⚠️ **This release contains security fixes. If your OpenAPI documents link to untrusted external URLs, you should upgrade.**
**Interface changes**:
- You may experience issues with this version if you're importing Swagger UI in a non-browser environment (which we don't officially support). Consider loading JSDom beforehand, so that Swagger UI has the DOM APIs it needs access to.
- Links throughout Swagger UI now render with `rel="noopener noreferrer"`, which blocks linked pages from accessing `window.opener` and the `Referrer` header.
**Changelog**:
- feature: "Send empty value" controls for `allowEmptyValue` parameters (via 4788)
- bugfix(security): anchor tag safety (via 4789)
- bugfix: default to empty object for pathItems in `updateJsonSpec` wrap-action (via 4785)