Skip to content

chore(deps): update @slack/bolt requirement from ^4.7.1 to ^4.7.2 in /examples/socket-mode-oauth#2914

Merged
github-actions[bot] merged 1 commit intomainfrom
dependabot/npm_and_yarn/examples/socket-mode-oauth/slack/bolt-tw-4.7.2
May 4, 2026
Merged

chore(deps): update @slack/bolt requirement from ^4.7.1 to ^4.7.2 in /examples/socket-mode-oauth#2914
github-actions[bot] merged 1 commit intomainfrom
dependabot/npm_and_yarn/examples/socket-mode-oauth/slack/bolt-tw-4.7.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 1, 2026
edited
Loading

Updates the requirements on @slack/bolt to permit the latest version.

Changelog

Sourced from @​slack/bolt's changelog.

4.7.2

Patch Changes

  • 4545150: Require exact ssl_check=1 value to bypass signature verification, preventing truthy but incorrect values from skipping authentication checks.

4.7.1

Patch Changes

  • a18c359: fix: correct InvalidCustomPropertyError code and MemoryStore promise handling
Commits
  • 81b2b3e chore: release (#2901)
  • 4545150 fix: require exact ssl_check=1 value to bypass signature verification (#2899)
  • 8318ca5 chore(deps): bump @​slack/socket-mode from 2.0.6 to 2.0.7 (#2900)
  • e23efe8 fix: strip smuggled payload from ssl_check requests (#2898)
  • ad576a1 ci: upload codecov coverage from Node.js 24.x (#2896)
  • a5135ba ci: skip publish step if no release is needed (#2894)
  • a24cf85 ci: auto-approve dependabot PRs for example project dependencies (#2893)
  • e896807 chore(deps): update @​slack/bolt requirement from ^4.7.0 to ^4.7.1 in /example...
  • 7432ca0 chore(deps): update @​slack/bolt requirement from ^4.7.0 to ^4.7.1 in /example...
  • 7c61c15 chore(deps): update @​slack/bolt requirement from ^4.7.0 to ^4.7.1 in /example...
  • Additional commits viewable in compare view

@dependabot dependabot Bot added area:examples issues related to example or sample code dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 1, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 1, 2026 19:02
@dependabot dependabot Bot added area:examples issues related to example or sample code dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 1, 2026
@changeset-bot
Copy link
Copy Markdown

changeset-bot Bot commented May 1, 2026
edited
Loading

⚠️ No Changeset found

Latest commit: 19301cf

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@github-actions github-actions Bot enabled auto-merge (squash) May 1, 2026 19:02
@codecov
Copy link
Copy Markdown

codecov Bot commented May 1, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 94.39%. Comparing base (e9de9b5) to head (19301cf).
⚠️ Report is 3 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #2914   +/-   ##
=======================================
  Coverage   94.39%   94.39%           
=======================================
  Files          44       44           
  Lines        7861     7861           
  Branches      699      699           
=======================================
  Hits         7420     7420           
  Misses        435      435           
  Partials        6        6

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/examples/socket-mode-oauth/slack/bolt-tw-4.7.2 branch from e091b36 to e74e5a8 Compare May 1, 2026 20:56
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/examples/socket-mode-oauth/slack/bolt-tw-4.7.2 branch from e74e5a8 to 811ee6d Compare May 4, 2026 01:14
@zimeg
Copy link
Copy Markdown
Member

zimeg commented May 4, 2026

@dependabot recreate

@dependabot
chore(deps): update @slack/bolt requirement
19301cf 
Updates the requirements on [@slack/bolt](https://github.com/slackapi/bolt-js) to permit the latest version.
- [Release notes](https://github.com/slackapi/bolt-js/releases)
- [Changelog](https://github.com/slackapi/bolt-js/blob/main/CHANGELOG.md)
- [Commits](v4.7.1...v4.7.2)

---
updated-dependencies:
- dependency-name: "@slack/bolt"
  dependency-version: 4.7.2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/examples/socket-mode-oauth/slack/bolt-tw-4.7.2 branch from 811ee6d to 19301cf Compare May 4, 2026 01:27
@github-actions github-actions Bot merged commit 968e48b into main May 4, 2026
26 checks passed
@github-actions github-actions Bot deleted the dependabot/npm_and_yarn/examples/socket-mode-oauth/slack/bolt-tw-4.7.2 branch May 4, 2026 01:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

area:examples issues related to example or sample code dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@zimeg