feat: add option to disable external reference resolution

[AnshumohanAcharya]

Description

This PR introduces a new resolveExternal option to the ResolverOptions interface that allows users to disable external reference resolution ($ref pointing to http, https, or file URIs) while preserving internal JSON pointer reference resolution.

Key Changes:

• Added resolveExternal?: boolean property to ResolverOptions interface
• Modified createResolver() function to conditionally include default resolvers (http, https, file) based on the resolveExternal option
• When resolveExternal is set to false, external reference resolution is disabled
• Internal JSON pointer references (e.g., #/components/messages/message) continue to work regardless of this setting
• Default behavior remains unchanged (resolveExternal defaults to true) for backward compatibility

Usage Examples:

1. Disable external resolution in Parser constructor:

const parser = new Parser({
  __unstable: {
    resolver: {
      resolveExternal: false
    }
  }
});

2. Disable external resolution in validate/parse methods:

const parser = new Parser();
await parser.validate(spec, {
  __unstable: {
    resolver: {
      resolveExternal: false
    }
  }
});

Testing:

Added comprehensive test suite (external-ref-disabled.spec.ts) that verifies:

• External HTTP/HTTPS references are blocked when disabled
• External file references are blocked when disabled
• Internal JSON pointer references still resolve correctly when external resolution is disabled
• Works when configured both at parser construction and method invocation levels

All existing tests pass (2470 tests), ensuring backward compatibility.

Related issue(s)
Fixes #1098

[changeset-bot]

⚠️ No Changeset found

Latest commit: f824be1

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[github-actions]

Welcome to AsyncAPI. Thanks a lot for creating your first pull request. Please check out our contributors guide useful for opening a pull request.
Keep in mind there are also other channels you can use to interact with AsyncAPI community. For more details check out this issue.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

This pull request has been automatically marked as stale because it has not had recent activity 😴

It will be closed in 120 days if no further activity occurs. To unstale this pull request, add a comment with detailed explanation.

There can be many reasons why some specific pull request has no activity. The most probable cause is lack of time, not lack of interest. AsyncAPI Initiative is a Linux Foundation project not owned by a single for-profit company. It is a community-driven initiative ruled under open governance model.

Let us figure out together how to push this pull request forward. Connect with us through one of many communication channels we established here.

Thank you for your patience ❤️