Bump tar from 0.4.45 to 0.4.46

Bumps [tar](https://github.com/composefs/tar-rs) from 0.4.45 to 0.4.46.
- [Release notes](https://github.com/composefs/tar-rs/releases)
- [Commits](https://github.com/composefs/tar-rs/compare/0.4.45...0.4.46)

---
updated-dependencies:
- dependency-name: tar
  dependency-version: 0.4.46
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Cargo.lock

@@ -215,7 +215,7 @@ dependencies = [
  "objc2-foundation 0.3.1",
  "parking_lot",
  "percent-encoding",
- "windows-sys 0.59.0",
+ "windows-sys 0.52.0",
  "wl-clipboard-rs",
  "x11rb",
 ]
@@ -1151,7 +1151,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "117725a109d387c937a1533ce01b450cbde6b88abceea8473c4d7a85853cda3c"
 dependencies = [
  "lazy_static 1.5.0",
- "windows-sys 0.59.0",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]
@@ -1970,7 +1970,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "cea14ef9355e3beab063703aa9dab15afd25f0667c341310c1e5274bb1d0da18"
 dependencies = [
  "libc",
- "windows-sys 0.59.0",
+ "windows-sys 0.52.0",
 ]
 
 [[package]]
@@ -6534,7 +6534,7 @@ dependencies = [
  "errno",
  "libc",
  "linux-raw-sys 0.4.15",
- "windows-sys 0.59.0",
+ "windows-sys 0.52.0",
 ]
 
 [[package]]
@@ -6547,7 +6547,7 @@ dependencies = [
  "errno",
  "libc",
  "linux-raw-sys 0.9.4",
- "windows-sys 0.59.0",
+ "windows-sys 0.52.0",
 ]
 
 [[package]]
@@ -7508,9 +7508,9 @@ checksum = "55937e1799185b12863d447f42597ed69d9928686b8d88a1df17376a097d8369"
 
 [[package]]
 name = "tar"
-version = "0.4.45"
+version = "0.4.46"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "22692a6476a21fa75fdfc11d452fda482af402c008cdbaf3476414e122040973"
+checksum = "3f6221d9a6003c78398e3b239969f352578258df48c8eb051caadae0015bc840"
 dependencies = [
  "filetime",
  "libc",
@@ -7988,7 +7988,7 @@ dependencies = [
  "getrandom 0.3.3",
  "once_cell",
  "rustix 1.0.7",
- "windows-sys 0.59.0",
+ "windows-sys 0.52.0",
 ]
 
 [[package]]
@@ -9317,7 +9317,7 @@ version = "0.1.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb"
 dependencies = [
- "windows-sys 0.59.0",
+ "windows-sys 0.48.0",
 ]
 
 [[package]]

apps/yaak-client/components/core/Input.tsx

@@ -290,7 +290,7 @@ function BaseInput({
         <HStack
           className={classNames(
             inputWrapperClassName,
-            "w-full min-w-0 px-2",
+            "flex-1 min-w-0 px-2",
             fullHeight && "h-full",
             leftSlot ? "pl-0.5 -ml-2" : null,
             rightSlot ? "pr-0.5 -mr-2" : null,

apps/yaak-client/lib/deleteModelWithConfirm.tsx

@@ -35,10 +35,15 @@ export async function deleteModelWithConfirm(
           <>
             the following?
             <Prose className="mt-2">
-              <ul>
+              <ul className="space-y-1">
                 {models.map((m) => (
                   <li key={m.id}>
-                    <InlineCode>{resolvedModelName(m)}</InlineCode>
+                    <InlineCode
+                      className="inline-block truncate align-bottom max-w-full"
+                      title={resolvedModelName(m)}
+                    >
+                      {resolvedModelName(m)}
+                    </InlineCode>
                   </li>
                 ))}
               </ul>

apps/yaak-client/package.json

@@ -98,7 +98,7 @@
     "babel-plugin-react-compiler": "^1.0.0",
     "decompress": "^4.2.1",
     "internal-ip": "^8.0.0",
-    "postcss": "^8.5.6",
+    "postcss": "^8.5.14",
     "postcss-nesting": "^13.0.2",
     "rollup": "^4.60.3",
     "tailwindcss": "^3.4.17",

package-lock.json

@@ -186,7 +186,7 @@
         "babel-plugin-react-compiler": "^1.0.0",
         "decompress": "^4.2.1",
         "internal-ip": "^8.0.0",
-        "postcss": "^8.5.6",
+        "postcss": "^8.5.14",
         "postcss-nesting": "^13.0.2",
         "rollup": "^4.60.3",
         "tailwindcss": "^3.4.17",
@@ -223,6 +223,54 @@
         "node": "^18 || >=20"
       }
     },
+    "apps/yaak-client/node_modules/postcss": {
+      "version": "8.5.14",
+      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.14.tgz",
+      "integrity": "sha512-SoSL4+OSEtR99LHFZQiJLkT59C5B1amGO1NzTwj7TT1qCUgUO6hxOvzkOYxD+vMrXBM3XJIKzokoERdqQq/Zmg==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/postcss/"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/postcss"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "nanoid": "^3.3.11",
+        "picocolors": "^1.1.1",
+        "source-map-js": "^1.2.1"
+      },
+      "engines": {
+        "node": "^10 || ^12 || >=14"
+      }
+    },
+    "apps/yaak-client/node_modules/postcss/node_modules/nanoid": {
+      "version": "3.3.12",
+      "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.12.tgz",
+      "integrity": "sha512-ZB9RH/39qpq5Vu6Y+NmUaFhQR6pp+M2Xt76XBnEwDaGcVAqhlvxrl3B2bKS5D3NH3QR76v3aSrKaF/Kiy7lEtQ==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "bin": {
+        "nanoid": "bin/nanoid.cjs"
+      },
+      "engines": {
+        "node": "^10 || ^12 || ^13.7 || ^14 || >=15.0.1"
+      }
+    },
     "apps/yaak-client/node_modules/uuid": {
       "version": "14.0.0",
       "resolved": "https://registry.npmjs.org/uuid/-/uuid-14.0.0.tgz",
@@ -16805,9 +16853,9 @@
       "license": "ISC"
     },
     "node_modules/ws": {
-      "version": "8.19.0",
-      "resolved": "https://registry.npmjs.org/ws/-/ws-8.19.0.tgz",
-      "integrity": "sha512-blAT2mjOEIi0ZzruJfIhb3nps74PRWTCz1IjglWEEpQl5XS/UNama6u2/rjFkDDouqr4L67ry+1aGIALViWjDg==",
+      "version": "8.20.1",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-8.20.1.tgz",
+      "integrity": "sha512-It4dO0K5v//JtTXuPkfEOaI3uUN87iYPnqo/ZzqCoG3g8uhA66QUMs/SrM0YK7/NAu+r4LMh/9dq2A7k+rHs+w==",
       "license": "MIT",
       "engines": {
         "node": ">=10.0.0"
@@ -16919,7 +16967,7 @@
     "packages/plugin-runtime": {
       "name": "@yaakapp-internal/plugin-runtime",
       "dependencies": {
-        "ws": "^8.18.0"
+        "ws": "^8.20.1"
       },
       "devDependencies": {
         "@types/ws": "^8.5.13"

packages/plugin-runtime/package.json

@@ -6,7 +6,7 @@
     "build:main": "esbuild src/index.ts --bundle --platform=node --outfile=../../crates-tauri/yaak-app-client/vendored/plugin-runtime/index.cjs"
   },
   "dependencies": {
-    "ws": "^8.18.0"
+    "ws": "^8.20.1"
   },
   "devDependencies": {
     "@types/ws": "^8.5.13"

plugins/importer-curl/src/index.ts

@@ -181,6 +181,78 @@ export function convertCurl(rawData: string) {
   };
 }
 
+interface ExtractedAuthentication {
+  authenticationType: string | null;
+  authentication: Record<string, string>;
+  filteredHeaders: HttpUrlParameter[]; // headers without authorization
+}
+
+function extractAuthenticationFromHeaders(headers: HttpUrlParameter[]): ExtractedAuthentication {
+  const authorizationHeaderIndex = headers.findIndex(
+    (h) => h.name.toLowerCase() === "authorization",
+  );
+
+  const authorizationHeader = headers[authorizationHeaderIndex];
+  if (authorizationHeader == null) {
+    return {
+      authenticationType: null,
+      authentication: {},
+      filteredHeaders: headers,
+    };
+  }
+
+  const value = authorizationHeader.value.trim();
+  const spaceIndex = value.indexOf(" ");
+
+  if (spaceIndex <= 0) {
+    return {
+      authenticationType: null,
+      authentication: {},
+      filteredHeaders: headers,
+    };
+  }
+
+  const scheme = value.slice(0, spaceIndex).toLowerCase();
+  const credentials = value.slice(spaceIndex + 1).trim();
+
+  // Bearer authentication (RFC 6750)
+  if (scheme === "bearer") {
+    const filteredHeaders = headers.filter((_, i) => i !== authorizationHeaderIndex);
+    return {
+      authenticationType: "bearer",
+      authentication: { token: credentials, prefix: "Bearer" },
+      filteredHeaders,
+    };
+  }
+
+  // Basic authentication (RFC 7617)
+  if (scheme === "basic") {
+    try {
+      const decoded = Buffer.from(credentials, "base64").toString();
+      const colonIndex = decoded.indexOf(":");
+      if (colonIndex > 0) {
+        const filteredHeaders = headers.filter((_, i) => i !== authorizationHeaderIndex);
+        return {
+          authenticationType: "basic",
+          authentication: {
+            username: decoded.slice(0, colonIndex),
+            password: decoded.slice(colonIndex + 1),
+          },
+          filteredHeaders,
+        };
+      }
+    } catch {
+      // Invalid base64, keep header as-is
+    }
+  }
+
+  return {
+    authenticationType: null,
+    authentication: {},
+    filteredHeaders: headers,
+  };
+}
+
 function importCommand(parseEntries: string[], workspaceId: string) {
   // ~~~~~~~~~~~~~~~~~~~~~ //
   // Collect all the flags //
@@ -323,8 +395,23 @@ function importCommand(parseEntries: string[], workspaceId: string) {
     });
   }
 
+  // Extract authentication from Authorization headers (Bearer/Basic)
+  const {
+    authenticationType: extractedAuthenticationType,
+    authentication: extractedAuthentication,
+    filteredHeaders,
+  } = extractAuthenticationFromHeaders(headers);
+
+  // Use extracted authentication from header if found, otherwise fall back to -u/--user parsing
+  const finalAuthenticationType = extractedAuthenticationType || authenticationType;
+  const finalAuthentication = extractedAuthenticationType
+    ? extractedAuthentication
+    : authentication;
+
   // Body (Text or Blob)
-  const contentTypeHeader = headers.find((header) => header.name.toLowerCase() === "content-type");
+  const contentTypeHeader = filteredHeaders.find(
+    (header) => header.name.toLowerCase() === "content-type",
+  );
   const mimeType = contentTypeHeader ? contentTypeHeader.value.split(";")[0]?.trim() : null;
 
   // Extract boundary from Content-Type header for multipart parsing
@@ -398,7 +485,7 @@ function importCommand(parseEntries: string[], workspaceId: string) {
         value: decodeURIComponent(parameter.value || ""),
       })),
     };
-    headers.push({
+    filteredHeaders.push({
       name: "Content-Type",
       value: "application/x-www-form-urlencoded",
       enabled: true,
@@ -419,7 +506,7 @@ function importCommand(parseEntries: string[], workspaceId: string) {
       form: formDataParams,
     };
     if (mimeType == null) {
-      headers.push({
+      filteredHeaders.push({
         name: "Content-Type",
         value: "multipart/form-data",
         enabled: true,
@@ -442,9 +529,9 @@ function importCommand(parseEntries: string[], workspaceId: string) {
     urlParameters,
     url,
     method,
-    headers,
-    authentication,
-    authenticationType,
+    headers: filteredHeaders,
+    authentication: finalAuthentication,
+    authenticationType: finalAuthenticationType,
     body,
     bodyType,
     folderId: null,

plugins/importer-curl/tests/index.test.ts

@@ -332,6 +332,142 @@ describe("importer-curl", () => {
     });
   });
 
+  test("Imports Bearer token from Authorization header", () => {
+    expect(convertCurl('curl -H "Authorization: Bearer token123" https://yaak.app')).toEqual({
+      resources: {
+        workspaces: [baseWorkspace()],
+        httpRequests: [
+          baseRequest({
+            url: "https://yaak.app",
+            authenticationType: "bearer",
+            authentication: {
+              token: "token123",
+              prefix: "Bearer",
+            },
+            headers: [],
+          }),
+        ],
+      },
+    });
+  });
+
+  test("Trims whitespace before Bearer token from Authorization header", () => {
+    expect(convertCurl('curl -H "Authorization: Bearer    token123" https://yaak.app')).toEqual({
+      resources: {
+        workspaces: [baseWorkspace()],
+        httpRequests: [
+          baseRequest({
+            url: "https://yaak.app",
+            authenticationType: "bearer",
+            authentication: {
+              token: "token123",
+              prefix: "Bearer",
+            },
+            headers: [],
+          }),
+        ],
+      },
+    });
+  });
+
+  test("Imports Basic auth from Authorization header (base64 decoded)", () => {
+    expect(
+      convertCurl('curl -H "Authorization: Basic dXNlcjpwYXNzd29yZA==" https://yaak.app'),
+    ).toEqual({
+      resources: {
+        workspaces: [baseWorkspace()],
+        httpRequests: [
+          baseRequest({
+            url: "https://yaak.app",
+            authenticationType: "basic",
+            authentication: {
+              username: "user",
+              password: "password",
+            },
+            headers: [],
+          }),
+        ],
+      },
+    });
+  });
+
+  test("Authorization header takes precedence over -u flag", () => {
+    expect(
+      convertCurl('curl -u admin:secret -H "Authorization: Bearer token123" https://yaak.app'),
+    ).toEqual({
+      resources: {
+        workspaces: [baseWorkspace()],
+        httpRequests: [
+          baseRequest({
+            url: "https://yaak.app",
+            authenticationType: "bearer",
+            authentication: {
+              token: "token123",
+              prefix: "Bearer",
+            },
+            headers: [],
+          }),
+        ],
+      },
+    });
+  });
+
+  test("Authorization header extraction is case-insensitive", () => {
+    expect(convertCurl('curl -H "authorization: bearer lowercaseToken" https://yaak.app')).toEqual({
+      resources: {
+        workspaces: [baseWorkspace()],
+        httpRequests: [
+          baseRequest({
+            url: "https://yaak.app",
+            authenticationType: "bearer",
+            authentication: {
+              token: "lowercaseToken",
+              prefix: "Bearer",
+            },
+            headers: [],
+          }),
+        ],
+      },
+    });
+  });
+
+  test("Preserves other headers when extracting Authorization", () => {
+    expect(
+      convertCurl('curl -H "Authorization: Bearer token123" -H "X-Custom: value" https://yaak.app'),
+    ).toEqual({
+      resources: {
+        workspaces: [baseWorkspace()],
+        httpRequests: [
+          baseRequest({
+            url: "https://yaak.app",
+            authenticationType: "bearer",
+            authentication: {
+              token: "token123",
+              prefix: "Bearer",
+            },
+            headers: [{ name: "X-Custom", value: "value", enabled: true }],
+          }),
+        ],
+      },
+    });
+  });
+
+  test("Invalid base64 in Basic auth keeps header in headers", () => {
+    expect(
+      convertCurl('curl -H "Authorization: Basic not-valid-base64!!!" https://yaak.app'),
+    ).toEqual({
+      resources: {
+        workspaces: [baseWorkspace()],
+        httpRequests: [
+          baseRequest({
+            url: "https://yaak.app",
+            headers: [{ name: "Authorization", value: "Basic not-valid-base64!!!", enabled: true }],
+          }),
+        ],
+      },
+    });
+  });
+
   test("Imports cookie as header", () => {
     expect(convertCurl('curl --cookie "foo=bar" https://yaak.app')).toEqual({
       resources: {