Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[JS] bump: (deps): Bump the production group in /js with 7 updates #1215

Merged
merged 2 commits into from
Jan 29, 2024
Merged

[JS] bump: (deps): Bump the production group in /js with 7 updates #1215

merged 2 commits into from
Jan 29, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 29, 2024
edited by aacebo
Loading

#minor

Bumps the production group in /js with 7 updates:

Package From To
@azure/msal-node 2.6.1 2.6.2
axios 1.6.5 1.6.7
botbuilder 4.21.4 4.22.1
botbuilder-dialogs 4.21.4 4.22.1
openai 4.25.0 4.26.0
dotenv 16.3.2 16.4.1
botbuilder-azure-blobs 4.21.4 4.22.1

Updates @azure/msal-node from 2.6.1 to 2.6.2

Release notes

Sourced from @​azure/msal-node's releases.

@​azure/msal-node v2.6.2

2.6.2

Tue, 23 Jan 2024 00:06:05 GMT

Patches

  • Fix bug affecting metadata resolution for tenanted authorities ([email protected])
  • Bump @​azure/msal-common to v14.6.1 (beachball)
Commits

Updates axios from 1.6.5 to 1.6.7

Release notes

Sourced from axios's releases.

Release v1.6.7

Release notes:

Bug Fixes

  • capture async stack only for rejections with native error objects; (#6203) (1a08f90)

Contributors to this release

Release v1.6.6

Release notes:

Bug Fixes

  • fixed missed dispatchBeforeRedirect argument (#5778) (a1938ff)
  • wrap errors to improve async stack trace (#5987) (123f354)

Contributors to this release

Changelog

Sourced from axios's changelog.

1.6.7 (2024-01-25)

Bug Fixes

  • capture async stack only for rejections with native error objects; (#6203) (1a08f90)

Contributors to this release

1.6.6 (2024-01-24)

Bug Fixes

  • fixed missed dispatchBeforeRedirect argument (#5778) (a1938ff)
  • wrap errors to improve async stack trace (#5987) (123f354)

Contributors to this release

Commits

Updates botbuilder from 4.21.4 to 4.22.1

Release notes

Sourced from botbuilder's releases.

Bot Framework JS SDK 4.22.0

This is the January 2024 4.22.0 release for the JS SDK. This contains a security fixes, Sharepoint support, and ASE improvements.

What's Changed

Proxy notes

The introduction of MSAL in 4.21.0 encountered an issue when used behind a proxy. This version adds an additional way to specify proxy settings. This does require a change to the bot startup code if required.

image

See this issue for details, and if additional discussion is required: microsoft/botbuilder-js#4544

Commits
  • 581156b use npm to run postinstall scripts (#4611)
  • f09c538 fix: #4582 UserAssignedIdentity(WorkloadIdentity) auth fails with 'scope ht...
  • e9c44b9 fix: Remove old @​microsoft/recognizers-text-number version with postinstall s...
  • a0bd4bd feat: Add isVisible property to AceData (#4606)
  • 1f74561 fix: #4544 JwtTokenExtractor.getIdentity:err! FetchError: request to https:...
  • f597523 fix: add content type header (#4587)
  • 18edf17 update mocha package to avoid vulnerability with nanoid (#4603)
  • 21e7caa feat: Add ASE channel validation. (#4589)
  • aa83fbe fix: USGovSingleTenant OAuthEndpoint (#4588)
  • See full diff in compare view

Updates botbuilder-dialogs from 4.21.4 to 4.22.1

Release notes

Sourced from botbuilder-dialogs's releases.

Bot Framework JS SDK 4.22.0

This is the January 2024 4.22.0 release for the JS SDK. This contains a security fixes, Sharepoint support, and ASE improvements.

What's Changed

Proxy notes

The introduction of MSAL in 4.21.0 encountered an issue when used behind a proxy. This version adds an additional way to specify proxy settings. This does require a change to the bot startup code if required.

image

See this issue for details, and if additional discussion is required: microsoft/botbuilder-js#4544

Commits
  • 581156b use npm to run postinstall scripts (#4611)
  • f09c538 fix: #4582 UserAssignedIdentity(WorkloadIdentity) auth fails with 'scope ht...
  • e9c44b9 fix: Remove old @​microsoft/recognizers-text-number version with postinstall s...
  • a0bd4bd feat: Add isVisible property to AceData (#4606)
  • 1f74561 fix: #4544 JwtTokenExtractor.getIdentity:err! FetchError: request to https:...
  • f597523 fix: add content type header (#4587)
  • 18edf17 update mocha package to avoid vulnerability with nanoid (#4603)
  • 21e7caa feat: Add ASE channel validation. (#4589)
  • aa83fbe fix: USGovSingleTenant OAuthEndpoint (#4588)
  • See full diff in compare view

Updates openai from 4.25.0 to 4.26.0

Release notes

Sourced from openai's releases.

v4.26.0

4.26.0 (2024-01-25)

Full Changelog: v4.25.0...v4.26.0

Features

  • api: add text embeddings dimensions param (#650) (1b5a977)

Chores

  • internal: add internal helpers & improve build scripts (#643) (9392f50)
  • internal: adjust ecosystem-tests logging in CI (#646) (156084b)
  • internal: don't re-export streaming type (#648) (4c4be94)
  • internal: fix binary files (#645) (e1fbc39)
  • internal: minor streaming updates (#647) (2f073e4)
  • internal: pin deno version (#649) (7e4b903)
Changelog

Sourced from openai's changelog.

4.26.0 (2024-01-25)

Full Changelog: v4.25.0...v4.26.0

Features

  • api: add text embeddings dimensions param (#650) (1b5a977)

Chores

  • internal: add internal helpers & improve build scripts (#643) (9392f50)
  • internal: adjust ecosystem-tests logging in CI (#646) (156084b)
  • internal: don't re-export streaming type (#648) (4c4be94)
  • internal: fix binary files (#645) (e1fbc39)
  • internal: minor streaming updates (#647) (2f073e4)
  • internal: pin deno version (#649) (7e4b903)
Commits
  • c9bb4ed release: 4.26.0
  • 413df77 feat(api): add text embeddings dimensions param (#650)
  • 5ac7cb7 chore(internal): pin deno version (#649)
  • 09b3cd4 chore(internal): don't re-export streaming type (#648)
  • 8d9eeeb chore(internal): minor streaming updates (#647)
  • fff5046 chore(internal): adjust ecosystem-tests logging in CI (#646)
  • ca5887d chore(internal): fix binary files (#645)
  • d3fa4ec chore(internal): add internal helpers & improve build scripts (#643)
  • See full diff in compare view

Updates dotenv from 16.3.2 to 16.4.1

Changelog

Sourced from dotenv's changelog.

16.4.1 (2024-01-24)

  • Patch support for array as path option #797

16.4.0 (2024-01-23)

  • Add error.code to error messages around .env.vault decryption handling #795
  • Add ability to find .env.vault file when filename(s) passed as an array #784
Commits
  • e251ee2 16.4.1
  • a7fee29 update CHANGELOG 🪵
  • 579d136 update README
  • 7ea2f81 Merge pull request #798 from motdotla/fix-tests
  • 6b829d2 demonstrate currently failing (pending) test. multiple env files should merge
  • 3e2284b largely remove mocking from tests except where useful
  • 2039c4e wip: fix tests
  • 48a6ade Merge pull request #797 from tran-simon/master
  • cfd735d fix: support array for path option
  • a44cb3d update README
  • Additional commits viewable in compare view

Updates botbuilder-azure-blobs from 4.21.4 to 4.22.1

Release notes

Sourced from botbuilder-azure-blobs's releases.

Bot Framework JS SDK 4.22.0

This is the January 2024 4.22.0 release for the JS SDK. This contains a security fixes, Sharepoint support, and ASE improvements.

