[Snyk] Upgrade adaptive-expressions from 4.12.0-rc3 to 4.17.1

[MarcelRaschke]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade adaptive-expressions from 4.12.0-rc3 to 4.17.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 222 versions ahead of your current version.
• The recommended version was released a month ago, on 2022-09-19.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Improper Input Validation SNYK-JS-URLPARSE-2407770	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TMPL-1583443	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOMENT-2944238	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Directory Traversal SNYK-JS-MOMENT-2440688	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	No Known Exploit
	Prototype Pollution SNYK-JS-MIXME-1278998	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	No Known Exploit
	Command Injection SNYK-JS-LODASH-1040724	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-AXIOS-1579269	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Prototype Pollution SNYK-JS-ASYNC-2441827	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Authorization Bypass SNYK-JS-URLPARSE-2407759	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Access Restriction Bypass SNYK-JS-URLPARSE-2401205	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Open Redirect SNYK-JS-URLPARSE-1533425	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Arbitrary Code Injection SNYK-JS-UNDERSCORE-1080984	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Denial of Service (DoS) SNYK-JS-NWSAPI-2841516	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	No Known Exploit
	Command Injection SNYK-JS-NODENOTIFIER-1035794	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	No Known Exploit
	Information Exposure SNYK-JS-NODEFETCH-2342118	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Reverse Tabnabbing SNYK-JS-ISTANBULREPORTS-2328088	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BROWSERSLIST-1090194	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	726/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.1	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: adaptive-expressions

• 4.17.1 - 2022-09-19
  

  Welcome to the September 2022 release of the Bot Framework SDK. This release has been focused on updating dependencies, bug fixes and general improvements.

  What's Changed

  • fix: [#4296] MessagingExtensionResultType missing silentAuth Type by @ ceciliaavila in #4305
  • port: [#4277] Catch HttpRequestException in HttpRequest (Aliased LG templates aren't cleaned up when the calling template is deleted microsoft/BotFramework-Composer#6404) by @ ceciliaavila in #4304
  • chore: Create new pipeline E2E-BF-Streaming-Test-Create-Resources by @ BruceHaley in #4313
  • fix: [#4288] CustomQuestionAnswering answers return empty metadata by @ ceciliaavila in #4311
  • port: [#4309] AdaptiveExpression Bool function is not very useful because it doesn't convert anything but ints (Utterance is not passed to skill if disambiguation kicks in at parent microsoft/BotFramework-Composer#6431) by @ sw-joelmut in #4320
  • port: [Improve experience for using remote skills microsoft/BotFramework-Composer#6434] Priority broken for RegexRecognizer (fix: Orchestrator labels get corrupted with entity data upon successive training microsoft/BotFramework-Composer#6435) by @ ceciliaavila in #4323
  • fix: [#4314] CloudAdapter: messages are not sorted correctly by @ sw-joelmut in #4322
  • fix: [#4123][botframework-connector] upgrade and clean up dependencies by @ ceciliaavila in #4161
  • fix: [#4325] Skip Storage properties from BotState class by @ sw-joelmut in #4326

  Full Changelog: 4.17.0...4.17.1

• 4.17.1-rc0-rc - 2022-09-19
• 4.17.0 - 2022-08-03
  Read more
• 4.17.0-rc - 2022-08-03
• 4.17.0-dev.20220803.5ee4dac - 2022-08-03
• 4.17.0-dev.20220801.ad60ad8 - 2022-08-01
• 4.17.0-dev.20220727.c54b03f - 2022-07-27
• 4.17.0-dev.20220720.57e2642 - 2022-07-20
• 4.17.0-dev.20220718.b4a2a5e - 2022-07-18
• 4.17.0-dev.20220714.0cd28d8 - 2022-07-14
• 4.17.0-dev.20220713.f4425c4 - 2022-07-13
• 4.17.0-dev.20220627.c9b8818 - 2022-06-27
• 4.17.0-dev.20220620.b97a692 - 2022-06-20
• 4.17.0-dev.20220616.1c21096 - 2022-06-16
• 4.17.0-dev.20220616.0344d97 - 2022-06-16
• 4.17.0-dev.20220615.82c2375 - 2022-06-15
• 4.17.0-dev.20220614.e83650c - 2022-06-14
• 4.17.0-dev.20220613.e83650c - 2022-06-13
• 4.17.0-dev.20220610.e83650c - 2022-06-10
• 4.17.0-dev.20220609.e83650c - 2022-06-09
• 4.17.0-dev.20220608.e7d845e - 2022-06-08
• 4.17.0-dev.20220606.e7d845e - 2022-06-06
• 4.17.0-dev.20220603.e4dc133 - 2022-06-03
• 4.17.0-dev.20220602.e4dc133 - 2022-06-02
• 4.17.0-dev.20220601.e4dc133 - 2022-06-01
• 4.17.0-dev.20220530.ab9769d - 2022-05-30
• 4.17.0-dev.20220527.ab9769d - 2022-05-27
• 4.17.0-dev.20220526.ab9769d - 2022-05-26
• 4.17.0-dev.20220502.bfa6243 - 2022-05-02
• 4.17.0-dev.20220429.bfa6243 - 2022-04-29
• 4.17.0-dev.20220429.940e63d - 2022-04-29
• 4.17.0-dev.20220425.08b73c4 - 2022-04-25
• 4.16.0 - 2022-04-19
  Read more
• 4.16.0-dev.20220420.08b73c4 - 2022-04-20
• 4.16.0-dev.20220418.6210431 - 2022-04-18
• 4.16.0-dev.20220415.6210431 - 2022-04-15
• 4.16.0-dev.20220414.0c17b50 - 2022-04-14
• 4.16.0-dev.20220411.0dcd8dd - 2022-04-11
• 4.16.0-dev.20220408.da9999e - 2022-04-08
• 4.16.0-dev.20220401.c5de442 - 2022-04-01
• 4.16.0-dev.20220324.a700088 - 2022-03-24
• 4.16.0-dev.20220322.d28d61f - 2022-03-22
• 4.16.0-dev.20220314.5c4a3aa - 2022-03-14
• 4.16.0-dev.20220301.277d55b - 2022-03-01
• 4.16.0-dev.20220225.cc49139 - 2022-02-25
• 4.16.0-dev.20220217.fb9a2d2 - 2022-02-17
• 4.16.0-dev.20220211.12410df - 2022-02-11
• 4.16.0-dev.20220210.91bcb8e - 2022-02-10
• 4.16.0-dev.20220208.91bcb8e - 2022-02-08
• 4.16.0-dev.20220204.fdd51fd - 2022-02-04
• 4.16.0-dev.20220203.1087a37 - 2022-02-03
• 4.16.0-dev.20220202.d55b5b9 - 2022-02-02
• 4.16.0-dev.20220201.4a11f5d - 2022-02-01
• 4.16.0-dev.20220128.f04d672 - 2022-01-28
• 4.16.0-dev.20220127.a40b37b - 2022-01-27
• 4.16.0-dev.20220126.102050e - 2022-01-26
• 4.16.0-dev.20220121.6096a40 - 2022-01-21
• 4.16.0-dev.20220120.bd4bcb5 - 2022-01-20
• 4.16.0-dev.20220119.c419b40 - 2022-01-19
• 4.16.0-dev.20220115.c419b40 - 2022-01-15
• 4.16.0-dev.20220113.4e15456 - 2022-01-13
• 4.16.0-dev.20220112.9224d4f - 2022-01-12
• 4.16.0-dev.20220111.881b018 - 2022-01-11
• 4.16.0-dev.20211220.3246054 - 2021-12-20
• 4.16.0-dev.20211209.e10ddf2 - 2021-12-09
• 4.16.0-dev.20211208.ce24679 - 2021-12-08
• 4.16.0-dev.20211118.2bd9b49 - 2021-11-18
• 4.16.0-dev.20211117.65502d5 - 2021-11-17
• 4.16.0-dev.20211109.a5ae17e - 2021-11-09
• 4.16.0-dev.20211108.98dd347 - 2021-11-08
• 4.16.0-dev.20211105.52d2822 - 2021-11-05
• 4.16.0-dev.20211104.619ac13 - 2021-11-04
• 4.16.0-dev.20211028.3d0e50d - 2021-10-28
• 4.16.0-dev.20211019.2d7961c - 2021-10-19
• 4.15.0 - 2021-11-16
  Read more
• 4.15.0-rc3 - 2021-11-08
• 4.15.0-rc2 - 2021-11-05
• 4.15.0-rc1 - 2021-11-04
• 4.15.0-rc0 - 2021-10-15
• 4.15.0-dev.ffde26a - 2021-07-21
• 4.15.0-dev.ff2d770.20210722 - 2021-07-22
• 4.15.0-dev.e9769e2 - 2021-07-02
• 4.15.0-dev.c0897ee - 2021-07-09
• 4.15.0-dev.a0aeee0 - 2021-07-01
• 4.15.0-dev.7afa288 - 2021-07-13
• 4.15.0-dev.64926f4 - 2021-07-22
• 4.15.0-dev.4ba6d97 - 2021-07-15
• 4.15.0-dev.290c7e0 - 2021-07-05
• 4.15.0-dev.285f3e9 - 2021-07-16
• 4.15.0-dev.0fdf7c4 - 2021-07-08
• 4.15.0-dev.02ca75d - 2021-06-29
• 4.15.0-dev.20211018.2d7961c - 2021-10-18
• 4.15.0-dev.20211008.cb0718c - 2021-10-08
• 4.15.0-dev.20210928.edb0f90 - 2021-09-28
• 4.15.0-dev.20210927.edb0f90 - 2021-09-27
• 4.15.0-dev.20210922.eb58d15 - 2021-09-22
• 4.15.0-dev.20210920.f42c967 - 2021-09-20
• 4.15.0-dev.20210914.b1d137f - 2021-09-14
• 4.15.0-dev.20210830.a393006 - 2021-08-30
• 4.15.0-dev.20210820.1a565e9 - 2021-08-20
• 4.15.0-dev.20210819.c2abac7 - 2021-08-19
• 4.15.0-dev.20210805.26f7f44 - 2021-08-05
• 4.15.0-dev.20210802.ba4912a - 2021-08-02
• 4.15.0-dev.20210730.c797b67 - 2021-07-30
• 4.15.0-dev.20210726.c56bbf1 - 2021-07-26
• 4.15.0-dev.1982983 - 2021-07-07
• 4.14.1 - 2021-07-16
  
