npmpackage.info

Gathering detailed insights and metrics for botframework-schema

Other packages similar to botframework-schema

botframework-webchat

4.18.0

A highly-customizable web-based chat client for Azure Bot Services.

botframework-directlinejs

0.15.5

Client library for the Microsoft Bot Framework Direct Line 3.0 protocol

json-schema-traverse

1.0.0

Traverse JSON Schema passing each schema object to callback

@microsoft/bf-dialog

4.15.0

@microsoft/bf-dialog ====================

Gathering detailed insights and metrics for botframework-schema

botframework-schema

Welcome to the Bot Framework SDK for JavaScript repository, which is the home for the libraries and packages that enable developers to build sophisticated bot applications using JavaScript.

4.23.1

685

MIT

TypeScript

15,689,882 6.9

Installations

npm install botframework-schema

Score

99.7

Supply Chain

80.6

Quality

90.8

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

9

Total

2,472

Closed

287

Merged

2,176

Issues

Open

24

Total

2,287

Closed

2,263

Releases

Bot Framework JS SDK 4.23.1

4.23.1

Published on 23 Sept 2024

Bot Framework JS SDK 4.23.0

4.23.0

Published on 29 Aug 2024

Bot Framework for JS SDK 4.22.3

4.22.3

Published on 27 Jun 2024

Bot Framework JS SDK 4.22.2

4.22.2

Published on 15 Apr 2024

Bot Framework JS SDK 4.22.0

4.22.0

Published on 25 Jan 2024

Bot Framework JS SDK 4.21.4

4.21.4

Published on 08 Jan 2024

View all 45 releases

Developer

Microsoft

Developer Guide

BETA

Module System

CommonJS

Min. Node Version

Typescript Support

Yes

Node Version

18.20.3

NPM Version

10.7.0 Statistics

685 Stars

3,810 Commits

281 Forks

75 Watching

48 Branches

164 Contributors

Updated on 27 Nov 2024

Languages

TypeScript (54.63%)

JavaScript (44.69%)

ANTLR (0.29%)

Batchfile (0.17%)

Shell (0.15%)

HTML (0.04%)

CSS (0.02%)

PowerShell (0.02%)

Total Downloads

Cumulative downloads

Total Downloads

15,689,882

Last day

-0.8%

22,434

Compared to previous day

Last week

4.3%

120,712

Compared to previous week

Last month

16.3%

487,020

Compared to previous month

Last year

-12.6%

4,813,229

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

zod uuid adaptivecards

Versions

This repository contains code for the JavaScript version of the Microsoft Bot Framework SDK, which is part of the Microsoft Bot Framework - a comprehensive framework for building enterprise-grade conversational AI experiences.

This SDK enables developers to model conversation and build sophisticated bot applications using JavaScript. SDKs for .NET, Python and Java (preview) are also available.

To get started building bots using the SDK, see the Azure Bot Service Documentation. If you are an existing user, then you can also find out what's new with Bot Framework.

For more information jump to a section below.

Build status
Packages
Getting started
Getting support and providing feedback
Contributing and our code of conduct
Reporting security sssues

Build Status

Branch	Description	Test Status	Coverage Status	Windows Bot Test Status	Linux Bot Test Status	Browser Functional Tests
main	4.15.x Tests

Packages

Name	NPM Package
adaptive-expressions
adaptive-expressions-ie11
botbuilder
botbuilder-ai
botbuilder-ai-orchestrator
botbuilder-ai-luis
botbuilder-ai-qna
botbuilder-applicationinsights
botbuilder-azure
botbuilder-azure-blobs
botbuilder-azure-queues
botbuilder-core
botbuilder-dialogs
botbuilder-dialogs-adaptive
botbuilder-dialogs-adaptive-runtime
botbuilder-dialogs-adaptive-runtime-core
botbuilder-dialogs-adaptive-runtime-integration-express
botbuilder-dialogs-adaptive-runtime-integration-azure-functions
botbuilder-dialogs-adaptive-runtime-integration-restify
botbuilder-dialogs-adaptive-testing
botbuilder-dialogs-declarative
botbuilder-lg
botbuilder-stdlib
botbuilder-testing
botframework-config
botframework-connector
botframework-schema
botframework-streaming

To view package interdependencies, see the dependency graph.

Getting Started

To get started building bots using the SDK, see the Azure Bot Service Documentation.

The Bot Framework Samples includes a rich set of samples repository.

If you want to debug an issue, would like to contribute, or understand how the Bot Builder SDK works, instructions for building and testing the SDK are below.

Prerequisites

Git
Node.js
Yarn 1.x
TypeScript version >= 3.8
Your favorite code-editor for example VS Code

Clone

Clone a copy of the repo:

1git clone https://github.com/microsoft/botbuilder-js.git

Change to the SDK's directory:

1cd botbuilder-js

Build and test locally

Install the prerequisites.

1yarn

Then use the following command to build the SDK.

1yarn build

Running unit tests

Use the following command to run the unit tests.

1yarn test

The prep-test.cmd command is run to install test keys and start the Azure Storage Emulator if its installed. Any unit tests needing test keys or the storage emulator are designed to be skipped if their dependencies are missing so most developers won't need to worry about running this command.

If you have a need to re-generate the LUIS or connector clients using the latest swagger you'll need to install autorest (requires Node 7.10.0 or higher), which you can do with the following command.

1yarn global add global autorest

Getting support and providing feedback

Below are the various channels that are available to you for obtaining support and providing feedback. Please pay carful attention to which channel should be used for which type of content. e.g. general "how do I..." questions should be asked on Stack Overflow, Twitter or Gitter, with GitHub issues being for feature requests and bug reports.

Github issues

Github issues should be used for bugs and feature requests.

Stack overflow

Stack Overflow is a great place for getting high-quality answers. Our support team, as well as many of our community members are already on Stack Overflow providing answers to 'how-to' questions.

Azure Support

If you issues relates to Azure Bot Service, you can take advantage of the available Azure support options.

Twitter

We use the @msbotframework account on twitter for announcements and members from the development team watch for tweets for @msbotframework.

Gitter Chat Room

The Gitter Channel provides a place where the Community can get together and collaborate.

Contributing and our code of conduct

We welcome contributions and suggestions. Please see our contributing guidelines for more information.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Reporting Security Issues

Security issues and bugs should be reported privately, via email, to the Microsoft Security Response Center (MSRC) at secure@microsoft.com. You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Further information, including the MSRC PGP key, can be found in the Security TechCenter.

Licensed under the MIT License.

No vulnerabilities found.

10

Code-Review

Determines if the project requires code review before pull requests (aka merge requests) are merged.

10

Maintained

Determines if the project is "actively maintained".

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

10

Security-Policy

Determines if the project has published a security policy.

10

License

Determines if the project has defined a license.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Dependency-Update-Tool

Determines if the project uses a dependency update tool.

6

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

5

Pinned-Dependencies

Determines if the project has declared and pinned its dependencies.

Reason

dependency not pinned by hash detected -- score normalized to 5

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create-parity-issue.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/create-parity-issue.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/create-parity-issue.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/create-parity-issue.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/depcheck.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/depcheck.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/depcheck.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/depcheck.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/depcheck.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/depcheck.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/lint.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/lint.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/lint.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-style.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/pr-style.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-compat.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/test-compat.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-compat.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/test-compat.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-compat.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/test-compat.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-consumer.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/test-consumer.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-consumer.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/test-consumer.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-consumer.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/test-consumer.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-repoutils.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/test-repoutils.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-repoutils.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/test-repoutils.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-repoutils.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/test-repoutils.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-schemas.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/test-schemas.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-schemas.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/test-schemas.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-schemas.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/test-schemas.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/tests.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/tests.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/joeyspacerocks/teenypm/tests.yml/master?enable=pin
Warn: containerImage not pinned by hash: .gitpod.Dockerfile:1
Warn: npmCommand not pinned by hash: libraries/swagger/generateClient.sh:10
Warn: npmCommand not pinned by hash: testing/functional/functionaltestbot/deployment-scripts/linux/deploy.sh:55
Warn: npmCommand not pinned by hash: testing/streaming-e2e/bot/deployment-scripts/linux/deploy.sh:55
Warn: npmCommand not pinned by hash: testing/testbot/deployment-scripts/linux/deploy.sh:55
Info: no insecure (not pinned by hash) dependency downloads found in Dockerfiles
Info: no insecure (not pinned by hash) dependency downloads found in shell scripts

0

CII-Best-Practices

Determines if the project has a CII Best Practices Badge.

0

Signed-Releases

Determines if the project cryptographically signs release artifacts.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Fuzzing

Determines if the project uses fuzzing.

Score

6.9

/10

Last Scanned on 2022-08-15

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More