Harden Slackbot dependencies and adapters to resolve Dependabot alerts

Parent: #65 
1. Upgrade Hubot to 13.1.4 and migrate from hubot-slack RTM adapter to @hubot-friends/hubot-slack (Socket Mode).
2. Refresh vulnerable dependencies (Firebase 12.4.0, Standard 17, etc.) and regenerate the lockfile.
3. Replace the deprecated hubot-heroku-keepalive script with an internal initializer; update tests accordingly.
4. Update helpers/templates/specs (welcome email, mentioned rooms, tweeter, watch-for-disconnected) to work with new Hubot APIs.
5. Add [.env.example](vscode-file://vscode-app/snap/code/211/usr/share/code/resources/app/out/vs/code/electron-browser/workbench/workbench.html), revised README instructions, and document verification steps in [security-upgrade-plan.md](vscode-file://vscode-app/snap/code/211/usr/share/code/resources/app/out/vs/code/electron-browser/workbench/workbench.html).

Acceptance Criteria:
1. npm run lint, [npm test](vscode-file://vscode-app/snap/code/211/usr/share/code/resources/app/out/vs/code/electron-browser/workbench/workbench.html), and npm audit --omit=dev all succeed.
2. Hubot connects locally using Socket Mode tokens (document sandbox or production verification).
3. Dependabot vulnerability count drops to zero after merging into main.
4. Documentation updated to cover new setup and testing instructions.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Harden Slackbot dependencies and adapters to resolve Dependabot alerts #99

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Harden Slackbot dependencies and adapters to resolve Dependabot alerts #99

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions