Skip to content

Commit 91d0978

Browse files
elastic-renovate-prod[bot]elastic-renovate-prod[bot]
authored
Update dependency @slack/webhook to ^7.0.6 (main) (#235635)
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [@slack/webhook](https://tools.slack.dev/node-slack-sdk/webhook) ([source](https://redirect.github.com/slackapi/node-slack-sdk)) | dependencies | patch | [`^7.0.1` -> `^7.0.6`](https://renovatebot.com/diffs/npm/@slack%2fwebhook/7.0.1/7.0.6) | --- ### Release Notes <details> <summary>slackapi/node-slack-sdk (@&#8203;slack/webhook)</summary> ### [`v7.0.6`](https://redirect.github.com/slackapi/node-slack-sdk/releases/tag/%40slack/webhook%407.0.6) [Compare Source](https://redirect.github.com/slackapi/node-slack-sdk/compare/@slack/webhook@7.0.5...@slack/webhook@7.0.6) #### What's Changed This release includes a security patch to internal dependencies. 🔏 ✨ ##### 📚 Documentation - docs: update links, copy edit, apply style guide in [#&#8203;2294](https://redirect.github.com/slackapi/node-slack-sdk/issues/2294) - Thanks [@&#8203;haleychaas](https://redirect.github.com/haleychaas)! - docs: autogenerated typedoc reference in [#&#8203;2308](https://redirect.github.com/slackapi/node-slack-sdk/issues/2308) - Thanks [@&#8203;lukegalbraithrussell](https://redirect.github.com/lukegalbraithrussell)! ##### 🤖 Dependencies - chore(deps): bump axios from ^1.8.3 to ^1.11.0 in [@&#8203;slack/webhook](https://redirect.github.com/slack/webhook) in [#&#8203;2335](https://redirect.github.com/slackapi/node-slack-sdk/issues/2335) - Thanks [@&#8203;mwbrooks](https://redirect.github.com/mwbrooks)! - chore(deps-dev): bump [@&#8203;biomejs/biome](https://redirect.github.com/biomejs/biome) to v2 for all packages in [#&#8203;2281](https://redirect.github.com/slackapi/node-slack-sdk/issues/2281) - Thanks [@&#8203;mwbrooks](https://redirect.github.com/mwbrooks)! - chore(deps-dev): bump mocha from 10.8.2 to 11.7.1 in /packages/webhook in the dev-mocha group in [#&#8203;2305](https://redirect.github.com/slackapi/node-slack-sdk/issues/2305) - Thanks [@&#8203;dependabot](https://redirect.github.com/dependabot)! - chore(deps-dev): bump nock from 13.5.6 to 14.0.6 in /packages/webhook in [#&#8203;2306](https://redirect.github.com/slackapi/node-slack-sdk/issues/2306) - Thanks [@&#8203;dependabot](https://redirect.github.com/dependabot)! - chore(deps-dev): bump typescript from 4.9.5 to 5.8.3 in /packages/webhook in [#&#8203;2309](https://redirect.github.com/slackapi/node-slack-sdk/issues/2309) - Thanks [@&#8203;dependabot](https://redirect.github.com/dependabot)! - chore(deps-dev): bump ts-node from 8.10.2 to 10.9.2 in /packages/webhook in [#&#8203;2310](https://redirect.github.com/slackapi/node-slack-sdk/issues/2310) - Thanks [@&#8203;dependabot](https://redirect.github.com/dependabot)! - chore(deps-dev): bump shx from 0.3.4 to 0.4.0 in /packages/webhook in [#&#8203;2311](https://redirect.github.com/slackapi/node-slack-sdk/issues/2311) - Thanks [@&#8203;dependabot](https://redirect.github.com/dependabot)! - chore(deps-dev): bump c8 from 9.1.0 to 10.1.3 in /packages/webhook in [#&#8203;2312](https://redirect.github.com/slackapi/node-slack-sdk/issues/2312) - Thanks [@&#8203;dependabot](https://redirect.github.com/dependabot)! ##### 🧰 Maintenance - test: upload individual test results to codecov to gather stats in [#&#8203;2178](https://redirect.github.com/slackapi/node-slack-sdk/issues/2178) - Thanks [@&#8203;zimeg](https://redirect.github.com/zimeg)! - chore(webhook): release [@&#8203;slack/webhook](https://redirect.github.com/slack/webhook)[@&#8203;7](https://redirect.github.com/7).0.6 in [#&#8203;2338](https://redirect.github.com/slackapi/node-slack-sdk/issues/2338) - Thanks [@&#8203;zimeg](https://redirect.github.com/zimeg)! **Package**: https://www.npmjs.com/package/@&#8203;slack/webhook/v/7.0.6 **Full Changelog**: https://github.com/slackapi/node-slack-sdk/compare/[@&#8203;slack/webhook](https://redirect.github.com/slack/webhook)[@&#8203;7](https://redirect.github.com/7).0.5...[@&#8203;slack/webhook](https://redirect.github.com/slack/webhook)[@&#8203;7](https://redirect.github.com/7).0.6 **Milestone**: https://github.com/slackapi/node-slack-sdk/milestone/140?closed=1 ### [`v7.0.5`](https://redirect.github.com/slackapi/node-slack-sdk/releases/tag/%40slack/webhook%407.0.5) [Compare Source](https://redirect.github.com/slackapi/node-slack-sdk/compare/@slack/webhook@7.0.4...