Skip to content

Bump @grpc/grpc-js, firebase-functions and firebase-admin#635

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/multi-8139e8e1bd
Open

Bump @grpc/grpc-js, firebase-functions and firebase-admin#635
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/multi-8139e8e1bd

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 11, 2026

Copy link
Copy Markdown
Contributor

Bumps @grpc/grpc-js to 1.9.16 and updates ancestor dependencies @grpc/grpc-js, firebase-functions and firebase-admin. These dependencies need to be updated together.

Updates @grpc/grpc-js from 1.9.15 to 1.9.16

Release notes

Sourced from @​grpc/grpc-js's releases.

@​grpc/grpc-js 1.9.16

Commits
  • 0acbec3 Merge pull request #3057 from murgatroid99/grpc-js_1.9.16
  • dc863ba Merge commit from fork
  • 5174091 Merge commit from fork
  • 343ef83 grpc-js: Bump version to 1.9.16
  • f7d3eec Make compression error a static string
  • b6dcfc3 Fix crashes when receiving malformed compressed data
  • 1cf4bfa Fix server crash when handling invalid requests
  • 1aec8d8 Merge pull request #2992 from murgatroid99/grpc-js_fix_buffer_type_1.9.x
  • b9797cf grpc-js: Declare buffer type to avoid build error
  • ff204f7 Merge pull request #2887 from murgatroid99/grpc-js-xds_preserve_type_state_1.9.x
  • Additional commits viewable in compare view

Updates firebase-functions from 4.5.0 to 4.9.0

Release notes

Sourced from firebase-functions's releases.

v4.9.0

  • Add new 2nd gen Firestore auth context triggers. (#1519)

v4.8.2

Fix bug with CORS options for an array of one string (#1544)

v4.8.1

Fix bug where 1st gen functions eventually fail with stack too deep (#1540) Make simple CORS options static for improved debugability (#1536)

v4.8.0

Add onInit callback function for global variable initialization (#1531)

v4.7.0

  • Fixes access on deeply nested, nonexistent property. (#1432)
  • Add IteratedDataSnapshot interface to match with firebase admin v12 (#1517).
  • Make bucket parameterizeable in storage functions (#1518)
  • Introduce helper library for select and multi-select input (#1518)

v4.6.0

  • Wrap 2nd gen onCall functions with trace context. (#1491)
  • Bump peer depdencies for firebase-admin to support 12.0.0. (#1509)
Commits

Updates firebase-admin from 11.11.1 to 12.7.0

Release notes

Sourced from firebase-admin's releases.

Firebase Admin Node.js SDK v12.7.0

New Features

  • feat(auth): Add recaptcha and sms toll fraud support for phone auth (#2625)

Bug Fixes

  • fix: Pin @firebase/database-compat to v1.0.8 (#2739)

Miscellaneous

  • [chore] Release 12.7.0 (#2741)
  • build(deps-dev): bump @​microsoft/api-extractor from 7.47.9 to 7.47.11 (#2734)
  • build(deps-dev): bump @​types/lodash from 4.17.10 to 4.17.12 (#2735)
  • chore: Add X-Goog-Api-Client metric header to Auth and FCM requests (#2738)
  • chore: Update auth.spec.ts (#2737)
  • chore: fix dataconnect integration tests (#2736)
  • build(deps-dev): bump @​firebase/app-compat from 0.2.42 to 0.2.43 (#2729)
  • build(deps-dev): bump @​types/lodash from 4.17.9 to 4.17.10 (#2730)
  • fixes function name resolution to cloud tasks emulator queue (#2726)
  • build(deps-dev): bump @​types/mocha from 10.0.8 to 10.0.9 (#2721)
  • build(deps-dev): bump @​firebase/app-compat from 0.2.41 to 0.2.42 (#2722)
  • build(deps-dev): bump nyc from 17.0.0 to 17.1.0 (#2718)
  • build(deps): bump @​google-cloud/storage from 7.12.1 to 7.13.0 (#2717)
  • build(deps-dev): bump @​types/mocha from 10.0.7 to 10.0.8 (#2719)

Firebase Admin Node.js SDK v12.6.0

New Features

  • feat: Add Data Connect API (#2701)

Bug Fixes

  • fix(auth): Add missing Math.floor() when setting validDuration in createSessionCookie() (#2712)

Miscellaneous

  • [chore] Release 12.6.0 (#2715)
  • build(deps-dev): bump @​types/lodash from 4.17.7 to 4.17.9 (#2710)
  • build(deps-dev): bump @​firebase/app-compat from 0.2.39 to 0.2.41 (#2711)
  • build(deps-dev): bump eslint from 8.57.0 to 8.57.1 (#2707)
  • build(deps-dev): bump @​microsoft/api-extractor from 7.47.6 to 7.47.9 (#2706)
  • build(deps): bump @​google-cloud/firestore from 7.9.0 to 7.10.0 (#2705)

Firebase Admin Node.js SDK v12.5.0

New Features

... (truncated)

Commits
  • 8d49b7e [chore] Release 12.7.0 (#2741)
  • 8fc56a7 build(deps-dev): bump @​microsoft/api-extractor from 7.47.9 to 7.47.11 (#2734)
  • 41e414e build(deps-dev): bump @​types/lodash from 4.17.10 to 4.17.12 (#2735)
  • 0455f79 fix: Pin @firebase/database-compat to v1.0.8 (#2739)
  • 4818109 chore: Add X-Goog-Api-Client metric header to Auth and FCM requests (#2738)
  • 0d21e94 chore: Update auth.spec.ts (#2737)
  • 032f2da chore: fix dataconnect integration tests (#2736)
  • 58b1a36 feat(auth): Add recaptcha and sms toll fraud support for phone auth (#2625)
  • f1c5523 build(deps-dev): bump @​firebase/app-compat from 0.2.42 to 0.2.43 (#2729)
  • 8a83872 build(deps-dev): bump @​types/lodash from 4.17.9 to 4.17.10 (#2730)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump @grpc/grpc-js, firebase-functions and firebase-admin
f79bac7 
Bumps [@grpc/grpc-js](https://github.com/grpc/grpc-node) to 1.9.16 and updates ancestor dependencies [@grpc/grpc-js](https://github.com/grpc/grpc-node), [firebase-functions](https://github.com/firebase/firebase-functions) and [firebase-admin](https://github.com/firebase/firebase-admin-node). These dependencies need to be updated together.


Updates `@grpc/grpc-js` from 1.9.15 to 1.9.16
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.9.15...@grpc/grpc-js@1.9.16)

Updates `firebase-functions` from 4.5.0 to 4.9.0
- [Release notes](https://github.com/firebase/firebase-functions/releases)
- [Commits](firebase/firebase-functions@v4.5.0...v4.9.0)

Updates `firebase-admin` from 11.11.1 to 12.7.0
- [Release notes](https://github.com/firebase/firebase-admin-node/releases)
- [Changelog](https://github.com/firebase/firebase-admin-node/blob/main/CHANGELOG.md)
- [Commits](firebase/firebase-admin-node@v11.11.1...v12.7.0)

---
updated-dependencies:
- dependency-name: "@grpc/grpc-js"
  dependency-version: 1.9.16
  dependency-type: indirect
- dependency-name: firebase-functions
  dependency-version: 4.9.0
  dependency-type: direct:production
- dependency-name: firebase-admin
  dependency-version: 12.7.0
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jun 11, 2026
@dependabot dependabot Bot requested review from Yuangwang and sjjj986 as code owners June 11, 2026 15:24
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 11, 2026
@dependabot dependabot Bot added the javascript Pull requests that update Javascript code label Jun 11, 2026
@dependabot dependabot Bot requested review from abhis3, falahat and taeold as code owners June 11, 2026 15:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Yuangwang Yuangwang Awaiting requested review from Yuangwang Yuangwang is a code owner

@sjjj986 sjjj986 Awaiting requested review from sjjj986 sjjj986 is a code owner

@jamesdaniels jamesdaniels Awaiting requested review from jamesdaniels jamesdaniels is a code owner

@annajowang annajowang Awaiting requested review from annajowang annajowang is a code owner

@abhis3 abhis3 Awaiting requested review from abhis3 abhis3 is a code owner

@taeold taeold Awaiting requested review from taeold taeold is a code owner

@falahat falahat Awaiting requested review from falahat falahat is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants