@slack/[email protected]

• Fix #1507 Add type support for message_metadata_* event types (via #1508) - thanks @dannyhostetler!
• Allow passing additional types for Global and Middleware Context (via #1505) - thanks @M1kep!
• Fix #1510: Add isEnterpriseInstall to Context (via #1511) - thanks @rockingskier!
• Fix #1052: Request verification failed: Failed to verify authenticity: stale (via #1503) - thanks @srajiang!
• Fixed receiver warning typo (via #1492) - thanks @nick-w-nick!

Here is the list of all the issues / pull requests included in the release: https://github.com/slackapi/bolt-js/milestone/21?closed=1

@slack/[email protected]

• Fix #1488 Incorrect types with ViewUpdateResponseAction and ViewPushResponseAction (via #1490) - thanks @seratch @ducminh-phan!

Here is the list of all the issues / pull requests included in the release: https://github.com/slackapi/bolt-js/milestone/26?closed=1

@slack/[email protected]

• Bug fixes:
  • Fix #1454: Missing type declarations for HomeView (via #1455) - thanks @seratch!
  • TypeScript 4.7 compiler compatibility (via #1466) - thanks @seratch!
  • Fix #1472: say type incorrectly inferred as never when using pin_added or reaction_* events (via #1473 and #1476) - thanks @seratch!
  • Fix an action typo in the docs (via #1475) - thanks @BenAlderfer!
  • Add more logs for error patterns in AwsLambdaReceiver (via #1481) - thanks @seratch!
  • Fix #1478: ack() is not accessible in global middleware in TypeScript (via #1482) - thanks @seratch!

Here is the list of all the issues / pull requests included in the release: https://github.com/slackapi/bolt-js/milestone/25?closed=1

@slack/[email protected]

• New features / improvements:
  • Adding support for new user-change events with types (via #1448) - thanks @filmaj
  • Slack prints failed with the error "operation_timeout" when slack command runs and finishes successfully in AWS Lambda (via #1435 #1452) - thanks @nicolls1
  • Upgrade socket-mode dependency to the latest minor (via #1441 ) - thanks @seratch !

Here is the list of all the issues / pull requests included in the release: https://github.com/slackapi/bolt-js/milestone/24?closed=1

@slack/[email protected]

📣 Important Announcement

Since this version, the default behavior of the OAuth flow has been changed for better security. The changes are:

• InstallProvider (The underlying OAuth module) verifies not only the query string but also its corresponding browser cookie data
• The default StateStore (ClearStateStore) makes sure that the state parameter is not too old (the default lifetime is 10 minutes)

Refer to #1335 #1391 slackapi/node-slack-sdk#1435 slackapi/node-slack-sdk#1436 for the context. If you encounter behavior changes described at #1412, consider either changing your app code or setting installerOptions.legacyStateVerification: true for now.

🎁 🐛 New features / improvements:

• #1391 Fix #1335 Proper use of state parameter for the OAuth CSRF protection - Thanks @seratch
• #1405 Fix #1404 SocketModeReceiver app process exits when any of its event listeners throws an exception - Thanks @seratch
• #1359 Fix #1358 Expose common utilities for building HTTP module based receivers - Thanks @seratch
• #1406 Add more error handlers to ExpressReceiver - Thanks @seratch @Gregoor
• #1392 Fix #1385 Create a signature validation function that is not tied to the request - Thanks @seratch @danerwilliams
• #1393 Fix #1376 CustomRoute interface should be accessible from developers - Thanks @seratch
• #1381 Fix #1380 by adding more event payload types - Thanks @seratch @aasiddiq
• #1400 Fix #1397 bolt-js does not accept ssl_check requests properly - Thanks @seratch
• #1340 Fix #1334 Export EnvelopedEvent interface to users - Thanks @martin-cycle
• #1366 Fix #1364 Update axios to latest 0.26.1 - Thanks @seratch @msrivastav13
• #1369 Fix #1368 Log httpServer.close error only when the server exists - Thanks @sbcgua
• #1336 #1401 #1403 #1407 Improve the SDK's test assets - Thanks @seratch @filmaj

📝 Document updates:

• #1384 Deploy the App to Heroku with one click - Thanks @MaurizioBella

Here are all the issues / pull requests included in the release.

@slack/[email protected]

🎁 🐛 New features / improvements:

• Added an option to deferInitialization of App - #248 #1303 - Thanks @seratch and @SpencerKaiser
• We're now explicitly setting content-type on HTTPReceiver responses to /slack/install route - #1279 #1280 - Thanks @filmaj
• Reduced unnecessary error throwing in case of tokens_authorize / app_uninstalled event #674 #1328, - Thanks @seratch
• Updated SlackEvent union type to include ChannelIDChangedEvent - #1302 #1301 Thanks @pmezard and @srajiang
• Corrected typing for UserChangeEvent.user.updated attribute #1320 #1322 - Thanks @seratch and @pmezard
• Removed redundant authorize code #1231 #1327 - Thanks @seratch and @TEMHITHORPHE
• Corrected some pesky quotes #1323 - Thanks @nicolls1

📝 Document updates:

• New documentation for deferInitialization #1304, #1308 - Thanks @filmaj, @wongjas, @seratch!
• Improved clarity and content of OAuth documentation #1329 #1315 #1318 - Thanks @srajiang, @horeaporutiu
• Added a 🇯🇵 translation for userScopes property - #1295 - Thanks @wongjas
• Updated respond argument docs to include views listener #1313 - Thanks @seratch

Here are all the issues / pull requests included in the release.

@slack/[email protected]

• New features / improvements:
  • Bump @slack/web-api dependency to at least v6.6.0 to address a security vulnerability in axios (via #1276) - thanks @filmaj!
  • Bump @slack/oauth dependency to at least v2.4.0 to address major bugs (via #1273) - thanks @seratch!
  • Fix #1256: $PORT fails to bind on Heroku (via #1210) - thanks @filmaj!
  • Add missing Channel*MessageEvent types (via #1254) - thanks @seratch!
  • Fix #190: Context method updateConversation should accept expiration time (via #1221) - thanks @shubhamjajoo!
  • Fix #1206: custom routes incorrectly match against full URL including querystring parameters (via #1207) - thanks @moustacheful!
• Document updates:
  • Improve App initialization error logs and Authenticating with OAuth document (via #1250) - thanks @srajiang!
  • Fix #795: improving documentation around serverless deployments to make more accessible (via #1254) - thanks @filmaj!
  • Update anchors in the Japanese reference page (via #1247) - thanks @seratch!
  • Fix #1237: Use correct message subtype in Listening to Events documentation (via #1240) - thanks @wongjas!
  • Fix #1233 and #1216: Remove redundant state information from the Listening to Modals documentation (via #1236) - thanks @wongjas!
  • Fix #1241: Update examples to use the logger instead of console.log (via #1242) - thanks @wongjas!
  • Cleanup Lambda example and docs around processBeforeResponse (via #1229) - thanks @ramblingenzyme!
  • Fix #1197: Japanese version of documents around extendedErrorHandler (via #1227) - thanks @wongjas!
  • Add documentation for socket mode and developer mode (via #1218) - thanks @TheManWhoStaresAtCode!
  • Fix #1219: Japanese version of additional socket mode and developer mode documentation (via #1226) - thanks @wongjas!
  • Fix #1010: Add documentation for view_closed support (via #1214) - thanks @TheManWhoStaresAtCode!
  • Fix #1200: Remove references to passing a port to the start method when using socket mode (via #1202) - thanks @filmaj!
• Developer / maintainer-relevant changes:
  • Added a GitHub action and bot to automatically mark issues and PRs as stale after extended periods of inactivity (via #1213, #1225) - thanks @srajiang!