@slack/webhook@7.0.5) #### What's Changed This patch release updates the `axios` dependency used to send webhooks with internal bug fixes. - fix(webhook): bump axios to 1.8.3 to address CVE-2025-27152 by [@&#8203;zimeg](https://redirect.github.com/zimeg) in [https://github.com/slackapi/node-slack-sdk/pull/2173](https://redirect.github.com/slackapi/node-slack-sdk/pull/2173) **Full Changelog**: https://github.com/slackapi/node-slack-sdk/compare/[@&#8203;slack/webhook](https://redirect.github.com/slack/webhook)[@&#8203;7](https://redirect.github.com/7).0.4..[@&#8203;slack/webhook](https://redirect.github.com/slack/webhook)[@&#8203;7](https://redirect.github.com/7).0.5 **Milestone**: https://github.com/slackapi/node-slack-sdk/milestone/130 ### [`v7.0.4`](https://redirect.github.com/slackapi/node-slack-sdk/releases/tag/%40slack/webhook%407.0.4) [Compare Source](https://redirect.github.com/slackapi/node-slack-sdk/compare/@slack/webhook@7.0.3...@slack/webhook@7.0.4) #### What's Changed - chore(deps): bump minimum axios version for web-api and webhook to avoid security vuln by [@&#8203;hello-ashleyintech](https://redirect.github.com/hello-ashleyintech) in [https://github.com/slackapi/node-slack-sdk/pull/2116](https://redirect.github.com/slackapi/node-slack-sdk/pull/2116) - ci: check for changes to lints separate from writing changes by [@&#8203;zimeg](https://redirect.github.com/zimeg) in [https://github.com/slackapi/node-slack-sdk/pull/2117](https://redirect.github.com/slackapi/node-slack-sdk/pull/2117) - chore: tsconfig skiplibcheck:true - dont typecheck dependency d.ts files [https://github.com/slackapi/node-slack-sdk/pull/1913](https://redirect.github.com/slackapi/node-slack-sdk/pull/1913) - thanks [@&#8203;filmaj](https://redirect.github.com/filmaj)! - chore: remove eslint, use biome instead in [https://github.com/slackapi/node-slack-sdk/pull/2006](https://redirect.github.com/slackapi/node-slack-sdk/pull/2006) - thanks [@&#8203;filmaj](https://redirect.github.com/filmaj)! - Release: [@&#8203;slack/webhook](https://redirect.github.com/slack/webhook)[@&#8203;7](https://redirect.github.com/7).0.4, [@&#8203;slack/web-api](https://redirect.github.com/slack/web-api)[@&#8203;7](https://redirect.github.com/7).8.0 by [@&#8203;hello-ashleyintech](https://redirect.github.com/hello-ashleyintech) in [https://github.com/slackapi/node-slack-sdk/pull/2118](https://redirect.github.com/slackapi/node-slack-sdk/pull/2118) **Full Changelog**: https://github.com/slackapi/node-slack-sdk/compare/[@&#8203;slack/cli-hooks](https://redirect.github.com/slack/cli-hooks)[@&#8203;1](https://redirect.github.com/1).1.2...[@&#8203;slack/webhook](https://redirect.github.com/slack/webhook)[@&#8203;7](https://redirect.github.com/7).0.4 ### [`v7.0.3`](https://redirect.github.com/slackapi/node-slack-sdk/releases/tag/%40slack/webhook%407.0.3) [Compare Source](https://redirect.github.com/slackapi/node-slack-sdk/compare/@slack/webhook@7.0.2...@slack/webhook@7.0.3) #### What's Changed This patch release bumps the minimum version of axios to 1.7.4 to address a CVE - see [Axios 1.7.4 release notes](https://redirect.github.com/axios/axios/releases/tag/v1.7.4) for more information. ##### Changelog - webhook(chore): bump axios to 1.7.4 to address CVE-2024-39338 - Thanks [@&#8203;zimeg](https://redirect.github.com/zimeg)! [https://github.com/slackapi/node-slack-sdk/pull/1879](https://redirect.github.com/slackapi/node-slack-sdk/pull/1879) **Full Changelog**: https://github.com/slackapi/node-slack-sdk/compare/[@&#8203;slack/web-api](https://redirect.github.com/slack/web-api)[@&#8203;7](https://redirect.github.com/7).0.2...[@&#8203;slack/webhook](https://redirect.github.com/slack/webhook)[@&#8203;7](https://redirect.github.com/7).0.3 ### [`v7.0.2`](https://redirect.github.com/slackapi/node-slack-sdk/releases/tag/%40slack/webhook%407.0.2) [Compare Source](https://redirect.github.com/slackapi/node-slack-sdk/compare/@slack/webhook@7.0.1...@slack/webhook@7.0.2) Bumps axios to 1.6.3 to address a security vulnerability. </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xMDcuMCIsInVwZGF0ZWRJblZlciI6IjM5LjEwNy4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJiYWNrcG9ydDphbGwtb3BlbiIsInJlbGVhc2Vfbm90ZTpza2lwIl19--> Co-authored-by: elastic-renovate-prod[bot] <174716857+elastic-renovate-prod[bot]@users.noreply.github.com>
1 parent 9dfc4eb commit 91d0978

