Bump @slack/bolt from 3.7.0 to 3.12.1

[dependabot]

Bumps @slack/bolt from 3.7.0 to 3.12.1.

Release notes

Sourced from @​slack/bolt's releases.

@​slack/bolt@​3.12.1

• Fix #1509 HTTPReceiver does not immediately respond to an invalid signature request (no response instead) (via #1528 ) - thanks @​seratch! @​nirvparekh!
• Document improvements (#1524 #1526) - thanks @​wongjas!

Here is the list of all the issues / pull requests included in the release: https://github.com/slackapi/bolt-js/milestone/28?closed=1

@​slack/bolt@​3.12.0

• Fix #1507 Add type support for message_metadata_* event types (via #1508) - thanks @​dannyhostetler!
• Allow passing additional types for Global and Middleware Context (via #1505) - thanks @​M1kep!
• Fix #1510: Add isEnterpriseInstall to Context (via #1511) - thanks @​rockingskier!
• Fix #1052: Request verification failed: Failed to verify authenticity: stale (via #1503) - thanks @​srajiang!
• Fixed receiver warning typo (via #1492) - thanks @​nick-w-nick!

Here is the list of all the issues / pull requests included in the release: https://github.com/slackapi/bolt-js/milestone/21?closed=1

@​slack/bolt@​3.11.3

• Fix #1488 Incorrect types with ViewUpdateResponseAction and ViewPushResponseAction (via #1490) - thanks @​seratch @​ducminh-phan!

Here is the list of all the issues / pull requests included in the release: https://github.com/slackapi/bolt-js/milestone/26?closed=1

@​slack/bolt@​3.11.2

• Bug fixes:
  • Fix #1454: Missing type declarations for HomeView (via #1455) - thanks @​seratch!
  • TypeScript 4.7 compiler compatibility (via #1466) - thanks @​seratch!
  • Fix #1472: say type incorrectly inferred as never when using pin_added or reaction_* events (via #1473 and #1476) - thanks @​seratch!
  • Fix an action typo in the docs (via #1475) - thanks @​BenAlderfer!
  • Add more logs for error patterns in AwsLambdaReceiver (via #1481) - thanks @​seratch!
  • Fix #1478: ack() is not accessible in global middleware in TypeScript (via #1482) - thanks @​seratch!

Here is the list of all the issues / pull requests included in the release: https://github.com/slackapi/bolt-js/milestone/25?closed=1

@​slack/bolt@​3.11.1

• New features / improvements:
  • Adding support for new user-change events with types (via #1448) - thanks @​filmaj
  • Slack prints failed with the error "operation_timeout" when slack command runs and finishes successfully in AWS Lambda (via #1435 #1452) - thanks @​nicolls1
  • Upgrade socket-mode dependency to the latest minor (via #1441 ) - thanks @​seratch !

Here is the list of all the issues / pull requests included in the release: https://github.com/slackapi/bolt-js/milestone/24?closed=1

@​slack/bolt@​3.11.0

📣 Important Announcement

Since this version, the default behavior of the OAuth flow has been changed for better security. The changes are:

• InstallProvider (The underlying OAuth module) verifies not only the query string but also its corresponding browser cookie data
• The default StateStore (ClearStateStore) makes sure that the state parameter is not too old (the default lifetime is 10 minutes)

Refer to #1335 #1391 slackapi/node-slack-sdk#1435 slackapi/node-slack-sdk#1436 for the context. If you encounter behavior changes described at #1412, consider either changing your app code or setting installerOptions.legacyStateVerification: true for now.

🎁 🐛 New features / improvements:

• #1391 Fix #1335 Proper use of state parameter for the OAuth CSRF protection - Thanks @​seratch

... (truncated)

Commits

• 151dec0 Publish @​slack/bolt@​3.12.1
• 6cc7d02 Apply code formatter
• c517afa Fix npm audit warnings
• af38327 Fix #1509 HTTPReceiver does not immediately respond to an invalid signature r...
• 898db4f Updates links and adds anchors in JP and EN docs (#1526)
• f203826 Adds JP translation for processBeforeResponse & AWS guide (#1524)
• 86486e0 Publish @​slack/bolt@​3.12.0 (#1518)
• fef721f Adding Message Metadata Support to Bolt JS (#1508)
• 2e6e6c0 Allow passing additional types for Global and Middleware Context (#1505)
• 2710c8d Improve the example code in README to be TypeScript compatible (#1515)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #216.