Sourced from @​slack/web-api's releases.

@​slack/web-api@​7.9.1

What's Changed

This release fixes a bug where setting allowAbsoluteUrls to false caused the filesUploadV2 method to error when uploading files. Files can now be uploaded with allowAbsoluteUrls set to false.

Bug fixes 🐛

• fix(web-api): complete file upload v2 calls if absolute urls are not allowed in slackapi/node-slack-sdk#2196 - Thanks @​zimeg!

Maintenance 🧰

• test(web-api): use channel_id instead of channels with files upload v2 in slackapi/node-slack-sdk#2197 - Thanks @​zimeg!

Full Changelog: https://github.com/slackapi/node-slack-sdk/compare/@​slack/web-api@​7.9.0...@​slack/web-api@​7.9.1 Milestone: https://github.com/slackapi/node-slack-sdk/milestone/142

@​slack/web-api@​7.9.0

What's Changed

This release adds the allowAbsoluteUrls option to the WebClient constructor.

For code using dynamic method names with .apiCall, this will toggle if requests should be sent to absolute URLs provided:

const { WebClient } = require('@slack/web-api');
const web = new WebClient(token, {
allowAbsoluteUrls: false, // Default: true
});
const _response = await web.apiCall('https://example.com', { /* ... */ });

$ node index.js
[DEBUG]  web-api:WebClient:0 http request url: https://slack.com/api/https://example.com
...
[WARN]  web-api:WebClient:0 http request failed An HTTP protocol error occurred: statusCode = 404

The default allowAbsoluteUrls value is true to avoid a breaking change with this update, but we suggest deciding if this option should be applied to scripts and adjacent code.

Enhancements 🎉

• feat(web-api): add configs to toggle absolute url usage in dynamic api calls in slackapi/node-slack-sdk#2176 - Thanks @​zimeg!

Maintenance 🧰

• fix(web-api): bump axios to 1.8.3 to address CVE-2025-27152 in slackapi/node-slack-sdk#2172 - Thanks @​zimeg!

... (truncated)

• ee8ada3 chore(web-api): release @​slack/web-api@​7.9.1 (#2206)
• e8e7b27 chore(deps-dev): bump typescript from 5.7.3 to 5.8.2 in /packages/oauth (#2162)
• dfe6c0e chore(deps-dev): bump sinon from 19.0.5 to 20.0.0 in /packages/oauth in the d...
• 5fe0b80 chore(deps-dev): bump sinon from 19.0.5 to 20.0.0 in /packages/socket-mode in...
• eccb157 chore(deps-dev): bump sinon from 19.0.5 to 20.0.0 in /packages/web-api in the...
• 0a754a3 chore(deps-dev): bump sinon from 19.0.5 to 20.0.0 in /packages/cli-hooks in t...
• e35d1c3 chore(deps-dev): bump sinon from 19.0.5 to 20.0.0 in /packages/cli-test in th...
• 6d68397 test(oauth): increase timeouts for file state store checks with multiple entr...
• 1d58f47 chore(deps-dev): bump sinon from 19.0.5 to 20.0.0 in /packages/logger in the ...
• 0903f5f fix(web-api): complete file upload v2 calls if absolute urls are not allowed ...
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)