[Snyk] Upgrade telegraf from 4.12.2 to 4.16.3

[tcotidiane33]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade telegraf from 4.12.2 to 4.16.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 14 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2024-02-29.

Release notes

Package name: telegraf

• 4.16.3 - 2024-02-29
  
  • Fix: bug with link_preview_options.url caused client to try sending it as media
  • Fix: add CommandContextExtn type to Composer::{start|help|settings} (adds ctx.command, payload, args)
• 4.16.2 - 2024-02-26
  

  Fixed Context::text: was undefined if entities was undefined. Thanks to @ AnotiaWang.

• 4.16.1 - 2024-02-25
  

  Fixed Context::from: now uses callbackQuery.from instead of msg.from

• 4.16.0 - 2024-02-25
  Read more
• 4.16.0-rc.2 - 2024-02-21
• 4.16.0-rc.1 - 2024-02-21
• 4.15.3 - 2023-12-03
  
  • Fix: unable to upload media
  • Fix: thumbnail is now respected in all APIs that accept it
• 4.15.2 - 2023-11-30
  

  EXPERIMENTAL_SESSION_CHECKS introduced in the last minor release had been reporting false positives. This has been fixed; it will now work as intended.

• 4.15.1 - 2023-11-29
  

  • 🔧 Fixed sendPhoto and friends irrecoverably erroring if passed an invalid path, such as a directory.

  • ⚠️ Set the env var EXPERIMENTAL_SESSION_CHECKS=1 to catch session bugs in your code.

    When this is enabled, Telegraf will throw errors if you access/assign to session after Telegraf thinks the middleware chain has exhausted. This can happen if you're missing awaits in async code, and session changes might not get persisted! Previously, these bugs were silently ignored until someone noticed their session was not saved. It's always safe to enable this feature. This behaviour may be default in v5.

• 4.15.0 - 2023-10-23
  

  This is a rather minor release.

  anyOf and allOf filter combinators

  v4.11.0 introduced support for type-guard filters in Composer::on, which allowed you to filter updates based on their content.

  This release adds two new combinators to the filter API: anyOf and allOf. This will play very nicely with custom filters. For example:

  import { anyOf, allOf } from "telegraf/filters";

  // must match all filters
  bot.on(allOf(message(), isGroup), ctx => {
  // ...
  });

  Deprecating hookPath

  The confusingly named hookPath in bot.launch webhook options is now deprecated. It will be removed in the next major release. You can start using path instead, today.

  ---

  Meanwhile, we're working on new modules to add to the Telegraf ecosystem. Look forward to them, and join discussions in the official Telegraf chat!

• 4.14.0 - 2023-09-22
  
  • ⬆️ Bot API 6.9 support
  • Added missing Markup.keyboard([]).persistent() method
• 4.13.1 - 2023-09-02
  
  • Fix README to mention API 6.8
• 4.13.0 - 2023-09-02
• 4.12.3-canary.1 - 2023-04-01
• 4.12.2 - 2023-03-09

from telegraf GitHub release notes

Commit messages

Package name: telegraf

• a0f65f4 fix: includesMedia fix was incorrect
• 0e3b59f ver: 4.16.3
• 6a1d6cf fix: add CommandContextExtn to start, help, settings
• b68b961 tempfix: except link_preview_options in includesMedia:
• e881fa6 ver: 4.16.2
• 7f2a081 fix: `Context::text` is undefined when message has only text but no entities (#1958)
• d180036 ver: 4.16.1
• 5bb62ee fix: use callbackQuery.from instead of msg.from
• 096dd01 merge: #1949 from telegraf/feat/api-7.0
• 9e1b5ad chore: add recent fix to release notes
• 3e2b5df fix: support thumbnail uploads
• f7df523 feat: ctx.match for Composer.command
• 728eec1 chore: expose session import and docs additions
• 5c06980 chore: fix misworded message
• 9757ff8 chore: missing awaits in release notes
• c374d33 chore: polish up secret message
• cdb0ea0 chore: add secret message to the end of 4.16.0 notes
• 9e5fe15 chore: add v4.16.0 release notes
• 5276339 feat: Context::text
• cb4650a feat: useNewReplies uses ctx.msgId instead of ctx.message.message_id
• 8a979f4 feat: add ctx.match for Composer.reaction
• 1bbede0 chore: expose CommandContextExtn in Convenience
• 5bce9a7 feat: Context::from includes updates that have `user` instead of `from`
• 97dc631 feat: Composer.reactions

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[netlify]

✅ Deploy Preview for ecopayci ready!

Name	Link
🔨 Latest commit	6861180
🔍 Latest deploy log	https://app.netlify.com/sites/ecopayci/deploys/661ef6521876c60008a37de5
😎 Deploy Preview	https://deploy-preview-3--ecopayci.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 86 Accessibility: 92 Best Practices: 100 SEO: 92 PWA: 80 View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify site configuration.