File tree

2 files changed

+7
-7
lines changed

2 files changed

+7
-7
lines changed

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1172,7 +1172,7 @@
11721172
"@opentelemetry/otlp-exporter-base": "^0.203.0",
11731173
"@opentelemetry/semantic-conventions": "^1.37.0",
11741174
"@reduxjs/toolkit": "1.9.7",
1175-
"@slack/webhook": "^7.0.1",
1175+
"@slack/webhook": "^7.0.6",
11761176
"@smithy/eventstream-codec": "^4.0.1",
11771177
"@smithy/eventstream-serde-node": "^4.0.1",
11781178
"@smithy/middleware-stack": "^4.0.1",

yarn.lock

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -11048,14 +11048,14 @@
1104811048
resolved "https://registry.yarnpkg.com/@slack/types/-/types-2.11.0.tgz#948c556081c3db977dfa8433490cc2ff41f47203"
1104911049
integrity sha512-UlIrDWvuLaDly3QZhCPnwUSI/KYmV1N9LyhuH6EDKCRS1HWZhyTG3Ja46T3D0rYfqdltKYFXbJSSRPwZpwO0cQ==
1105011050

11051-
"@slack/webhook@^7.0.1":
11052-
version "7.0.1"
11053-
resolved "https://registry.yarnpkg.com/@slack/webhook/-/webhook-7.0.1.tgz#91d939af249d50ea978a960a52b9f92bb7d2bdda"
11054-
integrity sha512-0Uj/GQ1H8nmeAVEx+7zcWb6/q/zsSOrlIaGi6zFnwgMSxjmV6xGsVwv8w6DaAdkUbtqa43v1cirWjySeZaCOIA==
11051+
"@slack/webhook@^7.0.6":
11052+
version "7.0.6"
11053+
resolved "https://registry.yarnpkg.com/@slack/webhook/-/webhook-7.0.6.tgz#558dbd00e6400be0e339312a44b8104bf88884a4"
11054+
integrity sha512-RvNCcOjNbzl5uQ2TZsbTJ+A+5ptoWMwnyd/W4lKzeXFToIwebeaZiuntcP0usmhZHj1LH9H1T9WN6Bt1B/DLyg==
1105511055
dependencies:
1105611056
"@slack/types" "^2.9.0"
1105711057
"@types/node" ">=18.0.0"
11058-
axios "^1.6.0"
11058+
axios "^1.11.0"
1105911059

1106011060
"@smithy/abort-controller@^4.0.4":
1106111061
version "4.0.4"
@@ -15142,7 +15142,7 @@ axe-core@^4.2.0, axe-core@^4.6.2:
1514215142
resolved "https://registry.yarnpkg.com/axe-core/-/axe-core-4.7.2.tgz#040a7342b20765cb18bb50b628394c21bccc17a0"
1514315143
integrity sha512-zIURGIS1E1Q4pcrMjp+nnEh+16G56eG/MUllJH8yEvw7asDo7Ac9uhC9KIH5jzpITueEZolfYglnCGIuSBz39g==
1514415144

15145-
axios@^1.12.0, axios@^1.6.0, axios@^1.7.4, axios@^1.8.2:
15145+
axios@^1.11.0, axios@^1.12.0, axios@^1.7.4, axios@^1.8.2:
1514615146
version "1.12.1"
1514715147
resolved "https://registry.yarnpkg.com/axios/-/axios-1.12.1.tgz#0747b39c5b615f81f93f2c138e6d82a71426937f"
1514815148
integrity sha512-Kn4kbSXpkFHCGE6rBFNwIv0GQs4AvDT80jlveJDKFxjbTYMUeB4QtsdPCv6H8Cm19Je7IU6VFtRl2zWZI0rudQ==

0 commit comments

Comments
 (0)