Skip to content

chore(deps): update @slack/bolt requirement from ^4.7.2 to ^4.7.3 in /examples/getting-started-typescript#2955

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/examples/getting-started-typescript/slack/bolt-tw-4.7.3
Open

chore(deps): update @slack/bolt requirement from ^4.7.2 to ^4.7.3 in /examples/getting-started-typescript#2955
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/examples/getting-started-typescript/slack/bolt-tw-4.7.3

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 29, 2026
edited
Loading

Updates the requirements on @slack/bolt to permit the latest version.

Changelog

Sourced from @​slack/bolt's changelog.

4.7.3

Patch Changes

  • 341b60e: Reject empty signingSecret at initialization to prevent accidental HMAC signature forgery.

4.7.2

Patch Changes

  • 4545150: Require exact ssl_check=1 value to bypass signature verification, preventing truthy but incorrect values from skipping authentication checks.

4.7.1

Patch Changes

  • a18c359: fix: correct InvalidCustomPropertyError code and MemoryStore promise handling
Commits
  • 97bfd71 chore: release (#2947)
  • 341b60e fix: reject empty signingSecret to prevent involuntary signature bypass (#2946)
  • 6779cf7 chore(deps): bump qs from 6.14.2 to 6.15.2 in /examples/custom-receiver (#2943)
  • 834e3e0 chore(deps): bump ws from 8.20.0 to 8.20.1 in /examples/custom-receiver (#2942)
  • 1ed7854 chore(deps): bump koa and @​types/koa in /examples/custom-receiver (#2941)
  • ba4deb6 chore(deps-dev): update serverless requirement from ^4.35.1 to ^4.36.1 in /ex...
  • 8a2e936 chore(deps-dev): update serverless-offline requirement from ^14.5.0 to ^14.6....
  • 2cb9482 chore(deps-dev): bump @​types/node from 24.12.3 to 24.12.4 in /examples/custom...
  • 752f2e2 chore(deps): bump @​slack/web-api from 7.15.2 to 7.16.0 (#2933)
  • be24571 chore: update biome configurations and applied settings (#2931)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added area:examples issues related to example or sample code dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 29, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 29, 2026 18:58
@dependabot dependabot Bot added area:examples issues related to example or sample code dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 29, 2026
@changeset-bot
Copy link
Copy Markdown

changeset-bot Bot commented May 29, 2026

⚠️ No Changeset found

Latest commit: 5e6f5a4

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@github-actions github-actions Bot enabled auto-merge (squash) May 29, 2026 18:58
@codecov
Copy link
Copy Markdown

codecov Bot commented May 29, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 94.47%. Comparing base (5e726c8) to head (5cf2c93).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #2955   +/-   ##
=======================================
  Coverage   94.47%   94.47%           
=======================================
  Files          45       45           
  Lines        7885     7885           
  Branches      708      708           
=======================================
  Hits         7449     7449           
  Misses        428      428           
  Partials        8        8

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@dependabot
chore(deps): update @slack/bolt requirement
5cf2c93 
Updates the requirements on [@slack/bolt](https://github.com/slackapi/bolt-js) to permit the latest version.
- [Release notes](https://github.com/slackapi/bolt-js/releases)
- [Changelog](https://github.com/slackapi/bolt-js/blob/main/CHANGELOG.md)
- [Commits](v4.7.2...v4.7.3)

---
updated-dependencies:
- dependency-name: "@slack/bolt"
  dependency-version: 4.7.3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/examples/getting-started-typescript/slack/bolt-tw-4.7.3 branch from 5e6f5a4 to 5cf2c93 Compare May 29, 2026 19:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

area:examples issues related to example or sample code dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants