Bump jsonwebtoken and botframework-webchat in /Website/ClientApp

[dependabot]

Removes jsonwebtoken. It's no longer used after updating ancestor dependency botframework-webchat. These dependencies need to be updated together.

Removes jsonwebtoken

Updates botframework-webchat from 4.9.2 to 4.15.8

Release notes

Sourced from botframework-webchat's releases.

[4.15.8] - 2023-06-06

Subresource Integrity

The CDN URL will be online in about a day after we completed publish to NPM.

<script
  crossorigin="anonymous"
  integrity="sha384-4vGD9F0KRTew8maUTxtkCq0vbJDB+o05wRdhSEP3HGU6P6Nob7gt+OG//fYfvbYL"
  src="https://cdn.botframework.com/botframework-webchat/4.15.8/webchat.js"
></script>
<script
crossorigin="anonymous"
integrity="sha384-aMT2td/gP8Wy5N+3pVTV0Wc85z8P9UoNGMZbLEHr8kqbySXFXGLJ1uzwYUGVmIQe"
src="https://cdn.botframework.com/botframework-webchat/4.15.8/webchat-es5.js"
></script>
<script
crossorigin="anonymous"
integrity="sha384-Tzp6VuLIY8CEHwULCIzP6jdMkjhjWK7M13mHKSObh5Rh0MQoptGsA11NDs9qpvL6"
src="https://cdn.botframework.com/botframework-webchat/4.15.8/webchat-minimal.js"
></script>

Changelog

Breaking changes

• When activity.channelData['webchat:fallback-text'] is present but empty, it will no longer applies aria-hidden to the activity
  • The activity will not be narrated through live region. However, when navigating the transcript, it will be narrated as empty
  • To make an activity presentational or hide from screen reader, please use activityMiddleware to customize the rendering

Added

• Resolved #4643. Decoupling botframework-directlinejs from business logic of Web Chat for better tree-shaking, by @​compulim, in PR #4645 and PR #4648
• Resolved #4650. Added automated accessibility check using axe-core
  • Add axe-core in end-to-end tests, by @​compulim, in PR #4704
  • HTML test: using <main> for the root container, by @​compulim, in PR #4684 and PR #4704
  • HTML test: changed contrast ratio in tests that use different background colors, by @​compulim, in PR #4686 and PR #4704
  • Added ponyfill prop to <ReactWebChat>/<Composer> and createStoreWithOptions, by @​compulim, in PR #4662
    • This is for development scenarios where fake timer is needed and will only applies to Web Chat only
  • HTML test: fix accessibility issues on HTML file, by @​compulim, in PR #4685
  • HTML test: ensure all images has alternate text, by @​compulim, in PR #4704
  • Adaptive Cards: always set role attribute, by @​compulim, in PR #4704
  • Adaptive Cards: update host config to use lighter color for disabled inputs, by @​compulim, in PR #4704
  • Keyboard help screen: remove <header> container, by @​compulim, in PR #4704
  • Live region: added <label> for input fields in Adaptive Cards, by @​compulim, in PR #4704

Fixed

... (truncated)

Changelog

Sourced from botframework-webchat's changelog.

[4.15.8] - 2023-06-06

Breaking changes

• When activity.channelData['webchat:fallback-text'] is present but empty, it will no longer applies aria-hidden to the activity
  • The activity will not be narrated through live region. However, when navigating the transcript, it will be narrated as empty
  • To make an activity presentational or hide from screen reader, please use activityMiddleware to customize the rendering

Added

• Resolved #4643. Decoupling botframework-directlinejs from business logic of Web Chat for better tree-shaking, by @​compulim, in PR #4645 and PR #4648
• Resolved #4650. Added automated accessibility check using axe-core
  • Add axe-core in end-to-end tests, by @​compulim, in PR #4704
  • HTML test: using <main> for the root container, by @​compulim, in PR #4684 and PR #4704
  • HTML test: changed contrast ratio in tests that use different background colors, by @​compulim, in PR #4686 and PR #4704
  • Added ponyfill prop to <ReactWebChat>/<Composer> and createStoreWithOptions, by @​compulim, in PR #4662
    • This is for development scenarios where fake timer is needed and will only applies to Web Chat only
  • HTML test: fix accessibility issues on HTML file, by @​compulim, in PR #4685
  • HTML test: ensure all images has alternate text, by @​compulim, in PR #4704
  • Adaptive Cards: always set role attribute, by @​compulim, in PR #4704
  • Adaptive Cards: update host config to use lighter color for disabled inputs, by @​compulim, in PR #4704
  • Keyboard help screen: remove <header> container, by @​compulim, in PR #4704
  • Live region: added <label> for input fields in Adaptive Cards, by @​compulim, in PR #4704

Fixed

• Fixes #4557. Flipper buttons in carousels and suggested actions is now renamed to "next/previous" from "left/right", by @​compulim, in PR #4646
• Fixes #4652. Keyboard help screen, activity focus traps, and chat history terminator should not be hidden behind aria-hidden because they are focusable, by @​compulim, in PR #4659
• Fixes #4665. Updated development server with latest ESBuild API, by @​compulim, in PR #4662.
• Fixes #4706. Send button and ENTER key should function after reconnected, by @​compulim, in PR #4707.
• Fixes #4708. Should function properly in browsers without setImmediate or without passing store prop, by @​compulim, in PR #4709.

Changed

• Bumped all dependencies to the latest versions, by @​compulim in PR #4647, PR #4655, and PR #4737
  • Production dependencies
    • @emotion/[email protected]
    • [email protected]
    • [email protected]
    • [email protected]
    • [email protected]
    • [email protected]
    • [email protected]
    • [email protected]
  • Development dependencies
    • @types/[email protected]
    • @types/[email protected]
    • @typescript-eslint/[email protected]
    • @typescript-eslint/[email protected]
    • [email protected]

... (truncated)

Commits

• 5922488 4.15.8 (#4739)
• 370ecd2 Bump [email protected] (#4737)
• 504fb24 Fix no clearImmediate and no store prop (#4709)
• 753b8a6 useSubmit() should function after reconnect (#4707)
• 960a5a5 Add axe-core and fix tests (#4704)
• 9f00e6c HTML tests: fix accessibility issues in HTML files (#4685)
• 0e770c8 Ponyfill clock functions via ponyfill prop (#4662)
• 7c84458 Change subtle color (#4686)
• 2c853c8 HTML tests: use <main> for container (#4684)
• 573cfb7 Remove aria-hidden attributes from focusables (#4659)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.