  • port: beginskill uischema fix (#3854)

  Fixes #3853

  • make getTopScoringIntent return '' instead of undefined (#3870)

  Co-authored-by: taicchoumsft [email protected]

• 4.14.0 - 2021-07-07
  Read more
• 4.14.0-rc2 - 2021-07-06
• 4.14.0-rc1 - 2021-06-30
• 4.14.0-rc0 - 2021-06-28
• 4.14.0-experimental.fb8c4d0 - 2021-04-28
• 4.14.0-experimental.04dfe6b - 2021-05-05
• 4.14.0-dev.fec4bfe - 2021-06-21
• 4.14.0-dev.ef2b7af - 2021-06-04
• 4.14.0-dev.ee4705c - 2021-05-19
• 4.14.0-dev.eb2a383 - 2021-06-16
• 4.14.0-dev.e45b0e4 - 2021-04-16
• 4.14.0-dev.e00e6c8 - 2021-06-08
• 4.14.0-dev.dd1da7b - 2021-05-12
• 4.14.0-dev.d944e33 - 2021-04-01
• 4.14.0-dev.d80dc33 - 2021-04-15
• 4.14.0-dev.d57152a - 2021-05-27
• 4.14.0-dev.d3f881d - 2021-04-30
• 4.14.0-dev.cb74e85 - 2021-05-20
• 4.14.0-dev.c9564c1 - 2021-06-02
• 4.14.0-dev.c7a22fb - 2021-05-04
• 4.14.0-dev.c34651d - 2021-04-14
• 4.14.0-dev.b647405 - 2021-05-14
• 4.14.0-dev.b610522 - 2021-04-12
• 4.14.0-dev.b5feba0 - 2021-04-07
• 4.14.0-dev.b596346 - 2021-04-26
• 4.14.0-dev.b10d051 - 2021-04-22
• 4.14.0-dev.a8731af - 2021-06-10
• 4.14.0-dev.a71af89 - 2021-05-10
• 4.14.0-dev.a67fcc1 - 2021-05-12
• 4.14.0-dev.a391ba0 - 2021-05-18
• 4.14.0-dev.98d8045 - 2021-05-05
• 4.14.0-dev.8fe86c3 - 2021-06-17
• 4.14.0-dev.87ecf38 - 2021-06-15
• 4.14.0-dev.869303e - 2021-06-03
• 4.14.0-dev.84748d4 - 2021-05-06
• 4.14.0-dev.7d2b38d - 2021-04-21
• 4.14.0-dev.7ba3530 - 2021-05-11
• 4.14.0-dev.77d8fb7 - 2021-05-07
• 4.14.0-dev.6fab548 - 2021-04-05
• 4.14.0-dev.6e311b9 - 2021-05-03
• 4.14.0-dev.663edf9 - 2021-04-15
• 4.14.0-dev.65599cc - 2021-04-06
• 4.14.0-dev.636daf8 - 2021-06-23
• 4.14.0-dev.55df570 - 2021-06-08
• 4.14.0-dev.4f92dae - 2021-04-17
• 4.14.0-dev.4c93dc3 - 2021-04-16
• 4.14.0-dev.49f1b23 - 2021-05-17
• 4.14.0-dev.43e23d1 - 2021-04-29
• 4.14.0-dev.3fd905b - 2021-04-20
• 4.14.0-dev.391a2ab - 2021-06-10
• 4.14.0-dev.29f86bb - 2021-06-24
• 4.14.0-dev.27ee249 - 2021-03-31
• 4.14.0-dev.264c0f3 - 2021-05-25
• 4.14.0-dev.263fa48 - 2021-04-01
• 4.14.0-dev.257e868 - 2021-05-14
• 4.14.0-dev.1ffeb7c - 2021-04-19
• 4.14.0-dev.1a973ab - 2021-04-02
• 4.14.0-dev.16730ec - 2021-05-13
• 4.14.0-dev.0f1833f - 2021-05-14
• 4.14.0-dev.02c1309 - 2021-04-23
• 4.14.0-dev.023e244 - 2021-04-08
• 4.14.0-dev.00ab4e6 - 2021-04-28
• 4.14.0-dev.9889939 - 2021-04-08
• 4.14.0-dev.5326335 - 2021-04-13
• 4.14.0-dev - 2021-03-31
• 4.13.6 - 2021-06-16
  

  …gs (#3745)

  • Fix double evaluation and filter sensitive settings

  • refine code

  • update

• 4.13.6-rc0 - 2021-06-15
• 4.13.5 - 2021-05-27
• 4.13.5-dev.5bd62f8 - 2021-05-26
• 4.13.4 - 2021-05-18
• 4.13.3 - 2021-05-13
• 4.13.2 - 2021-05-10
• 4.13.1 - 2021-04-28
• 4.13.0 - 2021-04-15
• 4.13.0-rc9 - 2021-04-14
• 4.13.0-rc8 - 2021-04-13
• 4.13.0-rc7 - 2021-04-12
• 4.13.0-rc6 - 2021-04-07
• 4.13.0-rc5 - 2021-04-06
• 4.13.0-rc4 - 2021-04-05
• 4.13.0-rc3 - 2021-04-01
• 4.13.0-rc2 - 2021-03-31
• 4.13.0-rc1 - 2021-03-30
• 4.13.0-rc0 - 2021-03-30
• 4.13.0-dev-date-20210330.sha-02423c0 - 2021-03-30
• 4.13.0-dev-date-20210329.sha-35f2f10 - 2021-03-29
• 4.13.0-dev-date-20210326.sha-7d44ace - 2021-03-26
• 4.13.0-dev-date-20210325.sha-a9003e5 - 2021-03-25
• 4.13.0-dev-date-20210324.sha-ec062e9 - 2021-03-24
• 4.13.0-dev-date-20210323.sha-e09dc68 - 2021-03-23
• 4.13.0-dev-date-20210319.sha-352e54c - 2021-03-19
• 4.13.0-dev-date-20210318.sha-f3664b5 - 2021-03-18
• 4.13.0-dev-date-20210318.sha-352e54c - 2021-03-18
• 4.13.0-dev-date-20210317.sha-3022f79 - 2021-03-17
• 4.13.0-dev-date-20210315.sha-08c0e54 - 2021-03-15
• 4.13.0-dev-date-20210312.sha-59d7f11 - 2021-03-12
• 4.13.0-dev-date-20210311.sha-e0d9198 - 2021-03-11
• 4.13.0-dev-date-20210310.sha-80f5e40 - 2021-03-10
• 4.13.0-dev-date-20210309.sha-1c29775 - 2021-03-09
• 4.13.0-dev-date-20210308.sha-df0f316 - 2021-03-08
• 4.13.0-dev-20210305.f8d0ae33ecbf - 2021-03-05
• 4.13.0-dev-20210303.1774d5104b1e - 2021-03-03
• 4.13.0-dev-20210302.1774d5104b1e - 2021-03-02
• 4.13.0-dev-20210302.05a8f15f5bc7 - 2021-03-02
• 4.13.0-dev-20210224.875d1f7aab65 - 2021-02-24
• 4.13.0-dev-20210222.97c8a8819e1e - 2021-02-22
• 4.13.0-dev-20210219.8eb69cd34990 - 2021-02-19
• 4.13.0-dev-20210218.21510a0cb7ca - 2021-02-18
• 4.13.0-dev-20210217.b55fb6b4ef19 - 2021-02-17
• 4.12.1 - 2021-06-16
  

  …gs (#3746)

  • init

  • init

  • move on

  • drop unchecked code

• 4.12.1-rc0 - 2021-06-15
• 4.12.0 - 2021-03-04
• 4.12.0-ts4-20201110-bdd69270c246 - 2020-11-10
• 4.12.0-ts4-09c112b1af10 - 2020-11-10
• 4.12.0-rc4 - 2021-02-23
• 4.12.0-rc3 - 2021-02-19

from adaptive-expressions GitHub release notes

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs