Skip to content

chore(deps): bump protobufjs and firebase-admin in /functions#620

Closed
dependabot[bot] wants to merge 3 commits into
mainfrom
dependabot/npm_and_yarn/functions/multi-983d923b80
Closed

chore(deps): bump protobufjs and firebase-admin in /functions#620
dependabot[bot] wants to merge 3 commits into
mainfrom
dependabot/npm_and_yarn/functions/multi-983d923b80

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 26, 2026

Bumps protobufjs to 7.5.4 and updates ancestor dependency firebase-admin. These dependencies need to be updated together.

Updates protobufjs from 7.2.4 to 7.5.4

Release notes

Sourced from protobufjs's releases.

protobufjs: v7.5.4

7.5.4 (2025-08-15)

Bug Fixes

protobufjs: v7.5.3

7.5.3 (2025-05-28)

Bug Fixes

  • descriptor extensions handling post-editions (#2075) (6e255d4)

protobufjs: v7.5.2

7.5.2 (2025-05-14)

Bug Fixes

protobufjs: v7.5.1

7.5.1 (2025-05-08)

Bug Fixes

  • optimize regressions from editions implementations (#2066) (6406d4c)
  • reserved field inside group blocks fail parsing (#2058) (56782bf)

protobufjs: v7.5.0

7.5.0 (2025-04-15)

Features

  • add Edition 2023 Support (f04ded3)
  • add Edition 2023 Support (ac9a3b9)
  • add Edition 2023 Support (e5ca5c8)
  • add Edition 2023 Support (a84409b)
  • add Edition 2023 Support (9c5a178)
  • add Edition 2023 Support (b2c6867)
  • add Edition 2023 Support (60f3e51)
  • add Edition 2023 Support (a656361)
  • add Edition 2023 Support (869a95b)
  • add Edition 2023 Support (b936af4)
  • add Edition 2023 Support (a938467)

... (truncated)

Changelog

Sourced from protobufjs's changelog.

7.5.4 (2025-08-15)

Bug Fixes

7.5.3 (2025-05-28)

Bug Fixes

  • descriptor extensions handling post-editions (#2075) (6e255d4)

7.5.2 (2025-05-14)

Bug Fixes

7.5.1 (2025-05-08)

Bug Fixes

  • optimize regressions from editions implementations (#2066) (6406d4c)
  • reserved field inside group blocks fail parsing (#2058) (56782bf)

7.5.0 (2025-04-15)

Features

  • add Edition 2023 Support (f04ded3)
  • add Edition 2023 Support (ac9a3b9)
  • add Edition 2023 Support (e5ca5c8)
  • add Edition 2023 Support (a84409b)
  • add Edition 2023 Support (9c5a178)
  • add Edition 2023 Support (b2c6867)
  • add Edition 2023 Support (60f3e51)
  • add Edition 2023 Support (a656361)
  • add Edition 2023 Support (869a95b)
  • add Edition 2023 Support (b936af4)
  • add Edition 2023 Support (a938467)
  • add Edition 2023 Support (1af8454)
  • add Edition 2023 Support (785416f)
  • add feature resolution (a9ffc8a)
  • add feature resolution and tests (68b5339)
  • add feature resolution for protobuf editions (547afa2)

... (truncated)

Commits

Updates firebase-admin from 11.11.1 to 13.7.0

Release notes

Sourced from firebase-admin's releases.

Firebase Admin Node.js SDK v13.7.0

New Features

  • feat(rc): Support Rollout, Personalization, and Experiment values (#3046)

Bug Fixes

  • fix: upgrade @​google-cloud/storage@​7.19.0 (#3071)

Miscellaneous

  • [chore] Release 13.7.0 (#3081)
  • build(deps-dev): bump @​types/lodash from 4.17.18 to 4.17.24 (#3083)
  • build(deps-dev): bump @​typescript-eslint/eslint-plugin (#3086)
  • build(deps): bump node-forge from 1.3.2 to 1.3.3 (#3085)
  • build(deps): bump google-auth-library from 9.15.1 to 10.6.1 (#3084)
  • build(deps): bump @​types/node from 22.10.2 to 25.2.0 (#3064)
  • chore: Deprecate Node.js 18 support (#3079)
  • chore: upgrade @​types/node to v25.2.0 and fix type compatibility (#3078)
  • build(deps): bump ajv in /.github/actions/send-tweet (#3074)
  • build(deps): bump fast-xml-parser from 5.3.5 to 5.3.7 (#3077)
  • build(deps-dev): bump @​microsoft/api-extractor from 7.52.10 to 7.56.2 (#3066)
  • build(deps): bump axios in /.github/actions/send-email (#3070)

Firebase Admin Node.js SDK v13.6.1

Bug Fixes

  • fix: Refactor isURL() to use Built-in URL Constructor (#3061)
  • fix(data-connect): correctly serialize strings with special characters (#3056)

Miscellaneous

  • [chore] Release 13.6.1 (#3063)
  • build(deps): bump jws (#3029)
  • chore: Update release workflows for push triggers (#3062)
  • build(deps-dev): bump lodash from 4.17.21 to 4.17.23 (#3057)
  • build(deps-dev): bump mocha from 11.7.1 to 11.7.5 (#3012)
  • chore: Update github actions workflows and integration test resources (#3052)
  • chore: Rename default branch to (#3033)
  • build(deps): bump node-forge from 1.3.1 to 1.3.2 (#3024)
  • build(deps): bump glob from 10.4.5 to 10.5.0 (#3019)
  • build(deps-dev): bump bcrypt and @​types/bcrypt (#3015)
  • fix validate unit tests (#3009)

Firebase Admin Node.js SDK v13.6.0

New Features

... (truncated)

Commits
  • 2279070 [chore] Release 13.7.0 (#3081)
  • 0da27af build(deps-dev): bump @​types/lodash from 4.17.18 to 4.17.24 (#3083)
  • 64b7755 build(deps-dev): bump @​typescript-eslint/eslint-plugin (#3086)
  • ca0a2d2 build(deps): bump node-forge from 1.3.2 to 1.3.3 (#3085)
  • 189f0ee build(deps): bump google-auth-library from 9.15.1 to 10.6.1 (#3084)
  • 9c4261e build(deps): bump @​types/node from 22.10.2 to 25.2.0 (#3064)
  • 0f29113 chore: Deprecate Node.js 18 support (#3079)
  • ccddfe1 chore: upgrade @​types/node to v25.2.0 and fix type compatibility (#3078)
  • 9327311 build(deps): bump ajv in /.github/actions/send-tweet (#3074)
  • 24e52eb build(deps): bump fast-xml-parser from 5.3.5 to 5.3.7 (#3077)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump protobufjs and firebase-admin in /functions
ffbf499 
Bumps [protobufjs](https://github.com/protobufjs/protobuf.js) to 7.5.4 and updates ancestor dependency [firebase-admin](https://github.com/firebase/firebase-admin-node). These dependencies need to be updated together.


Updates `protobufjs` from 7.2.4 to 7.5.4
- [Release notes](https://github.com/protobufjs/protobuf.js/releases)
- [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md)
- [Commits](protobufjs/protobuf.js@protobufjs-v7.2.4...protobufjs-v7.5.4)

Updates `firebase-admin` from 11.11.1 to 13.7.0
- [Release notes](https://github.com/firebase/firebase-admin-node/releases)
- [Changelog](https://github.com/firebase/firebase-admin-node/blob/main/CHANGELOG.md)
- [Commits](firebase/firebase-admin-node@v11.11.1...v13.7.0)

---
updated-dependencies:
- dependency-name: protobufjs
  dependency-version: 7.5.4
  dependency-type: indirect
- dependency-name: firebase-admin
  dependency-version: 13.7.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 26, 2026
@kevmoo
Copy link
Copy Markdown
Collaborator

kevmoo commented Mar 27, 2026

@dependabot rebase

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Mar 27, 2026

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 26, 2026

Hello 👋, this PR has been without activity for more than 28 days.

If you think this is a mistake please comment and ping a maintainer to get this merged ASAP! Thanks for contributing!

You have 15 days until this gets closed automatically.

@github-actions github-actions Bot added the Stale Issue with no recent activity label Apr 26, 2026
@github-actions github-actions Bot closed this May 17, 2026
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 17, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/functions/multi-983d923b80 branch May 17, 2026 00:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code Stale Issue with no recent activity

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kevmoo