[Snyk] Upgrade @slack/bolt from 3.10.0 to 3.19.0 #2
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)
Snyk has created this PR to upgrade @slack/bolt from 3.10.0 to 3.19.0.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 20 versions ahead of your current version.
The recommended version was released on 21 days ago.
Issues fixed by the recommended upgrade:
SNYK-JS-AXIOS-6032459
SNYK-JS-AXIOS-6032459
SNYK-JS-FOLLOWREDIRECTS-6141137
SNYK-JS-SEMVER-3247795
SNYK-JS-WS-7266574
SNYK-JS-AXIOS-6124857
SNYK-JS-AXIOS-6124857
SNYK-JS-FOLLOWREDIRECTS-6444610
SNYK-JS-JSONWEBTOKEN-3180022
SNYK-JS-JSONWEBTOKEN-3180024
SNYK-JS-JSONWEBTOKEN-3180026
Release notes
Package name: @slack/bolt
What's Changed
More customizations for the
AwsLambdaReceiver
have landed as well as a few touchups to typings and documented details!With this release, the signature verification for
AwsLambdaReceiver
can now be turned off if that's something you're interested in! Perhaps you have your own stylish way of verifying these signatures. The following can be added to your receiver to unlock this:const app = new App({
...
receiver: new AwsLambdaReceiver({
signatureVerification: false,
}),
});
Read on and browse around for more details on all of the changes included!
🎁 Enhancments
AwsLambdaReceiver
to enable/disable signature verification in #2107 - thanks @ noah-guillory!🐛 Fixes
CodedError
in #2110 - thanks @ filmaj!📚 Documentation
🧰 Maintenance
📦 Dependencies
New Contributors
Full Changelog: https://github.com/slackapi/bolt-js/compare/@ slack/[email protected]...@ slack/[email protected]
What's Changed
files
toapp_mention
event payload by @ seratch in #2057New Contributors
Full Changelog: https://github.com/slackapi/bolt-js/compare/@ slack/[email protected]...@ slack/[email protected]
…nts.
What's Changed
New Contributors
Full Changelog: https://github.com/slackapi/bolt-js/compare/@ slack/[email protected]...@ slack/[email protected]
v3.17.1-customFunctionBeta.0
What's Changed
style.code
properties on rich text elements (updates@ slack/types
to 2.11 and@ slack/web-api
to 6.11) by @ filmaj in #2017Full Changelog: https://github.com/slackapi/bolt-js/compare/@ slack/[email protected]...@ slack/[email protected]
What's Changed
Enhancements 🎁
Maintainers
New Contributors 👋
Full Changelog: https://github.com/slackapi/bolt-js/compare/@ slack/[email protected]...@ slack/[email protected]
What's Changed
This minor release includes support for the new File Input Block Kit Element, which allows for users to submit files using Block Kit. It also removes all traces of vulnerable versions of the
axios
dependency.Enhancements
file_input
block element payload support in TS by @ seratch in #1995rich_text_input
block element payload support in TS by @ seratch in #1963SocketModeReceiver
to be used with Socket Mode by @ zimeg in #1972ExpressReceiver
by @ zimeg in #1973Bug Fixes
Dependencies
Other
New Contributors
Full Changelog: https://github.com/slackapi/bolt-js/compare/@ slack/[email protected]...@ slack/[email protected]
What's Changed
Important Notice
Since this version, we've dropped Node 16 support as the version is EOLed on September 11th, 2023. Please upgrade to a newer Node.js version from now on.
Enhancements
Bug Fixes
Dependencies
New Contributors
Full Changelog: https://github.com/slackapi/bolt-js/compare/@ slack/[email protected]...@ slack/[email protected]
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: