[Snyk] Upgrade @microsoft/mgt-teamsfx-provider from 3.1.3 to 4.2.1 #4
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Snyk has created this PR to upgrade @microsoft/mgt-teamsfx-provider from 3.1.3 to 4.2.1. See this package in npm: @microsoft/mgt-teamsfx-provider See this project in Snyk: https://app.snyk.io/org/paaschdigital/project/35e4b9b7-14dc-40c9-b819-96c3e11552f9?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade @microsoft/mgt-teamsfx-provider from 3.1.3 to 4.2.1.
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 37 versions ahead of your current version.
The recommended version was released on 2 months ago.
Release notes
Package name: @microsoft/mgt-teamsfx-provider
-
4.2.1 - 2024-03-27
- version bump (#3146) (dadb0f3)
-
4.2.1-preview.ef846d5 - 2024-05-28
-
4.2.1-preview.bfa4af8 - 2024-05-30
-
4.2.1-preview.9f0799e - 2024-05-30
-
4.2.1-preview.7f9eac3 - 2024-05-29
-
4.2.1-preview.6e51044 - 2024-05-29
-
4.2.1-preview.35b86ff - 2024-04-03
-
4.2.0 - 2024-03-27
- add a useIsSignedIn custom hook for react (#3093) (1e695aa)
- a11y: fix forced colors for file upload button (#3114) (81826d9)
- add a custom font-size token to people-picker (#3069) (bc8423c)
- add a shimmer for the loading state of person component (#3009) (daf0cf9)
- add aria-label text string for teams chevrons (#3129) (bc1fedf)
- disable input in single select mode and default userIds and groupIds (#3119) (948b078)
- prevent undefined account error when logging out (#3082) (da77913)
- theme colors for mgt-search-results (#3116) (ae5e343)
-
4.2.0-preview.dadb0f3 - 2024-03-27
-
4.1.0 - 2024-02-26
- add ability to disable suggestions on people-picker (#3048) (f174714)
- move electron to peer dependency (#3046) (c572c01)
- make scope aware requests work for electron apps (c572c01)
-
4.1.0-preview.daf0cf9 - 2024-03-07
-
4.1.0-preview.da77913 - 2024-03-08
-
4.1.0-preview.bc8423c - 2024-02-28
-
4.1.0-preview.bc1fedf - 2024-03-27
-
4.1.0-preview.ae5e343 - 2024-03-04
-
4.1.0-preview.948b078 - 2024-03-11
-
4.1.0-preview.81826d9 - 2024-03-27
-
4.1.0-preview.1e695aa - 2024-03-21
-
4.0.1 - 2024-02-12
- apply keyboard focus when removing selected person or adding person from suggestion list on people-picker (#3011) (8c8b138)
- ensure consistency level header present for user search (#3029) (3d893b2)
-
4.0.1-preview.f1ffe5e - 2024-02-20
-
4.0.1-preview.f174714 - 2024-02-26
-
4.0.1-preview.c572c01 - 2024-02-23
-
4.0.1-preview.48449c4 - 2024-02-13
-
4.0.1-next.electron-provider.a9c1403 - 2024-02-14
-
4.0.1-next.electron-provider.9888a35 - 2024-02-14
-
4.0.1-next.electron-provider.95c51f5 - 2024-02-14
-
4.0.1-next.electron-provider.74fa189 - 2024-02-23
-
4.0.1-next.electron-provider.669ff52 - 2024-02-14
-
4.0.1-next.electron-provider.39183f7 - 2024-02-13
-
4.0.0 - 2024-02-05
- mgt-loader.js is removed and there is no support for es5 only browsers direct from CDN. Developers loading mgt from a CDN must use module syntax and explicitly initialize their applications.
- mgt-spfx is deprecated, use disambiguation instead
- ViewType is now a string union type and not an enum
- UserType is now a string union type and not an enum
- PersonType is now a string union type and not an enum
- GroupType is now a string union type and not an enum
- groupType property on MgtPeoplePicker is now a GroupType[] not a GroupType that is a bitmask of the desired group types. Developers using the group-type attribute will find the behavior unchanged.
