Skip to content

[JS] bump: (deps): Bump the production group across 1 directory with 5 updates #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

[JS] bump: (deps): Bump the production group across 1 directory with 5 updates #6

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 21, 2025
edited
Loading

Bumps the production group with 5 updates in the /js directory:

Package From To
openai 4.77.4 4.95.1
dotenv 16.4.7 16.5.0
@microsoft/teams-js 2.35.0 2.36.0
vectra 0.9.0 0.10.0
@azure/identity 4.8.0 4.9.0

Updates openai from 4.77.4 to 4.95.1

Release notes

Sourced from openai's releases.

v4.95.1

4.95.1 (2025-04-18)

Full Changelog: v4.95.0...v4.95.1

Bug Fixes

v4.95.0

4.95.0 (2025-04-16)

Full Changelog: v4.94.0...v4.95.0

Features

  • api: add o3 and o4-mini model IDs (4845cd9)

v4.94.0

4.94.0 (2025-04-14)

Full Changelog: v4.93.0...v4.94.0

Features

  • api: adding gpt-4.1 family of model IDs (bddcbcf)
  • api: manual updates (7532f48)

Chores

  • client: minor internal fixes (d342f17)
  • internal: reduce CI branch coverage (a49b94a)
  • internal: upload builds and expand CI branch coverage (#1460) (7e23bb4)
  • workaround build errors (913eba8)

v4.93.0

4.93.0 (2025-04-08)

Full Changelog: v4.92.1...v4.93.0

Features

Chores

... (truncated)

Changelog

Sourced from openai's changelog.

4.95.1 (2025-04-18)

Full Changelog: v4.95.0...v4.95.1

Bug Fixes

4.95.0 (2025-04-16)

Full Changelog: v4.94.0...v4.95.0

Features

  • api: add o3 and o4-mini model IDs (4845cd9)

4.94.0 (2025-04-14)

Full Changelog: v4.93.0...v4.94.0

Features

  • api: adding gpt-4.1 family of model IDs (bddcbcf)
  • api: manual updates (7532f48)

Chores

  • client: minor internal fixes (d342f17)
  • internal: reduce CI branch coverage (a49b94a)
  • internal: upload builds and expand CI branch coverage (#1460) (7e23bb4)
  • workaround build errors (913eba8)

4.93.0 (2025-04-08)

Full Changelog: v4.92.1...v4.93.0

Features

Chores

4.92.1 (2025-04-07)

... (truncated)

Commits
  • 2785c11 release: 4.95.1
  • aea2d12 fix(zod): warn on optional field usage (#1469)
  • b5a5ee4 release: 4.95.0
  • a0d0000 feat(api): add o3 and o4-mini model IDs
  • bd50165 release: 4.94.0
  • 840e7de feat(api): adding gpt-4.1 family of model IDs
  • 6558b7c chore(client): minor internal fixes
  • 77fc77f chore(internal): reduce CI branch coverage
  • 2d45287 chore(internal): upload builds and expand CI branch coverage (#1460)
  • d6b396b chore: workaround build errors
  • Additional commits viewable in compare view

Updates dotenv from 16.4.7 to 16.5.0

Changelog

Sourced from dotenv's changelog.

16.5.0 (2025-04-07)

Added

  • 🎉 Added new sponsor Graphite - the AI developer productivity platform helping teams on GitHub ship higher quality software, faster.

[!TIP] Become a sponsor

The dotenvx README is viewed thousands of times DAILY on GitHub and NPM. Sponsoring dotenv is a great way to get in front of developers and give back to the developer community at the same time.

Changed

  • Remove _log method. Use _debug #862
Commits

Updates @microsoft/teams-js from 2.35.0 to 2.36.0

Release notes

Sourced from @​microsoft/teams-js's releases.

v2.36.0

Minor changes

  • Added canParentManageNAATrustedOrigins capability to check if the parent can manage its list of trusted child origins for Nested App Auth (NAA). The capability is still awaiting support in one or most host applications. To track availability of this capability across different hosts see https://aka.ms/capmatrix
  • Added getParentOrigin API to read the parent origin for nested app auth
  • Added support for ExternalAppCardActionsForDA capability.
  • Added support for isDeeplyNestedAuthSupported to check if deeply nested auth is supported.
  • Added manageNAATrustedOrigins capability which allows the top-level parent app to register its child app's origin as trusted for nested app auth. The capability is still awaiting support in one or most host applications. To track availability of this capability across different hosts see https://aka.ms/capmatrix
  • Added standalone nested app auth bridge for nested child app
  • Removed child messaging proxying by default to avoid security issues. If an app still needs this pattern, it can be activated through the feature flag function activateChildProxyingCommunication which enables child proxying for that app.
  • Bump eslint-plugin-recommend-no-namespaces to v0.1.0

Patches

  • Set a unique Teams-JS instance id when Teams-JS library is used and appended this unique id to message request sent to host sdk.
  • Disabled default nested app auth bridge injection for nested child app
  • Added apiVersion tag in NAA request and removed isNAAChannelRecommended check in isDeeplyNestedAuthSupported api
Changelog

Sourced from @​microsoft/teams-js's changelog.

2.36.0

Tue, 01 Apr 2025 18:17:07 GMT

Minor changes

  • Added canParentManageNAATrustedOrigins capability to check if the parent can manage its list of trusted child origins for Nested App Auth (NAA). The capability is still awaiting support in one or most host applications. To track availability of this capability across different hosts see https://aka.ms/capmatrix
  • Added getParentOrigin API to read the parent origin for nested app auth
  • Added support for ExternalAppCardActionsForDA capability.
  • Added support for isDeeplyNestedAuthSupported to check if deeply nested auth is supported.
  • Added manageNAATrustedOrigins capability which allows the top-level parent app to register its child app's origin as trusted for nested app auth. The capability is still awaiting support in one or most host applications. To track availability of this capability across different hosts see https://aka.ms/capmatrix
  • Added standalone nested app auth bridge for nested child app
  • Removed child messaging proxying by default to avoid security issues. If an app still needs this pattern, it can be activated through the feature flag function activateChildProxyingCommunication which enables child proxying for that app.
  • Bump eslint-plugin-recommend-no-namespaces to v0.1.0

Patches

  • Set a unique Teams-JS instance id when Teams-JS library is used and appended this unique id to message request sent to host sdk.
  • Disabled default nested app auth bridge injection for nested child app
  • Added apiVersion tag in NAA request and removed isNAAChannelRecommended check in isDeeplyNestedAuthSupported api
Commits
  • 8b42b7d Setting up for release 2.36.0 (#2771)
  • 7b11048 Setting up for release 2.35.0 (#2748) (#2765)
  • e63a266 Added apiVersion tag in NAA request and removed isNAAChannelRecommended c...
  • 7db8f73 TJS unique bundle id (#2758)
  • 82dcb40 Add support for manageNAATrustedOrigins API (#2768)
  • 875f8f7 Standalone NAA(Nested App Auth) bridge for nested child app (#2750)
  • 0fe84ba Add canParentManageNAATrustedOrigins capability to check if the parent can...
  • 677cd33 Added support for isDeeplyNestedAuthSupported to check if deeply nested aut...
  • 558a98c Disable default nested app auth bridge injection for nested child app (#2762)
  • 6ba186c Added getParentOrigin API to read the parent origin for nested app auth (#2...
  • Additional commits viewable in compare view

Updates vectra from 0.9.0 to 0.10.0

Release notes

Sourced from vectra's releases.

