Name | Modified | Size | Downloads / Week |
---|---|---|---|
Parent folder | |||
Bot Framework JS SDK 4.23.0 source code.tar.gz | 2024-08-26 | 7.1 MB | |
Bot Framework JS SDK 4.23.0 source code.zip | 2024-08-26 | 8.8 MB | |
README.md | 2024-08-26 | 3.1 kB | |
Totals: 3 Items | 15.9 MB | 0 |
This is the August 2024 release of the Bot Framework JS SDK. This release contains Node 18 & 20 support, as well as security fixes.
NOTE Due to the update to the last Azure Identity and MSAL.Node packages, Node versions prior to Node 18 are no longer supported. This is because those packages don't support out-of-support Node versions.
What's Changed
-
bump: [#4550] Add Node 18 and 20 support by @sw-joelmut in https://github.com/microsoft/botbuilder-js/pull/4726
-
fix: Remove CVE-2022-3517 vulnerability by @JhontSouth in https://github.com/microsoft/botbuilder-js/pull/4699
- fix: Remove CVE-2022-25881 vulnerability by updating the http-cache-semantics package by @sw-joelmut in https://github.com/microsoft/botbuilder-js/pull/4703
- fix: Remove CVE-2020-8203 vulnerability in lodash.set by @andres-robinet-sw in https://github.com/microsoft/botbuilder-js/pull/4704
- fix: Remove CVE-2021-3807 vulnerability by @JhontSouth in https://github.com/microsoft/botbuilder-js/pull/4705
- fix: Remove CVE-2022-23539 vulnerability by updating the jsonwebtoken packages by @sw-joelmut in https://github.com/microsoft/botbuilder-js/pull/4706
- fix: Remove CVE-2022-3517 vulnerability with minimatch by @JhontSouth in https://github.com/microsoft/botbuilder-js/pull/4707
- bump: semver from 5.7.1 to 7.6.2 by @dependabot in https://github.com/microsoft/botbuilder-js/pull/4710
- bump: hosted-git-info from 2.8.8 to 2.8.9 by @dependabot in https://github.com/microsoft/botbuilder-js/pull/4711
- bump: elliptic from 6.5.3 to 6.5.5 by @dependabot in https://github.com/microsoft/botbuilder-js/pull/4712
- fix: Remove CVE-2020-28469 vulnerability by updating the glob-parent package by @sw-joelmut in https://github.com/microsoft/botbuilder-js/pull/4713
- fix: Remove remaining vulnerabilities by updating the hosted-git-info, tar, semver, ejs, elliptic packages by @sw-joelmut in https://github.com/microsoft/botbuilder-js/pull/4714
- fix: [#4684] Remove unnecessary resolutions by @sw-joelmut in https://github.com/microsoft/botbuilder-js/pull/4719
- fix: Remove undefined value in @azure/msal-node by @JhontSouth in https://github.com/microsoft/botbuilder-js/pull/4718
- bump: fast-xml-parser from 4.2.5 to 4.4.1 by @dependabot in https://github.com/microsoft/botbuilder-js/pull/4721
- port: [#6813][#6798] Not able to create instance of BlobsTranscriptStore using TokenCredential instead of connectionString and containerName by @JhontSouth in https://github.com/microsoft/botbuilder-js/pull/4720
- fix: Remove browser-echo-bot vulnerabilities by @JhontSouth in https://github.com/microsoft/botbuilder-js/pull/4717
- fix: CVE-2024-42460 vulnerability with elliptic by @JhontSouth in https://github.com/microsoft/botbuilder-js/pull/4729
- bump: axios from 1.7.2 to 1.7.4 by @dependabot in https://github.com/microsoft/botbuilder-js/pull/4730
- port: [#6793][#6792] Composer Bot with QnA Intent recognized triggers duplicate QnA queries by @JhontSouth in https://github.com/microsoft/botbuilder-js/pull/4700
Full Changelog: https://github.com/microsoft/botbuilder-js/compare/4.22.3...4.23.0