- the avatarType eunm has been renamed to AvatarType for consistency and converted to a string union type
- the ResponseType for mgt-get is now a string union type and not an enum
- PersonCardInteraction is now a string union type and not an enum
- convert attribute enums to string unions (#2962)
- PersonViewType has been removed. 'avatar' is no longer a valid value for the 'view' attribute on the 'mgt-person' component
- permissions: applications using mgt-person with fetch-image and person-detal where the supplied value is a group will now need to consent to either Group.Read.All or Group.ReadWrite.All. This replaces the existing behavior where the group image would silently fail to load and show an http 403 error in the console.
- permissions: minimal permission for planner calls changed from Group.ReadWrite.All to Tasks.ReadWrite for write operation and from Group.Read.All to Tasks.Read for read operations.
- prepScopes now accepts an array of scopes, this is checked against the set of currently consented scopes for the user. If any of the supplied scopes are found, then no additional scopes are requested. If no match is found, then the user will be prompted to consent to the first scope in the supplied array of scopes
- mgt-tasks has been removed and replaced with mgt-planner. mgt-planner does not support data-source switching to fetch data from the outlook tasks apis any longer.
- Developers must explicitly call the register function for all web components used in their application when using components from
- MgtPersonCard no longer has a static config property.This config has been moved to the MgtPersonCardConfig class to allow developers to import the config and associated getMgtPersonCardScopes function at the top level of their applicaiton without automatically adding the weight of the full mgt-person-card component and dependencies to the entry file for their applications.
- default behavior of mgt-people-picker changes so presence is not shown unless show-presence attribute or showPresence property are set
- applications importing
- add edit funtionality to mgt-todo (#2783) (64acd1f)
- add ElectronContextBridgeProvider (#2914) (8900eb4)
- add optional person-card to people picker (#2900) (65ca8e2)
- add show-presence to mgt-people-picker (#2812) (f5bf7cc)
- add support for nested values in mgt-picker key-name (#2917) (e79fbdc)
- automatically convert disambiguation value to lowercase (#2898) (992ab85)
- convert attribute enums to string unions (#2962) (18d0aec)
- deprecate mgt-spfx package (#2940) (3da9560)
- enable live code inclusion for consuming applications (#2642) (c41d719)
- enable user sign-in for storybook (#2851) (335c2f3)
- promoting search components to GA (#2909) (86697f4)
- remove mgt-loader (#2963) (ea0f71b)
- rename mgt-tasks to mgt-planner (#2890) (df8af8c)
- require explicit component registration (#2848) (b7db262)
- scope aware requests (#2797) (81d124b)
- split config and permission methods out of mgt-person-card (#2840) (8177699)
- use
- add connect img and frame csp directives (#2910) (20eb7fc)
- add detail-line part attribute to person component (#2999) (b254e49)
- add focus on input field when you click the button to add a new task (#2994) (573fa45)
- add method to clear selected channel in mgt-teams-channel-picker (#2865) (c3a3d82)
- adding headers and count on all potential advanced aad queries (#2920) (90b2dd1)
- clean-up react-contoso homepage (#3008) (c8c564d)
- color inversion on suggestion list (65ca8e2)
- consolidate person view types (#2943) (6d44a17)
- correct completion of todo items (#3018) (52d8ad9)
- correct filter concatenation in mgt-people-picker (#2822) (18925a9)
- correct permissions used for some requests (#2953) (ec25e57)
- direct reports list formatting (#2930) (f2547d1)
- enable the input control when selectedPeople is cleared via code. (#2792) (f54dc81)
- ensure filtering of tasks actually works (#2894) (59cccb0)
- ensure loginInitiated is fired every time (2fb1064)
- ensure people-filters are added with and clause for people-picker (#2826) (0d671e6)
- enter email keypress behavior (#2928) (53b291c)
- flyout vertical positioning (#2771) (45163ed)
- focus on the input when you cancel adding a todo (#3005) (14bb9c1)
- guard on non-existent result (#2931) (981e6f9)
- increase area for placeholder (#2921) (513031b)
- mgt-person avatar size customization in vertical layout (#2875) (4c41534)
- msal setActiveAccount error (#3017) (0bad7e5)
- permissions: getGroupImage now correctly requires group.read.all or group.readwrite.all (#2797) (81d124b)
- permissions: updated todo and planner permissions (#2797) (81d124b)
- presence fallback logic (#2849) (1ab1970)
- presence icons for dark forced colors (#2817) (00b168b)
- register components for use in stories (335c2f3)
- remove readonly props from react components (#2946) (267bc19)
- revert csp tag in developer index.html (#2910) (20eb7fc)
- set add button to disabled until task name is provided (#2996) (eec74d0)
- stop keydown from bubbling beyond people-picker (#2892) (ad4cfa3)
- typing for LocalizationHelper.strings (#2998) (0317fc2)
- update person details when mgt-person attributes are changed (#2871) (9c53cbf)
- update rollup and rollup config (#2969) (606fffb)
- update the sandbox fallback url (#2924) (ebf5ed3)
- avatarType renamed to AvatarType and converted to string union type (18d0aec)
- GroupType is now a string union type and not an enum (18d0aec)
- groupType property on MgtPeoplePicker is now GroupType[] (18d0aec)
- PersonCardInteraction is now a string union type and not an enum (18d0aec)
- PersonType is now a string union type and not an enum (18d0aec)
- ResponseType for mgt-get converted to string union type from enum (18d0aec)
- UserType is now a string union type and not an enum (18d0aec)
- ViewType is now a string union type and not an enum (18d0aec)
-
4.0.0-preview.8c8b138 - 2024-02-12
-
4.0.0-preview.3d893b2 - 2024-02-09
-
4.0.0-next.mgt-chat.f78d197 - 2024-02-29
-
4.0.0-next.mgt-chat.eeea1d6 - 2024-02-08
-
4.0.0-next.mgt-chat.c42aa19 - 2024-03-05
-
4.0.0-next.mgt-chat.5c123b0 - 2024-02-12
-
4.0.0-next.mgt-chat.610757 - 2024-02-22
-
3.1.3 - 2023-10-10
- a11y: mgt-file and mgt-picker visibility issues in dark-mode (#2667) (239bfb0)
- add Group entity to IDynamicPerson type and introduce typeguards to find the entity type (#2688) (b3bc50d)
- add spaces to presence hover text in mgt-person (#2693) (f50e6ab)
- disable todo checkboxes and inputs in read-only mode (#2745) (d19f078)
- ensure batch url resources start with / (#2740) (247f37a)
- ensure msal public client application is initialized (#2702) (b9fcfe7)
- ensure people-picker search works when userIds are supplied(#2736) (a724b05)
- initials rendering in mgt-person (#2764) (882aaf6)
- MgtProfile: Fix handling of null values for educations & work positions (#2717) (ba381c8)
- typing for template props data context (#2754) (c9023c2)
- update mgt-taxonomy-picker colors to match mgt-picker (#2747) (be7add8)
from @microsoft/mgt-teamsfx-provider GitHub release notes4.2.1 (2024-03-27)
Bug Fixes
4.2.0 (2024-03-27)
Features
Bug Fixes
4.1.0 (2024-02-26)
Features
Bug Fixes
4.0.1 (2024-02-12)
Bug Fixes
4.0.0 (2024-02-05)
⚠ BREAKING CHANGES
@ microsoft/mgt-components. Importing from the root of@ microsoft/mgt-componentsno longer has an automatic registration side effect. NOTE Components from@ microsoft/mgt-reactwill automatically register the underlying web component when they are used for the first time.@ microsoft/mgt-reactbut not using the wrapper components will not have components automatically registered in the browser. This leads to a breaking change when these applications emit raw web component markup rather than using the wrapper components.Features
@ lit/taskto schedule async data fetching (#2912) (14a96ff)Bug Fixes
Code Refactoring
3.1.3 (2023-10-06)
Bug Fixes
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: