We're excited to announce Hoppscotch v2025.10.0, featuring API Mock Servers for simulating API responses, Experimental Postman script import support to help you migrate your existing collections, Chai.js-based assertions for powerful test scripting, redirect control in Agent, enhanced authentication flows, and numerous improvements to make your API development workflow even more efficient.

API Mock Servers

Introducing API Mock Servers - a powerful new feature that allows you to simulate API responses without needing a backend. Create mock endpoints with custom responses, status codes, and headers to test your applications independently. Perfect for frontend development, testing edge cases, and developing against APIs that are still in progress.

Mock servers support dynamic responses with unique names and duplicate prevention, allowing you to create realistic scenarios and simulate various API behaviors. They work seamlessly with both modern and legacy collections, with private access hints to help you understand visibility settings. Whether you're working on a new feature or need to test error handling, mock servers give you complete control over API responses.

Experimental Postman Script Import Support

One of the most significant additions in this release is our experimental support for importing Postman scripts during the collection import flow. This feature is designed to help teams migrate from Postman to Hoppscotch by preserving their existing test scripts and automation logic.

How it works: When importing a Postman collection (v2.0 or v2.1 format), you'll be presented with a consent dialog explaining the experimental nature of this feature. Upon your explicit approval, Hoppscotch will attempt to import pre-request and test scripts from your collection, translating Postman's scripting patterns into our Chai.js-based environment.

Important considerations:

• Experimental Feature: This capability is currently in experimental stage. While it handles many common Postman scripting patterns, you may encounter edge cases that require manual adjustment.
• User Consent Required: Script import is opt-in only. You'll need to explicitly approve the import during the collection import process, ensuring you're aware of what's being migrated.
• Supported Formats: We support Postman collection v2.0 and v2.1 formats. Collections using these versions will have the best compatibility with our import system.
• Known Limitations: Some legacy Postman patterns and deprecated APIs may not be fully supported. Complex custom libraries, certain Newman-specific features, and some older scripting patterns might require manual migration. We recommend reviewing imported scripts to ensure they work as expected in Hoppscotch's environment.

This feature represents our commitment to making the migration from Postman as smooth as possible. We're actively working to expand coverage and improve compatibility based on community feedback.

Chai.js-based Assertions for Powerful Testing

Building upon the Postman script import capability, we've integrated the Chai.js assertion library into our scripting environment. This provides a robust, modern foundation for writing test scripts with familiar, expressive syntax. Use Chai to validate responses, check data structures, and ensure your APIs behave as expected.

With support for BDD-style assertions (expect/should) and TDD-style assertions (assert), you can write more readable and maintainable test scripts. Chain assertions together for comprehensive validation of API responses, including deep equality checks, type validation, property existence checks, and more. The enhanced scripting sandbox now preserves file uploads and provides improved value handling and serialization for more reliable test execution.

Agent: Control Redirect Follow

The Hoppscotch Agent now supports redirect control, giving you fine-grained control over how HTTP redirects are handled during request execution. This feature is essential for testing redirect flows, debugging authentication sequences, and understanding how your APIs handle various redirect scenarios.

Enhanced Authentication and Security

This release brings significant improvements to authentication handling. We've implemented automatic token refresh flows that detect when your authentication tokens expire and seamlessly refresh them, ensuring uninterrupted API testing sessions. Additionally, we've added missing token checks to the request save workflow for better security validation.

OAuth improvements include better preservation of PKCE and client secrets during Postman collection imports, and you can now configure custom session cookie names for enhanced flexibility in enterprise environments. We've also implemented important security patches across the dependency chain and prevented log injection vulnerabilities.

Improved Developer Experience

We've enhanced the overall developer experience with several quality-of-life improvements. The environment variable system now includes improved fallback behavior, and we've added the $randomCompanyName predefined variable for generating test data. Team selector polling has been optimized to avoid rapid requests, resulting in better performance and reduced server load.

Infrastructure and Stability Improvements

Behind the scenes, we've made significant infrastructure improvements to enhance reliability and performance. The application now handles graceful shutdown and container stops properly, and we've resolved issues with infrastructure config resets by correctly resetting the onboarding state. Code quality improvements across the backend ensure better maintainability and fewer edge-case bugs.

We've also streamlined our CI/CD pipeline with platform jobs and improved Node.js version management, ensuring consistent builds and deployments across all environments.

What do you want us to build next? Write to us at hello@hoppscotch.io, join the conversation on our Discord server, or head over to our GitHub repository.