Releases: slackapi/bolt-python
version 1.20.0
Changes
Support for custom steps
- feat: add custom step support by @WilliamBergamin in #1021
- docs: document custom step usage by @WilliamBergamin in #1125
Documentation
- docs: adds Docusaurus site by @lukegalbraithrussell in #1113
- docs: sidebar reference link needs to be full URL by @lukegalbraithrussell in #1117
- docs: docusaurus migration nits by @lukegalbraithrussell in #1118
- docs: google analytics tag by @lukegalbraithrussell in #1123
- docs: document custom step usage by @WilliamBergamin in #1125
- chore: purge the "workflow step" terminology by @WilliamBergamin in #1124
Speed up tests
- chore: improve unit test speed by @WilliamBergamin in #1109
Dependencies
- Update pytest requirement from <8.2,>=6.2.5 to >=6.2.5,<8.4 by @dependabot in #1116
Misc
- chore: version 1.20.0 by @WilliamBergamin in #1128
New Contributors
- @lukegalbraithrussell made their first contribution in #1113
References
- Release Milestone: https://github.com/slackapi/bolt-python/milestone/84?closed=1
- All Diff: v1.19.1...v1.20.0
Contributors
Assets 2
version 1.19.1
Changes
- #1104 Add bot|user_scopes to context.authorize_result set by SingleTeamAuthorization - Thanks @seratch
References
- Release Milestone: https://github.com/slackapi/bolt-python/milestone/84?closed=1
- All Diff: v1.19.0...v1.19.1
Contributors
Assets 2
version 1.19.0
New Features
WSGI Adapter
#1085 by @WilliamBergamin introduces an WSGI adapter, this allows bolt to be deployed in production without the need of a 3rd party WSGI compatible web framework. check out the examples in examples/wsgi
Deprecate Steps From Apps
#1089 by @WilliamBergamin adds deprecation warnings to Steps from Apps components and documentation.
What's Changed
Fixes
- Fix typo in ja_listening_events.md by @johtani in #1022
- Fix #1074 Customize user-facing message sent when an installation is not managed by bolt-python app by @seratch in #1077
Tests
- Improve socket mode tests by @WilliamBergamin in #991
- remove unused multiprocessing test mode by @WilliamBergamin in #1011
- Replace Flask-Sockets with aiohttp for testing by @WilliamBergamin in #1012
- feat: improve test speed by @WilliamBergamin in #1017
Dependabot
- Bump actions/checkout from 3 to 4 by @dependabot in #1038
- Bump actions/setup-python from 4 to 5 by @dependabot in #1040
- Bump actions/stale from 4.0.0 to 9.0.0 by @dependabot in #1042
- Update werkzeug requirement from <3,>=2 to >=2,<4 by @dependabot in #1041
- Update pytest requirement from <7,>=6.2.5 to >=6.2.5,<9 by @dependabot in #1043
- Update flask requirement from <3,>=1 to >=1,<4 by @dependabot in #1044
- Update gunicorn requirement from <21,>=20 to >=20,<22 by @dependabot in #1045
- Update moto requirement from <5,>=3 to >=3,<6 by @dependabot in #1046
- Bump codecov/codecov-action from 3 to 4 by @dependabot in #1039
- Update django requirement from <5,>=3 to >=3,<6 by @dependabot in #1051
- Update docker requirement from <6,>=5 to >=5,<8 by @dependabot in #1052
- Update websockets requirement from <11 to <13 by @dependabot in #1054
- Update sanic requirement from <23,>=22 to >=22,<24 by @dependabot in #1055
- Update click requirement from <=8.0.4 to <=8.1.7 by @dependabot in #1057
- Update pytest-cov requirement from <5,>=3 to >=3,<6 by @dependabot in #1067
- Update gunicorn requirement from <22,>=20 to >=20,<23 by @dependabot in #1073
Misc
- Configuring with pyproject.toml by @WilliamBergamin in #996
- Maintain metadata by @WilliamBergamin in #999
- feat: use dependabot to maintain packages by @WilliamBergamin in #1037
- release: version 1.19.0 by @WilliamBergamin in #1091
New Contributors
- @johtani made their first contribution in #1022
- @dependabot made their first contribution in #1038
Full Changelog: v1.18.1...v1.19.0
Contributors
Assets 2
version 1.19.0 RC1
version 1.18.1
Changes
- #895 Add metadata to respond method - Thanks @seratch
- #917 Add port parameter to web_app - Thanks @butsyk
- #990 Fix #988 app.action listener should accept block_id-only constraints for bolt-js feature parity - Thanks @seratch @darkfoxprime
Test code improvements:
- #918 Fix #892 Codecov CI job for this project hangs - Thanks @vgnshiyer
- #987 Fix SocketMode Test - Thanks @WilliamBergamin
References
- Release Milestone: https://github.com/slackapi/bolt-python/milestone/79?closed=1
- All Diff: v1.18.0...v1.18.1
Contributors
Assets 2
version 1.18.0
Changes
References
- Release Milestone: https://github.com/slackapi/bolt-python/milestone/77?closed=1
- All Diff: v1.17.2...v1.18.0
Contributors
Assets 2
version 1.17.2
Changes
References
- Release Milestone: https://github.com/slackapi/bolt-python/milestone/78?closed=1
- All Diff: v1.17.1...v1.17.2
Contributors
Assets 2
version 1.17.1
Changes
- #882 Improve the default OAuth page renderers not to embed any params without escaping them - Thanks @seratch
- Upgrade the slack-sdk package version to the latest - Thanks @seratch
References
- Release Milestone: https://github.com/slackapi/bolt-python/milestone/76?closed=1
- All Diff: v1.17.0...v1.17.1
Contributors
Assets 2
version 1.17.0
New Features
Updates on AuthorizeResult properties
In v1.17, two new optional properties bot_scopes and user_scopes have been added to the AuthorizeResult / AsyncAuthorizeResult classes. These properties are used to associate specific scopes with bot_token and user_token, and the built-in InstallationStore automatically resolves them.
bot_scopes: the scopes associated with thebot_token; this can be absent whenbot_tokendoes not existuser_scopes: the scopes associated with theuser_token; this can be absent whenuser_tokendoes not exist
These properties are optional, so all the existing Authorize / AsyncAuthorize sub classes are expected to continue functioning without any code changes.
Also, this version includes the fix for the existing bug where the user_id can be absent when both bot_token and user_token exist.
Please refer to #855 or the details of the changes.
New actor IDs in context
Starting in v1.17, context objects in middleware and listeners provide a few new properties -- actor_enterprise_id, actor_team_id, and actor_user_id--, in addition to existing enterprise_id, team_id, and user_id. You should be curious about the difference. The new "actor" IDs remain the same for interactivity events such as slash commands, global shortcuts, etc. The key difference can appear when your app handles Events API subscription requests such as "app_mention" and "message" events in Slack Connect channels and/or when your app is distributed, and it has multiple workspace installations.
When your app is installed into multiple workspaces and/or by multiple users, the context.user_id can be any of the installed users' ones. Also, if your app is installed into multiple workspaces plus your app is added to a Slack Connect channel shared by those organizations, context.enterprise_id, context.team_id, and context.user_id are associated with any of the workspaces/organizations. Therefore, the tokens provided by bolt-python are still correct, as the tokens are associated with any installations for the received event.
However, when a user mentions your app's bot user in the Slack Connect channel, your app may desire to quickly check if the user (let us call this user "actor") has granted the app with the user's scopes. In this scenario, context.user_id etc. does not work. Instead, you must write your code to identify the "actor"'s workspace and user ID. The newly added "actor" IDs can easily help you handle such patterns. You can rely on the "actor" IDs as long as they exist. In other words, note that they can be absent for some events due to the lack of response data from the Slack server side. Such patterns can be improved by either SDK updates or server-side changes in future versions.
New user_token_resolution option
Related to the above, we added a new option called user_token_resolution: str for App / AsyncApp initialization. The available values for the option are "authed_user" and "actor". The default value is "authed_user", which is fully backward-compatible.
When you set "actor" for the option, your OAuth-enabled app's authorize function can behave differently. More specifically, the authorize function receives all the "actor" IDs. The built-in InstallationStore-based authorize tries to resolve the user token per request using "actor" IDs instead of context.user_id.
Setting "actor" for this option can be beneficial for the apps that require all the users to grant the app some use scopes. In this scenario, your app can easily identify the users who haven't installed the app with sufficient user scopes just by checking the existence of the user token and user scopes in the context.authorize_result object.
If your app does not request any user scopes when installing the app into a workspace, configuring this option does not have any effect on your app.
New before_authorize option
To skip unnecessary workload in a bolt-python app, now you can use before_authorize middleware function for it. Let's say your app receives "message" events but there is nothing to do with subtyped ones such as "message_changed" and "message_deleted". Your authorize function looks up installation data in your database and performs auth.test API calls. In this case, before_authorize can enable the app to skip the authorize operations for subtyped message events this way:
def skip_message_changed_events(payload: dict, next_):
if payload.get("type") == "message" and payload.get("subtype") in ["message_changed", "message_deleted"]:
# acknowledge the request and skip all the following middleware/listeners
return BoltResponse(status=200, body="")
next_()Changes
- #855 #858 Enhance AuthorizeResult to have bot/user_scopes & resolve user_id for user token - Thanks @seratch
- #854 Introduce actor enterprise/team/user_id for Slack Connect events - Thanks @seratch
- #869 Add before_authorize middleware - Thanks @seratch
- #856 Update optional chalice dependency version range - Thanks @seratch
- #861 Improve token rotation error handling and installation error text - Thanks @seratch
References
- Release Milestone: https://github.com/slackapi/bolt-python/milestone/66?closed=1
- All Diff: v1.16.4...v1.17.0