[Snyk] Security upgrade @slack/web-api from 6.7.1 to 6.9.1

[Jdallos]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	748/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 7.1	Cross-site Request Forgery (CSRF) SNYK-JS-AXIOS-6032459	No	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: @slack/web-api

The new version differs by 163 commits.

• c80fdc2 slack/web-api@6.9.1 (#1687)
• 631dd08 Compatibility tweaks for axios v1.+ upgrade.
• c2eddea chore: update axios in web-api to 1.6.0. See #1682 for more info (#1686)
• 1374422 Add deprecation comment
• 7857f26 Update files.upload.v2 internals due to server-side improvements
• 89b109d Publish @ slack/webhook@7.0.0 (#1669)
• 85c07d9 @ slack/webhook: set min node to 18, prep for major release (#1666)
• c32414c Small tweak to maintainer guide on how to generate a changelog for a specific sub-package in a monorepo.
• b7bad09 Generate the latest web api responses
• 48f560d Publish @ slack/types@2.9.0 (#1665)
• 124d8ca Add rich text types (#1643)
• 208c53f Drop use of deprecated interfaces and use new aliased one. (#1664)
• d0b04a0 Add a README to the types package. (#1663)
• e4a291a `@ slack/types` Full JSdoc, deprecate `WorkflowStep`, `Action` (aliased to `Actionable`) and `Confirm` (aliased to `ConfirmationDialog`) and upcoming major version breaking change TODOs as comments (#1662)
• d2b95ac Update contributing.md with correct CLA link
• c2fe5b5 Add missing optional args
• 635bce8 Omit a few weird tests
• 3015e82 Add admin.* APIs for managing automation platfrom apps
• 09ef142 Types: split single index.ts file into files based on function/category (#1656)
• da5da33 types: Adding deprecation notices to Dialogs and Steps From Apps types (#1655)
• 25fe276 Publish @ slack/logger@4.0.0 (#1651)
• 783920c Logger updates: dependencies and higher minimum node version (#1650)
• 6afaae0 Update link to build badge in README.md
• 801b7ed Set sub-packages into GitHub Workflow matrix and use working-directory instead bash loop

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Request Forgery (CSRF)

[sonarqubecloud]

Kudos, SonarCloud Quality Gate passed!   

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
0.0% Duplication