Skip to content

Bump js-yaml and firebase-tools in /javascript-firestore-auth-crash-course #132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump js-yaml and firebase-tools in /javascript-firestore-auth-crash-course #132

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 15, 2025

Bumps js-yaml to 4.1.1 and updates ancestor dependency firebase-tools. These dependencies need to be updated together.

Updates js-yaml from 4.1.0 to 4.1.1

Changelog

Sourced from js-yaml's changelog.

[4.1.1] - 2025-11-12

Security

  • Fix prototype pollution issue in yaml merge (<<) operator.
Commits

Updates firebase-tools from 10.5.0 to 13.27.0

Release notes

Sourced from firebase-tools's releases.

v13.27.0

  • Fixes an issue where emulators:exec would return a 0 error code when emulators failed to start. (#7974)
  • Added --import and emulators:export support to the Data Connect emulator.
  • Added firebase.json#emulators.dataconnect.dataDir. When set, Data Connect data will be persisted to the configured directory between emulator runs.
  • Added App Hosting Emulator: https://firebase.google.com/docs/app-hosting/emulate
  • Added apphosting:config:export to export App Hosting configurations such as secrets into an apphosting.local.yaml file, to be used by the emulator

v13.26.0

  • Migrated some API calls from firebase.googleapis.com to cloudresourcemanager.googleapis.com.
  • Moved firebase-tools-ui server.js logic to fireabse-tools to run it in-memory. (#7897)
  • Updates superstatic to 9.1.0 (#7929).
  • Added the appdistribution:group:list and appdistribution:testers:list commands.
  • Aliased appdistribution:group:* commands to appdistribution:groups:*.
  • Updated the Firebase Data Connect local toolkit to v1.7.3, which includes:
    • Bug fixes for @auth expressions that reference the auth variable
    • Allows custom boolean claims on the auth token to be returned in expressions
    • Adds support for Optional arrays in Swift codegen
    • Updates Kotlin codegen to use fully-qualified class names everywhere
    • Removes StringType_pattern from generated docs and GQL prelude. (#7968)

v13.25.0

  • Fix Task Queue Emulator error handling to display error message properly. (#7916)
  • Fixed some misleading logs when using the Data Connect emulator with FIREBASE_DATACONNECT_POSTGRESQL_STRING set. (#7882)
  • Update the Firebase Data Connect local toolkit to v1.7.0, which includes support for query in mutations, @check for advanced authorization, and replaces java.util.Date with com.google.firebase.dataconnect.LocalDate for Date scalar fields and variables in Kotlin codegen. (#7936)
  • Fixed firebase init genkit to work with genkit version 0.9.0.

v13.24.2

  • Bump the Firebase Data Connect local toolkit to v1.6.1, which fixes the OrderDirection enum with Optional types in Dart codegen and adds @ExperimentalFirebaseDataConnect annotations in Kotlin codegen to avoid compiler warnings. (#7912)

v13.24.1

  • Fixes an issue where Cloud resource location wasn't set during firebase init

v13.24.0

  • Fixes an error creating a rollout with App Hosting in the beta API (#7896)
  • Added support for Next.js 15. (#7588)

v13.23.1

  • Check that billing is enabled and move App Hosting next to Hosting in init list (#7871).
  • Fix rollouts:create to handle backend regionality & other fixes. (#7862)
  • Fixed Next.js issue with PPR routes not rendering correctly. (#7625)
  • Bump the Firebase Data Connect local toolkit version to v1.6.0, which adds support for upsertMany, introduces vars as a shorthand for request.variables in @auth expressions, adds new methods to GeneratedConnector and GeneratedOperation implementations in Kotlin codegen (requires the v16.0.0-beta03 SDK), and fixes the use of Timestamp with optional types in Dart codegen (#7888).

v13.23.0

  • Add support for deploying new blocking triggers. (#6384)
  • Have the firestore:delete command retry on bandwidth exceeded errors. (#7845)

v13.22.1

  • Updated dependencies in functions initialization template. (#7809)
  • Fixed Flutter web apps that might require the --no-tree-shake-icons flag in order to build. (#7724)
  • Removed outdated dependency on rimraf.

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump js-yaml and firebase-tools
82151f7 
Bumps [js-yaml](https://github.com/nodeca/js-yaml) to 4.1.1 and updates ancestor dependency [firebase-tools](https://github.com/firebase/firebase-tools). These dependencies need to be updated together.


Updates `js-yaml` from 4.1.0 to 4.1.1
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@4.1.0...4.1.1)

Updates `firebase-tools` from 10.5.0 to 13.27.0
- [Release notes](https://github.com/firebase/firebase-tools/releases)
- [Commits](firebase/firebase-tools@v10.5.0...v13.27.0)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-version: 4.1.1
  dependency-type: indirect
- dependency-name: firebase-tools
  dependency-version: 13.27.0
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Nov 15, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants