Bump protobufjs, firebase-admin, firebase-functions and @firebase/rules-unit-testing in /cs-walkthrough/functions

[dependabot]

Bumps protobufjs to 7.5.5 and updates ancestor dependencies protobufjs, firebase-admin, firebase-functions and @firebase/rules-unit-testing. These dependencies need to be updated together.

Updates protobufjs from 7.2.4 to 7.5.5

Release notes

Sourced from protobufjs's releases.

protobufjs: v7.5.4

7.5.4 (2025-08-15)

Bug Fixes

• invalid syntax in descriptor.proto (#2092) (5a3769a)

protobufjs: v7.5.3

7.5.3 (2025-05-28)

Bug Fixes

• descriptor extensions handling post-editions (#2075) (6e255d4)

protobufjs: v7.5.2

7.5.2 (2025-05-14)

Bug Fixes

• ensure that types are always resolved (#2068) (4b51cb2)

protobufjs: v7.5.1

7.5.1 (2025-05-08)

Bug Fixes

• optimize regressions from editions implementations (#2066) (6406d4c)
• reserved field inside group blocks fail parsing (#2058) (56782bf)

protobufjs: v7.5.0

7.5.0 (2025-04-15)

Features

• add Edition 2023 Support (f04ded3)
• add Edition 2023 Support (ac9a3b9)
• add Edition 2023 Support (e5ca5c8)
• add Edition 2023 Support (a84409b)
• add Edition 2023 Support (9c5a178)
• add Edition 2023 Support (b2c6867)
• add Edition 2023 Support (60f3e51)
• add Edition 2023 Support (a656361)
• add Edition 2023 Support (869a95b)
• add Edition 2023 Support (b936af4)
• add Edition 2023 Support (a938467)

... (truncated)

Changelog

Sourced from protobufjs's changelog.

Changelog

8.0.1 (2026-03-11)

Bug Fixes

• bump protobufjs dependency version for cli package (#2128) (549b05e)
• correct json syntax in tsconfig.json (#2120) (8065625)
• descriptor: guard oneof index for non-Type parents (#2122) (1cac5cf)
• do not allow setting proto in Message constructor (#2126) (f05e3c3)
• filter invalid characters from the type name (#2127) (535df44)

8.0.0 (2025-12-16)

⚠ BREAKING CHANGES

• add Edition 2024 Support (#2060)

Features

• add Edition 2024 Support (#2060) (53e8492)

7.5.4 (2025-08-15)

Bug Fixes

• invalid syntax in descriptor.proto (#2092) (5a3769a)

7.5.3 (2025-05-28)

Bug Fixes

• descriptor extensions handling post-editions (#2075) (6e255d4)

7.5.2 (2025-05-14)

Bug Fixes

• ensure that types are always resolved (#2068) (4b51cb2)

7.5.1 (2025-05-08)

Bug Fixes

... (truncated)

Commits

• b7bdfaf chore: release 7.5.5
• ff7b2af fix: filter invalid characters from the type name (#2127)
• 086b19d fix: do not allow setting proto in Message constructor (#2126)
• 827ff8e chore: release master (#2093)
• 5a3769a fix: invalid syntax in descriptor.proto (#2092)
• f42297b chore: release master (#2076)
• 6e255d4 fix: descriptor extensions handling post-editions (#2075)
• 9467abe chore: release master (#2070)
• 4b51cb2 fix: ensure that types are always resolved (#2068)
• 69cced8 chore: release master (#2067)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by fenster, a new releaser for protobufjs since your current version.

Updates firebase-admin from 11.9.0 to 13.8.0

Release notes

Sourced from firebase-admin's releases.

Firebase Admin Node.js SDK v13.8.0

New Features

• feat(pnv): Add support for Phone Number Verification (#3101)
• feat(fcm): Add bandwidthConstrainedOk and restrictedSatelliteOk (#2994)

Miscellaneous

• [chore] Release 13.8.0 (#3109)
• chore(deps): bump node-forge to 1.4.0 (#3108)
• build(deps-dev): bump @​types/node from 25.3.0 to 25.3.3 (#3090)
• build(deps-dev): bump lodash and @​microsoft/api-extractor (#3106)
• build(deps): bump fast-xml-parser from 5.5.6 to 5.5.7 (#3095)
• build(deps): bump fast-xml-parser from 5.4.1 to 5.5.6 (#3093)
• build(deps): bump fast-xml-parser from 5.3.7 to 5.4.1 (#3087)

Firebase Admin Node.js SDK v13.7.0

New Features

• feat(rc): Support Rollout, Personalization, and Experiment values (#3046)

Bug Fixes

• fix: upgrade @​google-cloud/storage@​7.19.0 (#3071)

Miscellaneous

• [chore] Release 13.7.0 (#3081)
• build(deps-dev): bump @​types/lodash from 4.17.18 to 4.17.24 (#3083)
• build(deps-dev): bump @​typescript-eslint/eslint-plugin (#3086)
• build(deps): bump node-forge from 1.3.2 to 1.3.3 (#3085)
• build(deps): bump google-auth-library from 9.15.1 to 10.6.1 (#3084)
• build(deps): bump @​types/node from 22.10.2 to 25.2.0 (#3064)
• chore: Deprecate Node.js 18 support (#3079)
• chore: upgrade @​types/node to v25.2.0 and fix type compatibility (#3078)
• build(deps): bump ajv in /.github/actions/send-tweet (#3074)
• build(deps): bump fast-xml-parser from 5.3.5 to 5.3.7 (#3077)
• build(deps-dev): bump @​microsoft/api-extractor from 7.52.10 to 7.56.2 (#3066)
• build(deps): bump axios in /.github/actions/send-email (#3070)

Firebase Admin Node.js SDK v13.6.1

Bug Fixes

• fix: Refactor isURL() to use Built-in URL Constructor (#3061)
• fix(data-connect): correctly serialize strings with special characters (#3056)

Miscellaneous

... (truncated)

Commits

• ff4c94d [chore] Release 13.8.0 (#3109)
• bbd3365 chore(deps): bump node-forge to 1.4.0 (#3108)
• 1689659 build(deps-dev): bump @​types/node from 25.3.0 to 25.3.3 (#3090)
• db6f5c0 build(deps-dev): bump lodash and @​microsoft/api-extractor (#3106)
• c8de86d feat(pnv): Add support for Phone Number Verification (#3101)
• a3faacf build(deps): bump fast-xml-parser from 5.5.6 to 5.5.7 (#3095)
• 7fbad72 feat(fcm): Add bandwidthConstrainedOk and restrictedSatelliteOk (#2994)
• 7cbc314 build(deps): bump fast-xml-parser from 5.4.1 to 5.5.6 (#3093)
• 1773f03 build(deps): bump fast-xml-parser from 5.3.7 to 5.4.1 (#3087)
• 2279070 [chore] Release 13.7.0 (#3081)
• Additional commits viewable in compare view

Updates firebase-functions from 3.24.1 to 7.2.5

Release notes

Sourced from firebase-functions's releases.

v7.2.5

Internal fixes

v7.2.4

-Internal Improvements #1864

v7.2.3

• Accept BooleanParams in CallableOptions (#1854)
• rotate the npmrc key to robot account (#1857)

v7.2.2

• Allow v2 auth blocking functions to use run.app or cloudfunctions.net URLs (#1831)

v7.2.1

• Fix issue where v1 firestore paths would not handle literals with leading or trailing slashes (#1829)
• transformed string exprssions (currenlty an internal tool) now propagate across interpolated strings (#1829)

V7.2.0

• All V1 configuration (e.g. pubsub topics) can be set with params. (#1820)
• String expressions can now be used in string interpolation with the expr tag. (#1820) E.g.

  const schedule = expr`every ${intervalParam} minutes`;

• Secret params now support a label and/or description. (#1820)
• Add support for VPC direct connect (network interfaces) (#1823)
• Realtime database events in the v2 SDK now provide auth context (#1770)

V7.1.1

-Internal Docgen improvements

v7.1.0

• Add an onGraphRequest method. (#1784, #1818)

v7.0.6

Internal improvements (#1814)

v7.0.5

• Fixed issue with missing dependency on graphql. (#1795)
• Internal improvements (#1800)

v7.0.3

• Internal improvements.

v7.0.2

• Export param types (SecretParam, StringParam, etc.) from firebase-functions/params for type annotations. (#1789)
• Remove attemptDeadlineSeconds in v2 scheduled functions. (#1776)
• Allow JsonSecretParam in function secrets option arrays. (#1788)

v7.0.1

• Fix "Dual-Package Hazard" for parameterized configuration in ESM projects. (#1780)

... (truncated)

Commits

• d6c1dcc 7.2.5
• bd2dae5 Fix exports for new library (#1865)
• d416aca [firebase-release] Removed change log and reset repo after 7.2.4 release
• 1f21e8d 7.2.4
• 1459858 adding-change-logs (#1867)
• aafbece fix(pubsub): assign Message instance back to event.data.message (#1864)
• da64c26 [firebase-release] Removed change log and reset repo after 7.2.3 release
• c8d9c7c 7.2.3
• 4d6a1cf Update changelog (#1858)
• 7eb8206 rotate the npmrc key to robot account (#1857)
• Additional commits viewable in compare view

Updates @firebase/rules-unit-testing from 2.0.7 to 5.0.0

Release notes

Sourced from @​firebase/rules-unit-testing's releases.

4.5.2

Fixes

• Fixed a regression where the react-native property was missing from the firebase package.json
• Fixed a regression where the value of firebase.SDK_VERSION wasn't properly being populated.

4.5.1

Features

Shipped individual modules for the following packages:

• @firebase/app
• @firebase/auth
• @firebase/database
• @firebase/firestore
• @firebase/messaging
• @firebase/polyfill
• @firebase/storage
• @firebase/util

4.5.0

Features

• Added support for Cloud Firestore. For more information, see the following resources:
  • Blog post
  • Web getting started guide
  • Reference Documentation

4.4.0

Features

• Released multi-resource support for database #159

Fixes

• Fixed issue with null initialization in externs #160

4.3.0

Features

• Added client side localization for email actions (password reset, email verification, etc), phone authentication SMS messages, OAuth flows and reCAPTCHA verification.
• Added the ability to pass a continue URL/state when triggering a password reset/email verification which gives a user the ability to go back to the app after completion. In addition, added support for the ability to open these links directly from a mobile app instead of a web flow using Firebase Dynamic Links.

Fixes

• Fixed issue with IE10 auth state synchronization across tabs

4.2.0

Features

... (truncated)

Changelog

Sourced from @​firebase/rules-unit-testing's changelog.

5.0.0

Minor Changes

• 25b60fd #9128 - Update node "engines" version to a minimum of Node 20.

Patch Changes

• Updated dependencies [a4ccd25, 5200f7b, 6ab4e13, 91fa484, e59cd7d, cb19688, d91169f, ec5f374, 25b60fd]:
  • firebase@12.0.0

4.0.1

Patch Changes

• b80711925 #8604 - Upgrade to TypeScript 5.5.4

4.0.0

Patch Changes

• 479226bf3 #8475 - Remove ES5 bundles. The minimum required ES version is now ES2017.

• 479226bf3 #8475 - Removed dependency on undici and node-fetch in our node bundles, replacing them with the native fetch implementation.

• Updated dependencies [479226bf3, 479226bf3, b942e9e6e]:

  • firebase@11.0.0

3.0.4

Patch Changes

• d752e8096 #8298 - Upgrade firebase-admin to 11.11.1

3.0.3

Patch Changes

• ab883d016 #8237 - Bump all packages so staging works.

3.0.2

Patch Changes

• 0c5150106 #8079 - Update repository.url field in all package.json files to NPM's preferred format.

3.0.1

Patch Changes

... (truncated)

Commits

• 52c8579 Version Packages (#9165)
• 25b60fd chore!: update engines.node to minimum of 20 (#9128)
• 2f92a74 Update dependencies in packages and repo-scripts (#8729)
• ffbf5a6 Version Packages (#8635)
• e577a40 Upgrade to TypeScript 5 (#8561)
• a97ac88 Version Packages (#8581)
• 479226b Merge v11 Feature Branch (#8475)
• 14b7720 Merge branch 'release'
• 67ea4f7 Version Packages (#8369)
• 025f2a1 Spelling (#8280)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.