Bump github.com/slack-go/slack from 0.20.0 to 0.21.0

[dependabot]

Bumps github.com/slack-go/slack from 0.20.0 to 0.21.0.

Release notes

Sourced from github.com/slack-go/slack's releases.

v0.21.0

[!WARNING] This release contains multiple breaking changes. Please review the sections below before upgrading.

Breaking changes

Removed APIs

• IM struct removed — Use Conversation instead. IsUserDeleted has been moved there.
• Info.GetBotByID, GetUserByID, GetChannelByID, GetGroupByID, GetIMByID removed — These were deprecated and returned nil unconditionally. Remove any calls to them.

Signature changes

• ListReactions now uses cursor-based pagination — Returns ([]ReactedItem, string, error) instead of ([]ReactedItem, *Paging, error). ListReactionsParameters replaces Count/Page with Cursor/Limit.

  // Before
  items, paging, err := api.ListReactions(params)
  // After
  items, nextCursor, err := api.ListReactions(params)

• ListStars/GetStarred now use cursor-based pagination — Same pattern: returns string (next cursor) instead of *Paging. StarsParameters replaces Count/Page with Cursor/Limit.

• GetAccessLogs now uses cursor-based pagination — Same pattern: returns string (next cursor) instead of *Paging. AccessLogParameters replaces Count/Page with Cursor/Limit.

• Ack() and Send() now return error (Socket Mode) — Large payloads (≥20KB) that Slack silently dropped are now rejected with an error. Existing call sites that ignore the return value still compile.

Type changes

• WebhookMessage.UnfurlLinks / UnfurlMedia → *bool — Required to distinguish "omit" from "false".

  // Before
  msg := slack.WebhookMessage{UnfurlLinks: true}
  // After
  t := true
  msg := slack.WebhookMessage{UnfurlLinks: &t}

• User.Has2FA → *bool — nil means absent/unknown (bot tokens), false means explicitly disabled.

Behavior changes

• MsgOptionBlocks() with no arguments now sends blocks=[] — Previously a silent no-op. If you relied on that, remove the option entirely.
• admin error strings now start with lowercase — If you match error content in your code, update your comparisons.

Added

• admin.teams.settings.* API support — Full suite: AdminTeamsSettingsInfo, SetDefaultChannels, SetDescription, SetDiscoverability, SetIcon, SetName (#960)

... (truncated)

Changelog

Sourced from github.com/slack-go/slack's changelog.

[0.21.0] - 2026-04-05

Deprecated

• slackevents.ParseActionEvent — Cannot parse block_actions payloads (returns unmarshalling error). Use slack.InteractionCallback with json.Unmarshal instead, or slack.InteractionCallbackParse for HTTP requests. InteractionCallback handles all interaction types. (#596)
• slackevents.MessageAction, MessageActionEntity, MessageActionResponse — Associated types that only support legacy interactive_message payloads.

Removed

• IM struct — Removed the IM struct (and unused internal types imChannel, imResponseFull). The IsUserDeleted field has been moved to Conversation, where it is populated for IM-type conversations. Code using IM should switch to Conversation.

  [!NOTE] In practice no user should be affected — IM was never returned by any public API method in this library, so there was no way to obtain one outside of manual construction.

• Info.GetBotByID, GetUserByID, GetChannelByID, GetGroupByID, GetIMByID — These methods were deprecated and returned nil unconditionally. They have been removed.

  [!WARNING] Breaking change. If you are calling any of these methods, remove those calls — they were already no-ops.

Added

• admin.teams.settings.* API support — AdminTeamsSettingsInfo, AdminTeamsSettingsSetDefaultChannels, AdminTeamsSettingsSetDescription, AdminTeamsSettingsSetDiscoverability, AdminTeamsSettingsSetIcon, and AdminTeamsSettingsSetName. Includes TeamDiscoverability enum with Open, InviteOnly, Closed, and Unlisted variants. (#960)
• OAuthOptionAPIURL for package-level OAuth functions — All package-level OAuth functions (GetOAuthV2Response, GetOpenIDConnectToken, RefreshOAuthV2Token, etc.) now accept variadic OAuthOption arguments. Use OAuthOptionAPIURL(url) to override the default Slack API URL, enabling integration tests against a local HTTP server. Existing callers are unaffected. (#744)
• GetOpenIDConnectUserInfo / GetOpenIDConnectUserInfoContext — Returns identity information about the user associated with the token via openid.connect.userInfo. Complements the existing GetOpenIDConnectToken method. (#967)
• HTTP response headers — Slack API response headers (e.g. X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Ratelimit-*) are now accessible. AuthTestResponse exposes a Header field directly. For all other methods, use OptionOnResponseHeaders(func(method string, headers http.Header)) to register a callback that fires after every API call. (#1076)
• DNDOptionTeamID — GetDNDInfo and GetDNDTeamInfo now accept optional ParamOption arguments. Use DNDOptionTeamID("T...") to pass team_id, which is

... (truncated)

Commits

• fc49102 chore: v0.21.0
• 2666fa0 fix(blocks): preserve raw JSON in UnknownBlock
• 8189cb4 docs: update changelog with BlockFromJSON/MustBlockFromJSON
• 063d013 Add support for arbitrary JSON blocks
• c6a1f34 feat(admin): add admin.teams.settings.* methods
• cc21fd1 feat(oauth): add OAuthOptionAPIURL for testable OAuth functions
• 6a63662 fix(websocket): add missing events (apps, activity, badge count)
• 9e3d20a feat(rtm): add sh_room and channel_updated event mappings
• bfd53c6 feat(oauth): add GetOpenIDConnectUserInfo
• ca62227 fix(blocks): preserve unknown rich text elements on round-trip (#764)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[what-the-diff]

PR Summary

• Dependency Update
  Our code relies on various external libraries, one being 'slack-go/slack'. This PR updates our version of this library from v0.20.0 to v0.21.0. This could offer potential improvements or bug fixes that the newer version of the library provides. Updating versions like this is an important part of keeping our application up-to-date, reliable, and secure.

• Checksum Update
  As a consequence of the version update, the corresponding checksum (a form of tracking and validation) in our 'go.sum' file has been updated as well, ensuring consistency and correctness in our dependencies. This is a necessary step whenever we update our dependencies.