Bump protobufjs, @firebase/rules-unit-testing and firebase in /unit-test-security-rules-v9

[dependabot]

Bumps protobufjs to 7.5.5 and updates ancestor dependencies protobufjs, @firebase/rules-unit-testing and firebase. These dependencies need to be updated together.

Updates protobufjs from 7.2.4 to 7.5.5

Release notes

Sourced from protobufjs's releases.

protobufjs: v7.5.4

7.5.4 (2025-08-15)

Bug Fixes

• invalid syntax in descriptor.proto (#2092) (5a3769a)

protobufjs: v7.5.3

7.5.3 (2025-05-28)

Bug Fixes

• descriptor extensions handling post-editions (#2075) (6e255d4)

protobufjs: v7.5.2

7.5.2 (2025-05-14)

Bug Fixes

• ensure that types are always resolved (#2068) (4b51cb2)

protobufjs: v7.5.1

7.5.1 (2025-05-08)

Bug Fixes

• optimize regressions from editions implementations (#2066) (6406d4c)
• reserved field inside group blocks fail parsing (#2058) (56782bf)

protobufjs: v7.5.0

7.5.0 (2025-04-15)

Features

• add Edition 2023 Support (f04ded3)
• add Edition 2023 Support (ac9a3b9)
• add Edition 2023 Support (e5ca5c8)
• add Edition 2023 Support (a84409b)
• add Edition 2023 Support (9c5a178)
• add Edition 2023 Support (b2c6867)
• add Edition 2023 Support (60f3e51)
• add Edition 2023 Support (a656361)
• add Edition 2023 Support (869a95b)
• add Edition 2023 Support (b936af4)
• add Edition 2023 Support (a938467)

... (truncated)

Changelog

Sourced from protobufjs's changelog.

Changelog

8.0.1 (2026-03-11)

Bug Fixes

• bump protobufjs dependency version for cli package (#2128) (549b05e)
• correct json syntax in tsconfig.json (#2120) (8065625)
• descriptor: guard oneof index for non-Type parents (#2122) (1cac5cf)
• do not allow setting proto in Message constructor (#2126) (f05e3c3)
• filter invalid characters from the type name (#2127) (535df44)

8.0.0 (2025-12-16)

⚠ BREAKING CHANGES

• add Edition 2024 Support (#2060)

Features

• add Edition 2024 Support (#2060) (53e8492)

7.5.4 (2025-08-15)

Bug Fixes

• invalid syntax in descriptor.proto (#2092) (5a3769a)

7.5.3 (2025-05-28)

Bug Fixes

• descriptor extensions handling post-editions (#2075) (6e255d4)

7.5.2 (2025-05-14)

Bug Fixes

• ensure that types are always resolved (#2068) (4b51cb2)

7.5.1 (2025-05-08)

Bug Fixes

... (truncated)

Commits

• b7bdfaf chore: release 7.5.5
• ff7b2af fix: filter invalid characters from the type name (#2127)
• 086b19d fix: do not allow setting proto in Message constructor (#2126)
• 827ff8e chore: release master (#2093)
• 5a3769a fix: invalid syntax in descriptor.proto (#2092)
• f42297b chore: release master (#2076)
• 6e255d4 fix: descriptor extensions handling post-editions (#2075)
• 9467abe chore: release master (#2070)
• 4b51cb2 fix: ensure that types are always resolved (#2068)
• 69cced8 chore: release master (#2067)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by fenster, a new releaser for protobufjs since your current version.

Updates @firebase/rules-unit-testing from 2.0.7 to 5.0.0

Release notes

Sourced from @​firebase/rules-unit-testing's releases.

4.5.2

Fixes

• Fixed a regression where the react-native property was missing from the firebase package.json
• Fixed a regression where the value of firebase.SDK_VERSION wasn't properly being populated.