v0.10.0

https://www.npmjs.com/package/vectra

What's Changed

New Contributors

Full Changelog: https://github.com/Stevenic/vectra/commits/v0.10.0

Commits

Updates @azure/identity from 4.8.0 to 4.9.0

Commits
  • 36bfcb0 [Monitor OpenTelemetry Exporter] Add Synthetic Source Support in the Exporter...
  • ddc6430 [Identity] Prepare release April (#33873)
  • e79cd6b Sync eng/common directory with azure-sdk-tools for PR 10314 (#33854)
  • 9f5ab3f Generating javascript SDk for API version 2024-12-09preview (#33620)
  • 5471724 [Monitor OpenTelemetry Exporter] Update Statsbeat to Count Success Upon Parti...
  • c502ad2 [Monitor OpenTelemetry][Monitor OpenTelemetry Exporter] Hide iKey in Debug Lo...
  • 0e6c400 [Eng Sys] add pool to integration job (#33845)
  • 44f769e [Identity] bundling for cloudflare environment (#32422)
  • 0edab47 Add Unified Messaging for private preview (#33767)
  • 07a14f8 Sync eng/common directory with azure-sdk-tools for PR 10293 (#33810)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
[JS] bump: (deps): Bump the production group across 1 directory with …
a418f2c 
…5 updates

Bumps the production group with 5 updates in the /js directory:

| Package | From | To |
| --- | --- | --- |
| [openai](https://github.com/openai/openai-node) | `4.77.4` | `4.95.1` |
| [dotenv](https://github.com/motdotla/dotenv) | `16.4.7` | `16.5.0` |
| [@microsoft/teams-js](https://github.com/OfficeDev/microsoft-teams-library-js/tree/HEAD/packages/teams-js) | `2.35.0` | `2.36.0` |
| [vectra](https://github.com/Stevenic/vectra) | `0.9.0` | `0.10.0` |
| [@azure/identity](https://github.com/Azure/azure-sdk-for-js) | `4.8.0` | `4.9.0` |



Updates `openai` from 4.77.4 to 4.95.1
- [Release notes](https://github.com/openai/openai-node/releases)
- [Changelog](https://github.com/openai/openai-node/blob/master/CHANGELOG.md)
- [Commits](openai/openai-node@v4.77.4...v4.95.1)

Updates `dotenv` from 16.4.7 to 16.5.0
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md)
- [Commits](motdotla/dotenv@v16.4.7...v16.5.0)

Updates `@microsoft/teams-js` from 2.35.0 to 2.36.0
- [Release notes](https://github.com/OfficeDev/microsoft-teams-library-js/releases)
- [Changelog](https://github.com/OfficeDev/microsoft-teams-library-js/blob/main/packages/teams-js/CHANGELOG.md)
- [Commits](https://github.com/OfficeDev/microsoft-teams-library-js/commits/v2.36.0/packages/teams-js)

Updates `vectra` from 0.9.0 to 0.10.0
- [Release notes](https://github.com/Stevenic/vectra/releases)
- [Commits](https://github.com/Stevenic/vectra/commits/v0.10.0)

Updates `@azure/identity` from 4.8.0 to 4.9.0
- [Release notes](https://github.com/Azure/azure-sdk-for-js/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-js/blob/main/documentation/Changelog-for-next-generation.md)
- [Commits](https://github.com/Azure/azure-sdk-for-js/compare/@azure/identity_4.8.0...@azure/identity_4.9.0)

---
updated-dependencies:
- dependency-name: openai
  dependency-version: 4.95.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: dotenv
  dependency-version: 16.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: "@microsoft/teams-js"
  dependency-version: 2.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: vectra
  dependency-version: 0.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
- dependency-name: "@azure/identity"
  dependency-version: 4.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Apr 21, 2025

Reviewers

The following teams could not be added as reviewers: teams-ai-admins. Either the team does not exist or it does not have the correct permissions to be added as a reviewer.

Labels

The following labels could not be found: JS, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github May 5, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this May 5, 2025
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/js/production-904548b814 branch May 5, 2025 09:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant