Adding externalAppCardActionsForDA capability

[lakhveerk]

For more information about how to contribute to this repo, visit this page.

Description

Added externalAppCardActionsForDA capability with actionOpenUrlDialog function that is designed for bizchat to call. Added UTs, E2e tests, and test app related changes for this capability.

Validation

Validation performed:

1. <Step 1>
2. <Step 2>

Unit Tests added:

Unit tests are required for all changes. If no unit tests were added as part of this change, please explain why they aren't necessary.
Yes

End-to-end tests added:

Yes,
This PR have the test cases for isSupported functions. The rest of the e2e tests will be added to host sdk

Additional Requirements

Change file added:

Ensure the change file meets the formatting requirements.

Yes

[github-actions]

This pull request contains changes to the runtime.ts file. If you, as the author of this PR, have made changes to the Runtime interface please review RUNTIME.md to determine if a new runtime version is required. Please reply to this comment stating what changes, if any, were made to the runtime object and whether a new runtime version was required.

[github-actions]

size-limit report 📦

Path	Size	Loading time (3g)	Running time (snapdragon)	Total time
packages/teams-js/dist/esm/packages/teams-js/src/index.js	182.37 KB (+0.61% 🔺)	3.7 s (+0.61% 🔺)	148 ms (-5.35% 🔽)	3.8 s

[lakhveerk]

This pull request contains changes to the runtime.ts file. If you, as the author of this PR, have made changes to the Runtime interface please review RUNTIME.md to determine if a new runtime version is required. Please reply to this comment stating what changes, if any, were made to the runtime object and whether a new runtime version was required.

Added a new capability to run time. A new runtime is not needed because it does not edit any of the existing capabilities.

[jekloudaMSFT]

Why doesn't ValidatedStringId validate the string length too?

[lakhveerk]

During my output-validation conversation with security and Teams, it came up that min/max is an old recommendation that stems from C/C++ code where developers had to deal with fixed memory space, reserved in advance, to store property values. And thus, they had to make sure that an incoming property value would not exceed the length they reserved memory for, otherwise that could cause a buffer overrun which used to be a massive attack vector in Windows prior to XP Service Pack 2.
Security was ok to not have the min max length requirement. For that reason, I created a new class that just checks for Opaque and script tags.

Your comment made me thought that we can have a uuid instead. I will check with 3pcxp and will respond back.

[lakhveerk]

@ndangudubiyyam Niharika, I am going to update 3pcxp. If you agree with this decision to use UUID, can you update hubsdk PR please? I will report here what partners response, but you can keep track of the convo in Teams channel.

[jekloudaMSFT]

Please make sure it's really a UUID! We always get tripped up when it's something that looks like a UUID but doesn't actually confirm to the UUID spec

[lakhveerk]

We already have a class UUID that validate that the id is uuid type. I am planning to use that

[lakhveerk]

@jekloudaMSFT if we do go with UUID, do you want me to delete the validatedStringId class? OR is it still beneficial to have it around for future use?