Bump tough-cookie, botbuilder and botkit #23

dependabot · 2023-09-22T04:46:48Z

Removes tough-cookie. It's no longer used after updating ancestor dependencies tough-cookie, botbuilder and botkit. These dependencies need to be updated together.

Removes tough-cookie

Updates botbuilder from 4.11.1 to 4.20.1

Release notes

Sourced from botbuilder's releases.

Bot Framework JS SDK 4.20.1

What's Changed

feat: #4446 Azure Blob Storage should support Identity authentication by @ceciliaavila in microsoft/botbuilder-js#4486

chore: bump fast-xml-parser from 4.2.2 to 4.2.4 by @dependabot in microsoft/botbuilder-js#4488

port: #6577 Can you add a log line for this exception? (#6587) by @erquirogasw in microsoft/botbuilder-js#4439

feat: Add support for config auth type (fetch & submit) by @corinagum in microsoft/botbuilder-js#4485

Dropped Node 12 from builds by @tracyboehrer in microsoft/botbuilder-js#4501

port: #4481 Outgoing Activity Locale being Overwritten by @ceciliaavila in microsoft/botbuilder-js#4489

port: #4482 #6588 UserId not being passed to AzureDiagnostics by @ceciliaavila in microsoft/botbuilder-js#4493

chore: bump semver from 7.3.8 to 7.5.2 by @dependabot in microsoft/botbuilder-js#4495

fix: Update restify Dependency in Yeoman Templates to v10.0.0 by @anishprasad01 in microsoft/botbuilder-js#4392

chore: bump fast-xml-parser from 4.2.4 to 4.2.5 by @dependabot in microsoft/botbuilder-js#4502

chore: bump semver from 5.7.1 to 5.7.2 in /testing/browser-functional/browser-echo-bot by @dependabot in microsoft/botbuilder-js#4499

fix: [CVE-2023-26136] Update tough-cookie version by @sw-joelmut in microsoft/botbuilder-js#4508

chore: bump word-wrap from 1.2.3 to 1.2.4 by @dependabot in microsoft/botbuilder-js#4506

chore: bump word-wrap from 1.2.3 to 1.2.4 in /testing/browser-functional/browser-echo-bot by @dependabot in microsoft/botbuilder-js#4507

feat: #4503 azure-storage deprecation by @ceciliaavila in microsoft/botbuilder-js#4510

fix: Remove request package from browser-functional by @ceciliaavila in microsoft/botbuilder-js#4512

fix: Remove request package from botbuilder-core tests by @ceciliaavila in microsoft/botbuilder-js#4514

fix: Replace chatdown package from botbuilder-core tests by @ceciliaavila in microsoft/botbuilder-js#4516

fix: Replace Map with WeakMap to avoid memory leak by @ceciliaavila in microsoft/botbuilder-js#4517

fix: Upgrading restify to fix error on Node version 18+ by @GregBorrelly in microsoft/botbuilder-js#4515

fix: remove ms-rest-azure package by @ceciliaavila in microsoft/botbuilder-js#4521

fix: Remove ms-rest package by @ceciliaavila in microsoft/botbuilder-js#4523

fix: #4490 Usage of a vulnerable package - Upgrade recognizers-text-number by @ceciliaavila in microsoft/botbuilder-js#4524

fix: #4509 [email protected] is still installing @azure/ms-rest-js@1.11.2 for @azure/cognitiveservices-luis-runtime by @ceciliaavila in microsoft/botbuilder-js#4519

port: #4529 Update JwtTokenExtractor by @ceciliaavila in microsoft/botbuilder-js#4531

fix: #4520 Upgrade restify to fix error on Node version 18+ by @ceciliaavila in microsoft/botbuilder-js#4528

fix: #4525 Replace read-text-file package to avoid using LGPL by @ceciliaavila in microsoft/botbuilder-js#4534

New Contributors

@GregBorrelly made their first contribution in microsoft/botbuilder-js#4515

Full Changelog: microsoft/botbuilder-js@4.20.0...4.20.1

Bot Framework for JS SDK 4.20.0

This is the June 2023 release of the JavaScript SDK. This release contains Teams features and bug/security fixes.

What's Changed

Teams

feat: Add MeetingTabIconSurface to MeetingSurface capabilities by @corinagum in microsoft/botbuilder-js#4459

feat: Add support for Teams Adaptive cards in QnA Dialog by @anishprasad01 in microsoft/botbuilder-js#4467

fix: Teams Meeting Notification interface structure changes by @singhk97 in microsoft/botbuilder-js#4416

fix: Teams activity handler documentation fix by @singhk97 in microsoft/botbuilder-js#4407

fix: #4408 Cloud adapter is not working with teams SSO by @erquirogasw in microsoft/botbuilder-js#4427

port: #4463 #6596 TeamsChannelData need OnBehalfOf by @ceciliaavila in microsoft/botbuilder-js#4474

Other

fix: streaming client should connect under Node.js by @compulim in microsoft/botbuilder-js#4413

fix: #4414 JS Linux Functional Test pipeline failing by @ceciliaavila in microsoft/botbuilder-js#4419

... (truncated)

Commits

cbb187d fix: #4525 Replace read-text-file package to avoid using LGPL (#4534)
3685e5e fix: #4520 Upgrade restify to fix error on Node version 18+ (#4528)
afd6b39 port: #4529 Update JwtTokenExtractor (#4531)
81e2d98 fix: #4509 [email protected] is still installing @azure/ms-rest-js@1.11....
7110e8a fix: #4490 Usage of a vulnerable package - Upgrade recognizers-text-number ...
06d7883 fix: Remove ms-rest package (#4523)
59e5d96 fix: remove ms-rest-azure package (#4521)
447c81c fix: Upgrading restify to fix error on Node version 18+ (#4515)
5b58d10 Replace Map with WeakMap to avoid memory leak (#4517)
85a22f3 fix: Replace chatdown package from botbuilder-core tests (#4516)
Additional commits viewable in compare view

Updates botkit from 4.8.1 to 4.15.0

Release notes

Sourced from botkit's releases.

v4.15.0

Update all package dependencies to latest

Fix issue with Slack verification requests (#2194)

Fix issue with Webex threaded messages (#2195)

v4.10.0

View Changelog

Changelog

Sourced from botkit's changelog.

4.15.0

Update dependencies to Bot Framework 4.15

Update various dev dependencies and external libraries

CHANGE: Correct from field to be user rather than bot with Slack button clicks. Thanks to @mdrichardson for the pull request.

4.10.0

Update dependencies to Bot Framework 4.10.1

Update some dev dependencies like lerna, eslint, etc.

NEW: Additional support for Microsoft Teams! Read all about it or see these new methods in action

Bot workers spawned from the default adapter now feature bot.teams which is an instance to the TeamsInfo helper class.

Botkit now includes an optional middleware TeamsInvokeMiddleware for handling "invoke" responses from Teams including task modules.

Botkit now includes https://github.com/howdyai/botkit/blob/main[https://github.com/howdyai/botkit/blob/mainbhttps://github.com/howdyai/botkit/blob/mainohttps://github.com/howdyai/botkit/blob/mainthttps://github.com/howdyai/botkit/blob/main.https://github.com/howdyai/botkit/blob/mainrhttps://github.com/howdyai/botkit/blob/mainehttps://github.com/howdyai/botkit/blob/mainphttps://github.com/howdyai/botkit/blob/mainlhttps://github.com/howdyai/botkit/blob/mainyhttps://github.com/howdyai/botkit/blob/mainWhttps://github.com/howdyai/botkit/blob/mainihttps://github.com/howdyai/botkit/blob/mainthttps://github.com/howdyai/botkit/blob/mainhhttps://github.com/howdyai/botkit/blob/mainThttps://github.com/howdyai/botkit/blob/mainahttps://github.com/howdyai/botkit/blob/mainshttps://github.com/howdyai/botkit/blob/mainkhttps://github.com/howdyai/botkit/blob/mainIhttps://github.com/howdyai/botkit/blob/mainnhttps://github.com/howdyai/botkit/blob/mainfhttps://github.com/howdyai/botkit/blob/mainohttps://github.com/howdyai/botkit/blob/main(https://github.com/howdyai/botkit/blob/main)https://github.com/howdyai/botkit/blob/main]https://github.com/howdyai/botkit/blob/main(https://github.com/howdyai/botkit/blob/mainphttps://github.com/howdyai/botkit/blob/mainahttps://github.com/howdyai/botkit/blob/mainchttps://github.com/howdyai/botkit/blob/mainkhttps://github.com/howdyai/botkit/blob/mainahttps://github.com/howdyai/botkit/blob/mainghttps://github.com/howdyai/botkit/blob/mainehttps://github.com/howdyai/botkit/blob/mainshttps://github.com/howdyai/botkit/blob/main/https://github.com/howdyai/botkit/blob/maindhttps://github.com/howdyai/botkit/blob/mainohttps://github.com/howdyai/botkit/blob/mainchttps://github.com/howdyai/botkit/blob/mainshttps://github.com/howdyai/botkit/blob/main/https://github.com/howdyai/botkit/blob/mainrhttps://github.com/howdyai/botkit/blob/mainehttps://github.com/howdyai/botkit/blob/mainfhttps://github.com/howdyai/botkit/blob/mainehttps://github.com/howdyai/botkit/blob/mainrhttps://github.com/howdyai/botkit/blob/mainehttps://github.com/howdyai/botkit/blob/mainnhttps://github.com/howdyai/botkit/blob/mainchttps://github.com/howdyai/botkit/blob/mainehttps://github.com/howdyai/botkit/blob/main/https://github.com/howdyai/botkit/blob/mainchttps://github.com/howdyai/botkit/blob/mainohttps://github.com/howdyai/botkit/blob/mainrhttps://github.com/howdyai/botkit/blob/mainehttps://github.com/howdyai/botkit/blob/main.https://github.com/howdyai/botkit/blob/mainmhttps://github.com/howdyai/botkit/blob/maindhttps://github.com/howdyai/botkit/blob/main#https://github.com/howdyai/botkit/blob/mainrhttps://github.com/howdyai/botkit/blob/mainehttps://github.com/howdyai/botkit/blob/mainphttps://github.com/howdyai/botkit/blob/mainlhttps://github.com/howdyai/botkit/blob/mainyhttps://github.com/howdyai/botkit/blob/mainWhttps://github.com/howdyai/botkit/blob/mainihttps://github.com/howdyai/botkit/blob/mainthttps://github.com/howdyai/botkit/blob/mainhhttps://github.com/howdyai/botkit/blob/mainThttps://github.com/howdyai/botkit/blob/mainahttps://github.com/howdyai/botkit/blob/mainshttps://github.com/howdyai/botkit/blob/mainkhttps://github.com/howdyai/botkit/blob/mainIhttps://github.com/howdyai/botkit/blob/mainnhttps://github.com/howdyai/botkit/blob/mainfhttps://github.com/howdyai/botkit/blob/mainohttps://github.com/howdyai/botkit/blob/main)https://github.com/howdyai/botkit/blob/main which can be used to respond to task module events. Read more about Task Modules

FIX: Adjust mechanism for handling templates in channelData to avoid data loss. Thanks @ashitikov for the pull request

FIX: Botkit will now spawn the appropriate botworker if a custom adapter is passed in. Thanks to @etiennellipse for reporting this issue!

4.9.0

Update dependencies to Bot Framework 4.9

Update some dev dependencies like lerna, mocha and nyc

FIX: Allow size limits to be adjusted on the Express json and urlencoded parsers. Fixes #1941

FIX: Allow bots to be spawned with null config. Thanks to @NxP4Code for this pull request

FIX: Fix dynamic text field type definition. Thanks to @etienneellipse for this pull request

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Removes [tough-cookie](https://github.com/salesforce/tough-cookie). It's no longer used after updating ancestor dependencies [tough-cookie](https://github.com/salesforce/tough-cookie), [botbuilder](https://github.com/Microsoft/botbuilder-js) and [botkit](https://github.com/howdyai/botkit). These dependencies need to be updated together. Removes `tough-cookie` Updates `botbuilder` from 4.11.1 to 4.20.1 - [Release notes](https://github.com/Microsoft/botbuilder-js/releases) - [Commits](microsoft/botbuilder-js@4.11.1...4.20.1) Updates `botkit` from 4.8.1 to 4.15.0 - [Release notes](https://github.com/howdyai/botkit/releases) - [Changelog](https://github.com/howdyai/botkit/blob/main/changelog.md) - [Commits](https://github.com/howdyai/botkit/commits/v4.15.0) --- updated-dependencies: - dependency-name: tough-cookie dependency-type: indirect - dependency-name: botbuilder dependency-type: indirect - dependency-name: botkit dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Sep 22, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump tough-cookie, botbuilder and botkit #23

Bump tough-cookie, botbuilder and botkit #23

dependabot bot commented on behalf of github Sep 22, 2023

Bump tough-cookie, botbuilder and botkit #23

Are you sure you want to change the base?

Bump tough-cookie, botbuilder and botkit #23

Conversation

dependabot bot commented on behalf of github Sep 22, 2023

Bot Framework JS SDK 4.20.1

What's Changed

New Contributors

Bot Framework for JS SDK 4.20.0

What's Changed

Teams

Other

v4.15.0

v4.10.0

4.15.0

4.10.0

4.9.0