Bump jsonwebtoken and botframework-webchat by dependabot[bot] · Pull Request #47 · tdurnford/BotFramework-Offline-MockBot

dependabot · 2022-12-22T12:29:13Z

Removes jsonwebtoken. It's no longer used after updating ancestor dependency botframework-webchat. These dependencies need to be updated together.

Removes jsonwebtoken

Updates botframework-webchat from 4.10.1 to 4.15.6

Release notes

Sourced from botframework-webchat's releases.

[4.15.6] - 2022-12-01

Subresource Integrity

The CDN URL will be online in about a day after we completed publish to NPM.
<script
  crossorigin="anonymous"
  integrity="sha384-BChMYgWOMDj3xBzl1hyoByer96YSj9RSbu55SgoyLhiGtCkcIPCTaMCfC81FdJra"
  src="https://cdn.botframework.com/botframework-webchat/4.15.6/webchat.js"
></script>
<script
crossorigin="anonymous"
integrity="sha384-Ik2jNknNTBCaI/NP3GRMfDCWKnApGSdYMcdA6EtEJkL1LtUZEdNdjeNkfZZk3UlS"
src="https://cdn.botframework.com/botframework-webchat/4.15.6/webchat-es5.js"
></script>
<script
crossorigin="anonymous"
integrity="sha384-PH82AmArERnsV9DCQozdeAUGwiuy/1cchDvHaQmgdS9+/qvWqX2lY3rwz7aPpCYN"
src="https://cdn.botframework.com/botframework-webchat/4.15.6/webchat-minimal.js"
></script>
Changelog

Fixed

Fixes #4501. Outgoing activities restored from chat service should be marked as sent, by @compulim in PR #4532

Changed

Fixes #4523. Bumped Microsoft Cognitive Services Speech SDK to microsoft-cognitiveservices-speech-sdk@1.17.0, by @compulim in PR #4533

Also bumped web-speech-cognitive-services@7.1.3

[4.15.5] - 2022-11-16

Subresource Integrity

The CDN URL will be online in about a day after we completed publish to NPM.
<script
  crossorigin="anonymous"
  integrity="sha384-yZ3Ugoikjn2nnqUATWlZR3e2PfDz/fopbI/J77anxs6pnoauHENVS3hObWSAOxmr"
  src="https://cdn.botframework.com/botframework-webchat/4.15.5/webchat.js"
></script>
<script
crossorigin="anonymous"
</tr></table>

... (truncated)

Changelog

Sourced from botframework-webchat's changelog.

[4.15.6] - 2022-12-01

Fixed

Fixes #4501. Outgoing activities restored from chat service should be marked as sent, by @compulim in PR #4532

Changed

Fixes #4523. Bumped Microsoft Cognitive Services Speech SDK to microsoft-cognitiveservices-speech-sdk@1.17.0, by @compulim in PR #4533

Also bumped web-speech-cognitive-services@7.1.3

[4.15.5] - 2022-11-16

Fixed

Card action image alt text should use imageAltText field and fallback to text field, by @compulim in PR #4333

Fixes #4472. Removed role attributes for notification bar and use <div> instead of <ul>/<li>, by @compulim in PR #4475

Fixes #4393. Renders <section role="feed"> only if there are one or more activities contained within, by @beyackle2 and @compulim, in PR #4420

Fixes #4473. Bumped strip-ansi@6.0.1 for test-harness as @^7 does not support CommonJS project, by @compulim in PR #4474

Fixes #4476. When focus on the keyboard help screen, it should focus on the close button, by @compulim in PR #4479

Fixes #4442. Change the keyboard help screen string "Leave message" to "Exit message", by @compulim in PR #4479

Changed

Bumped Adaptive Cards to adaptivecards@2.11.1, by @compulim in PR #4424

Bumped Microsoft Cognitive Services Speech SDK to microsoft-cognitiveservices-speech-sdk@1.23.0, by @compulim in PR #4435

Also bumped web-speech-cognitive-services@7.1.2

Bumped all dependencies to the latest versions, by @compulim in PR #4423 and #4435

Production dependencies

@babel/runtime@7.19.0

classnames@2.3.2

core-js@3.25.3

redux-saga@1.2.1

sanitize-html@2.7.2

Development dependencies

@babel/core@7.19.1

@babel/plugin-transform-runtime@7.19.1

@babel/plugin-transform-typescript@7.19.1

@babel/preset-env@7.19.1

@babel/runtime@7.19.0

@types/node@18.7.22

@types/react@18.0.21

@typescript-eslint/eslint-plugin@5.38.0

@typescript-eslint/parser@5.38.0

babel-jest@29.0.3

concurrently@7.4.0

core-js@3.25.3

dotenv@16.0.2

esbuild@0.15.9

eslint-plugin-react@7.31.8

... (truncated)

Commits

0af2437 4.15.6 (#4536)
bb78c59 Audit-fix dependencies (#4534)
ae47f35 Outgoing activities restored from chat service should be marked as sent (#4532)
42b07cc Debump Speech SDK to 1.17.0 (#4533)
6d71699 Localization checkin for WO76796 (#4526)
3ac3fca [HIGH] Bump to 4.15.6-0 and update servicing plan (#4524)
df55e01 Bump to 4.15.5 with audit-fix minimatch (#4521)
b544650 Focus on the close button of keyboard help screen (#4479)
4e87e38 Add 4.15.4 to servicing plan (#4437)
5ddd23e Bump strip-ansi (#4474)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
@dependabot use these labels will set the current labels as the default for future PRs for this repo and language
@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

Removes [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken). It's no longer used after updating ancestor dependency [botframework-webchat](https://github.com/microsoft/BotFramework-WebChat). These dependencies need to be updated together. Removes `jsonwebtoken` Updates `botframework-webchat` from 4.10.1 to 4.15.6 - [Release notes](https://github.com/microsoft/BotFramework-WebChat/releases) - [Changelog](https://github.com/microsoft/BotFramework-WebChat/blob/main/CHANGELOG.md) - [Commits](microsoft/BotFramework-WebChat@v4.10.1...v4.15.6) --- updated-dependencies: - dependency-name: jsonwebtoken dependency-type: indirect - dependency-name: botframework-webchat dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Dec 22, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump jsonwebtoken and botframework-webchat#47

Bump jsonwebtoken and botframework-webchat#47
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/jsonwebtoken-and-botframework-webchat--removed

dependabot bot commented on behalf of github Dec 22, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Dec 22, 2022

[4.15.6] - 2022-12-01

Subresource Integrity

Changelog

Fixed

Changed

[4.15.5] - 2022-11-16

Subresource Integrity

[4.15.6] - 2022-12-01

Fixed

Changed

[4.15.5] - 2022-11-16

Fixed

Changed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants