Sourced from orval's releases.

Release v8.2.0

What's Changed

[!IMPORTANT]
CVE-2026-25141 fixed

• fix(svelte/vue): remove extra curly brace for pre v4 by @​AllieJonsson in orval-labs/orval#2863
• docs(llms): add llms.txt build step by @​froggy1014 in orval-labs/orval#2862
• docs: fix broken documentation links in README by @​Zero-1016 in orval-labs/orval#2866
• fix(core): support contentMediaType for array items in multipart/form-data (#2864) by @​superxiao in orval-labs/orval#2867
• fix: update GitHub security advisory URL by @​jaem0629 in orval-labs/orval#2871
• fix(core): support contentMediaType in allOf/oneOf/anyOf for multipart/form-data (#2873) by @​superxiao in orval-labs/orval#2874
• fix(axios): remove generic type parameter from generated axios functions by @​soufDev in orval-labs/orval#2868
• fix: support OpenAPI 3.1 type arrays with $ref by @​bostrom in orval-labs/orval#2875
• fix(core): dedupeUnionType only splits on top-level | #2880 by @​superxiao in orval-labs/orval#2881
• fix(hono): fix TS2345 type error in validator.ts by @​soartec-lab in orval-labs/orval#2878
• fix(core): handle string literals in dedupeUnionType by @​superxiao in orval-labs/orval#2883
• fix: remove unused axiosInstance parameter when using mutator by @​jaem0629 in orval-labs/orval#2884
• fix(svelte): pass queryClient correctly to v6 mutations by @​AllieJonsson in orval-labs/orval#2888
• CVE-2026-25141 fix(bug): jsStringEscape also escape JS comments /* and */ by @​melloware in orval-labs/orval#2882
• fix(core): guard against undefinedItem from JS string coercion by @​superxiao in orval-labs/orval#2886
• chore(deps): bump hono from 4.11.4 to 4.11.7 by @​dependabot[bot] in orval-labs/orval#2890
• Release v8.2.0 by @​github-actions[bot] in orval-labs/orval#2893

New Contributors

• @​Zero-1016 made their first contribution in orval-labs/orval#2866
• @​jaem0629 made their first contribution in orval-labs/orval#2871
• @​bostrom made their first contribution in orval-labs/orval#2875

Full Changelog: orval-labs/orval@v8.1.0...v8.2.0

• e5cb32d chore(release): bump version to v8.2.0 (#2893)
• bc34953 chore(deps): bump hono from 4.11.4 to 4.11.7 (#2890)
• 6ebbd76 fix(core): guard against undefinedItem from JS string coercion (#2886)
• 35edba8 fix(bug): jsStringEscape also escape JS comments /* and */ (#2882)
• 54d4a2a fix(svelte): pass queryClient correctly to v6 mutations (#2888)
• dd5dec5 fix: remove unused axiosInstance parameter when using mutator (#2884)
• 297d5cf fix(core): handle string literals in dedupeUnionType (#2883)
• 0ab4749 fix(hono): fix TS2345 type error in validator.ts (#2878)
• 6271e02 fix(core): dedupeUnionType only splits on top-level | (#2881)
• 0dffd68 fix: support OpenAPI 3.1 type arrays with $ref (#2875)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)