What's Changed

Proxy notes

The introduction of MSAL in 4.21.0 encountered an issue when used behind a proxy. This version adds an additional way to specify proxy settings. This does require a change to the bot startup code if required.

image

See this issue for details, and if additional discussion is required: microsoft/botbuilder-js#4544

Commits
  • 581156b use npm to run postinstall scripts (#4611)
  • f09c538 fix: #4582 UserAssignedIdentity(WorkloadIdentity) auth fails with 'scope ht...
  • e9c44b9 fix: Remove old @​microsoft/recognizers-text-number version with postinstall s...
  • a0bd4bd feat: Add isVisible property to AceData (#4606)
  • 1f74561 fix: #4544 JwtTokenExtractor.getIdentity:err! FetchError: request to https:...
  • f597523 fix: add content type header (#4587)
  • 18edf17 update mocha package to avoid vulnerability with nanoid (#4603)
  • 21e7caa feat: Add ASE channel validation. (#4589)
  • aa83fbe fix: USGovSingleTenant OAuthEndpoint (#4588)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
[JS] bump: (deps): Bump the production group in /js with 7 updates
66e0a3b 
Bumps the production group in /js with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [@azure/msal-node](https://github.com/AzureAD/microsoft-authentication-library-for-js) | `2.6.1` | `2.6.2` |
| [axios](https://github.com/axios/axios) | `1.6.5` | `1.6.7` |
| [botbuilder](https://github.com/Microsoft/botbuilder-js) | `4.21.4` | `4.22.1` |
| [botbuilder-dialogs](https://github.com/Microsoft/botbuilder-js) | `4.21.4` | `4.22.1` |
| [openai](https://github.com/openai/openai-node) | `4.25.0` | `4.26.0` |
| [dotenv](https://github.com/motdotla/dotenv) | `16.3.2` | `16.4.1` |
| [botbuilder-azure-blobs](https://github.com/Microsoft/botbuilder-js) | `4.21.4` | `4.22.1` |


Updates `@azure/msal-node` from 2.6.1 to 2.6.2
- [Release notes](https://github.com/AzureAD/microsoft-authentication-library-for-js/releases)
- [Commits](AzureAD/microsoft-authentication-library-for-js@msal-node-v2.6.1...msal-node-v2.6.2)

Updates `axios` from 1.6.5 to 1.6.7
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](axios/axios@v1.6.5...v1.6.7)

Updates `botbuilder` from 4.21.4 to 4.22.1
- [Release notes](https://github.com/Microsoft/botbuilder-js/releases)
- [Commits](microsoft/botbuilder-js@4.21.4...4.22.1)

Updates `botbuilder-dialogs` from 4.21.4 to 4.22.1
- [Release notes](https://github.com/Microsoft/botbuilder-js/releases)
- [Commits](microsoft/botbuilder-js@4.21.4...4.22.1)

Updates `openai` from 4.25.0 to 4.26.0
- [Release notes](https://github.com/openai/openai-node/releases)
- [Changelog](https://github.com/openai/openai-node/blob/master/CHANGELOG.md)
- [Commits](openai/openai-node@v4.25.0...v4.26.0)

Updates `dotenv` from 16.3.2 to 16.4.1
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v16.3.2...v16.4.1)

Updates `botbuilder-azure-blobs` from 4.21.4 to 4.22.1
- [Release notes](https://github.com/Microsoft/botbuilder-js/releases)
- [Commits](microsoft/botbuilder-js@4.21.4...4.22.1)

---
updated-dependencies:
- dependency-name: "@azure/msal-node"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: botbuilder
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: botbuilder-dialogs
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: openai
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: dotenv
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: botbuilder-azure-blobs
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jan 29, 2024
@dependabot dependabot bot requested a review from singhk97 as a code owner January 29, 2024 19:56
@dependabot dependabot bot added the JS Change/fix applies to JS. If all three, use the 'JS & dotnet & Python' label label Jan 29, 2024
@dependabot dependabot bot requested a review from a team January 29, 2024 19:56
@aacebo aacebo merged commit ec2f672 into main Jan 29, 2024
14 checks passed
@aacebo aacebo deleted the dependabot/npm_and_yarn/js/production-0ce015f961 branch January 29, 2024 20:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aacebo aacebo aacebo approved these changes

@corinagum corinagum Awaiting requested review from corinagum corinagum is a code owner

@lilyydu lilyydu Awaiting requested review from lilyydu lilyydu is a code owner

@singhk97 singhk97 Awaiting requested review from singhk97 singhk97 is a code owner

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file JS Change/fix applies to JS. If all three, use the 'JS & dotnet & Python' label
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@aacebo