Here is the list of all the issues / pull requests included in the release: https://github.com/slackapi/bolt-js/milestone/16?closed=1

@slack/[email protected]

• New features / improvements:
  • Fix #759 #1109 #1110 by adding custom properties in ReceiverEvent and Context objects (#1177) - Thanks @seratch!
  • Fix #860 Enable developers to customize the built-in receivers more (#1183) - Thanks @seratch!
  • Fix #1181 Add port property to installerOptions in the HTTPReceiver (#1184) - Thanks @seratch @M1kep!
  • Add port property to installerOptions in the HTTPReceiver (#1181) - Thanks @srajiang!
  • Add context to global error handler (#525) - Thanks @raycharius!
  • Fix #1098 next() is optional in middleware in TypeScript (#1099) - Thanks @seratch!
  • Fix #1148 - Adjust the app.message listener interface in TypeScript to compile the examples in documents (#1185) - Thanks @M1kep!
  • BlockAction interface does not include state despite state being present in actual object (#1141 #1144) - Thanks @seratch @Richard-PTT!
  • Add more information to unhandled incoming request logging (#1143) - Thanks @misscoded!
  • Bump axios version to 0.21.2 or higher for better security (#1162) - Thanks @xmariopereira!
  • Fix the v3.8.0 publish error (#1194) - Thanks @brianjychan
• Document updates:
  • Japanese document updates (#1047 #1152 #1131 #1154 #1165 #1163 #1166 #1169 #1175) - Thanks @wongjas!
  • Fix the logging example so that it is valid JS (#1172 #1174) - Thanks @filmaj!
  • Fix documentation about state verification option (#1168) - Thanks @stophecom!
  • Fix call in AWS handler to match example (and be correct) (#1190) - Thanks @sirctseb!
  • using directMention() documentation doesn't seem to be correct in docs (#1148) - Thanks @O-Mutt!
  • Clarify /slack/events path requirement (#1153) - Thanks @mars!
  • Update Japanese docs to apply token rotation (#1009) changes (#1014) - Thanks @misscoded!
  • Update slugs in document pages (#1161) - Thanks @srajiang!
  • Japanese document updates (#1067 #1137) - Thanks @seratch!
  • Minor updates related to #1046 (#1047) - Thanks @seratch!

Here is the list of all the issues / pull requests included in the release: https://github.com/slackapi/bolt-js/milestone/15?closed=1

@slack/[email protected]

This version had a package file issue. Please use v3.8.1 or newer instead.

@slack/[email protected]

Loads of updates and improvements this go-around with the help of feedback from the community 🎉 Many many thanks!

• Support for custom HTTP routes (#834, #866, #1114) - Thank you @misscoded and @johnboxall!
• Added a stateVerification flag to support org-wide app install from admin pages! (#1101, #1116) - Thank you @srajiang and @seratch!
• Migrated fully to eslint (#1024, #842, #1089, #1091 ) - Dzięki @filmaj and @srajiang and @seratch!
• Option to use custom Express app / router via ExpressReceiver (#1084, #868) - Muito obrigado @seratch!
• Added an option to disable signature verification for use during testing (#648, #1088) - Dankeschön @seratch and @meetmangukiya!
• Enabled developers to disable and customize installation pages (#982, #1083, #977 , #1079) - 谢谢 @seratch!
• Enabled using Bolt JS without passing a botId (#874, #1087) - Thanks @misscoded!
• Custom redirect URI options are now properly being sent as part of standard install request params (#1115, #1116) - Hvala @srajiang!
• Improved handling for event authorization errors (#859, #364 #891) - Bedankt @seratch, @zachsirotto and @broom9!
• Better App initialization experience when SocketMode and Receiver options are both supplied (#1068, #1077) - شكرًا @seratch!
• Improved logger initialization experience (#1040, #1078, #1027) - Mahalo @TamariTamari, @seratch, and @dominics
• Docs improvements and other corrections! (#1130, #1129, #1082, #1071, #1097, #1095) - 감사합니다 @risto24, @srajiang, @seratch, @stevengill)!