chore(release): version packages#710
Open
github-actions[bot] wants to merge 1 commit into
Open
Conversation
Contributor
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
e423109 to
649610d
Compare
649610d to
8380481
Compare
8380481 to
75d6af1
Compare
75d6af1 to
72dfd52
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.
Releases
@chat-adapter/teams@4.35.0
Minor Changes
Patch Changes
chat@4.35.0
Minor Changes
Patch Changes
isSystemfield to the normalized messageAuthortype to distinguish platform-generated messages from humans and bots. The Slack adapter now setsisSystem: truefor messages authored by Slack's reservedUSLACKuser (e.g. "@user archived the channel" notifications in DMs), so consumers no longer need to hard-code Slack-specific user IDs.@chat-adapter/discord@4.35.0
Patch Changes
@chat-adapter/gchat@4.35.0
Patch Changes
270b1c2: fix(gchat): accept
endpointUrlas a direct-webhook verifier and verify each token type correctlyWhen a Google Chat app's connection setting Authentication audience is set
to HTTP endpoint URL — Google's recommended option for HTTP-hosted apps
not behind Cloud Run IAM, and the only mode available for Workspace Add-on
Chat apps — incoming tokens are Google OIDC ID tokens whose
audis theendpoint URL rather than the GCP project number. Previously the adapter only
verified against
googleChatProjectNumber, so URL-audience tokens alwaysfailed with 401 Unauthorized. The adapter now accepts
endpointUrlas adirect-webhook verifier (including in the constructor's fail-closed check),
validating the OIDC token's audience plus the Google Chat issuer email claims
(
chat@system.gserviceaccount.com, or theservice-{projectNumber}@gcp-sa-gsuiteaddons.iam.gserviceaccount.comserviceidentity for Workspace Add-on Chat apps) with
email_verified: true— apublic endpoint URL audience alone is not sufficient to forge a request.
Project-number-audience tokens are now verified per Google's reference
implementation: they are JWTs self-signed by
chat@system.gserviceaccount.com, so the adapter checks them against thatservice account's X.509 certificates with issuer
chat@system.gserviceaccount.com(previously it usedverifyIdToken, whichonly accepts Google OIDC issuers and certs and therefore rejected every real
project-number token). When both verifiers are configured, either token type
is accepted.
The adapter still infers an endpoint URL from incoming requests for
button-click action routing only — that inferred value is never used as a
JWT verification audience, and inference now only happens after a request
has passed verification (or verification was explicitly disabled), because
request.urlderives from the attacker-controllableHostheader inserverless runtimes.
Updated dependencies [80def3a]
Updated dependencies [46681f5]
Updated dependencies [93a58af]
@chat-adapter/github@4.35.0
Patch Changes
@chat-adapter/linear@4.35.0
Patch Changes
@chat-adapter/messenger@4.35.0
Patch Changes
@chat-adapter/shared@4.35.0
Patch Changes
@chat-adapter/slack@4.35.0
Patch Changes
isSystemfield to the normalized messageAuthortype to distinguish platform-generated messages from humans and bots. The Slack adapter now setsisSystem: truefor messages authored by Slack's reservedUSLACKuser (e.g. "@user archived the channel" notifications in DMs), so consumers no longer need to hard-code Slack-specific user IDs.@chat-adapter/telegram@4.35.0
Patch Changes
isBotMentionedinstead of recompiling it per message, and make the protectedsleephelper accept an optionalAbortSignalsostopPolling()interrupts the polling backoff delay immediately.@chat-adapter/twilio@4.35.0
Patch Changes
@chat-adapter/web@4.35.0
Patch Changes
@chat-adapter/whatsapp@4.35.0
Patch Changes
@chat-adapter/x@4.35.0
Patch Changes
@chat-adapter/state-ioredis@4.35.0
Patch Changes
@chat-adapter/state-memory@4.35.0
Patch Changes
@chat-adapter/state-pg@4.35.0
Patch Changes
setIfNotExists()so it can claim a cache key whose existing row has expired. Previously the query usedON CONFLICT DO NOTHING, so an expired row inchat_state_cachestill blocked acquisition until opportunistic cleanup deleted it — diverging from the memory and Redis adapters, which treat expired entries as absent. Keys stored without a TTL remain permanent and are never overwritten.@chat-adapter/state-redis@4.35.0
Patch Changes
@chat-adapter/tests@4.35.0