keys selector	2025-10-29 14:59:33 -07:00
Gregory Schier	efbb90dd60	Prevent vim hotkeys from activating tree in sidebar filter	2025-10-29 14:59:13 -07:00
Gregory Schier	7a7940d365	Change response history dropdown icon	2025-10-29 14:58:56 -07:00
Börge Kiss	8a6f80a181	Fix dismissable banner action button title (#273 )	2025-10-29 08:16:33 -07:00
Quentin Ross	e8e0097e2d	Fix websocket url parameters not parsing variables (#281 )	2025-10-29 08:16:07 -07:00
Zhizhen He	f475b05c51	Allow specifying time for unix / unix millis / iso 8601 format (#283 ) Co-authored-by: Gregory Schier <gschier1990@gmail.com>	2025-10-29 08:15:19 -07:00
Madeleaan	7e5f9004e2	Fix text on plugin installation button (#284 )	2025-10-29 08:14:40 -07:00
Gregory Schier	660771b48c	Add random.range() template function	2025-10-29 08:02:12 -07:00
Gregory Schier	030e8b837e	Fix incorrect Postman AWS auth key mapping and update test fixtures	2025-10-29 07:08:02 -07:00
Gregory Schier	a42cba567c	Support all possible Postman auth types	2025-10-29 07:06:10 -07:00
Gregory Schier	484b5b2fd8	Switch to vkbeautify for XML https://feedback.yaak.app/p/xml-pretty-formatter-not-rendering-correctly	2025-10-28 14:03:49 -07:00
Gregory Schier	a71fb8ed6c	Don't trigger hotkeys within sidebar edit input	2025-10-28 13:03:37 -07:00
Gregory Schier	5b8114f6f3	Add context menu support and Vim keybindings in Sidebar and Tree components	2025-10-28 08:45:36 -07:00
Gregory Schier	68637d24c7	Don't throw on empty variable values https://feedback.yaak.app/p/variable-with-empty-value-in-request-will-cause-error	2025-10-28 07:20:41 -07:00
Gregory Schier	c097afe657	Skip disabled headers and URL parameters during rendering	2025-10-28 07:11:37 -07:00
Gregory Schier	78bc7d7909	Update label for "trialing" state to "Commercial Trial" in LicenseBadge	2025-10-28 07:11:17 -07:00
Gregory Schier	b68ce44d52	Colorize HTTP methods in dropdown https://feedback.yaak.app/p/colorized-methods-on-dropdown-select	2025-10-28 07:11:03 -07:00
Gregory Schier	632344d166	Adjust LicenseBadge color for "trialing" state to secondary	2025-10-28 07:04:16 -07:00
Gregory Schier	f3814b7d2b	Show cursor in response view	2025-10-28 07:03:19 -07:00
Gregory Schier	618a544dbd	Adjust default font sizes for editor and interface settings	2025-10-28 07:03:06 -07:00
Gregory Schier	9a55426236	Fix incorrect Sidebar hidden state logic	2025-10-28 06:58:31 -07:00
Gregory Schier	b7ad490c9b	Add setting to disable checking for notifications	2025-10-28 06:55:56 -07:00
Gregory Schier	2095cb88c2	Fix entering encryption key https://feedback.yaak.app/p/encryption-feature-error	2025-10-28 06:55:03 -07:00
Gregory Schier	a9e05ae988	Copy on "type to confirm" dialog	2025-10-28 06:15:44 -07:00
Gregory Schier	99a6c38632	Sidebar filtering and improvements (#285 )	2025-10-27 14:10:28 -07:00
Gregory Schier	b2766509e3	Hotkey for creating environment when dialog open	2025-10-26 12:10:41 -07:00
Gregory Schier	3f5b5a397c	Better environment color picker (#282 )	2025-10-26 12:05:03 -07:00
Gregory Schier	923b1ac830	Fix indent guide on drag and drop after expand folder https://feedback.yaak.app/p/displace-moving-caret-on-spring-loaded-folder	2025-10-25 09:41:06 -07:00
Gregory Schier	17dbe7c9a7	API key auth to copy-as-grpcurl	2025-10-25 08:43:50 -07:00
Gregory Schier	df80cdfe33	Copy as curl AWS auth, and handle disabled auth	2025-10-25 08:33:27 -07:00