4.5.1

Features

Shipped individual modules for the following packages:

• @firebase/app
• @firebase/auth
• @firebase/database
• @firebase/firestore
• @firebase/messaging
• @firebase/polyfill
• @firebase/storage
• @firebase/util

4.5.0

Features

• Added support for Cloud Firestore. For more information, see the following resources:
  • Blog post
  • Web getting started guide
  • Reference Documentation

4.4.0

Features

• Released multi-resource support for database #159

Fixes

• Fixed issue with null initialization in externs #160

4.3.0

Features

• Added client side localization for email actions (password reset, email verification, etc), phone authentication SMS messages, OAuth flows and reCAPTCHA verification.
• Added the ability to pass a continue URL/state when triggering a password reset/email verification which gives a user the ability to go back to the app after completion. In addition, added support for the ability to open these links directly from a mobile app instead of a web flow using Firebase Dynamic Links.

Fixes

• Fixed issue with IE10 auth state synchronization across tabs

4.2.0

Features

... (truncated)

Changelog

Sourced from @​firebase/rules-unit-testing's changelog.

5.0.0

Minor Changes

• 25b60fd #9128 - Update node "engines" version to a minimum of Node 20.

Patch Changes

• Updated dependencies [a4ccd25, 5200f7b, 6ab4e13, 91fa484, e59cd7d, cb19688, d91169f, ec5f374, 25b60fd]:
  • firebase@12.0.0

4.0.1

Patch Changes

• b80711925 #8604 - Upgrade to TypeScript 5.5.4

4.0.0

Patch Changes

• 479226bf3 #8475 - Remove ES5 bundles. The minimum required ES version is now ES2017.

• 479226bf3 #8475 - Removed dependency on undici and node-fetch in our node bundles, replacing them with the native fetch implementation.

• Updated dependencies [479226bf3, 479226bf3, b942e9e6e]:

  • firebase@11.0.0

3.0.4

Patch Changes

• d752e8096 #8298 - Upgrade firebase-admin to 11.11.1

3.0.3

Patch Changes

• ab883d016 #8237 - Bump all packages so staging works.

3.0.2

Patch Changes

• 0c5150106 #8079 - Update repository.url field in all package.json files to NPM's preferred format.

3.0.1

Patch Changes

... (truncated)

Commits

• 52c8579 Version Packages (#9165)
• 25b60fd chore!: update engines.node to minimum of 20 (#9128)
• 2f92a74 Update dependencies in packages and repo-scripts (#8729)
• ffbf5a6 Version Packages (#8635)
• e577a40 Upgrade to TypeScript 5 (#8561)
• a97ac88 Version Packages (#8581)
• 479226b Merge v11 Feature Branch (#8475)
• 14b7720 Merge branch 'release'
• 67ea4f7 Version Packages (#8369)
• 025f2a1 Spelling (#8280)
• Additional commits viewable in compare view

Updates firebase from 9.23.0 to 12.12.0

Release notes

Sourced from firebase's releases.

firebase@12.12.0

For more detailed release notes, see Firebase JavaScript SDK Release Notes.

What's Changed

@​firebase/ai@​2.11.0

Minor Changes

• cccb6d0 #9771 - [deprecated] All Imagen models are deprecated and will shut down as early as June 2026. As a replacement, you can migrate your apps to use Gemini Image models (the "Nano Banana" models).

• 6cbe865 #9816 - Deprecate topK and temperature properties for hybrid inference mode.

• 9c8e864 #9763 - Add startChat() for TemplateGenerativeModel.

• 9c8e864 #9763 - Add automatic function calling and chat history for server prompt templates.

Patch Changes

• f87c15e #9791 (fixes #9792) - Fixed a bug that causes the model to error if the user specifies responseSchema or responseJsonSchema.

@​firebase/auth@​1.13.0

Minor Changes

• 715c042 #9740 (fixes #9739) - Updated the peer dependency range for @​react-native-async-storage/async-storage to support both v2 and v3

@​firebase/data-connect@​0.6.0

Minor Changes

• 34c63bf #9822 - Fix header names for auth and app check tokens over streaming

• 87d5cc1 #9809 - Add streaming support for Firebase Data Connect.

firebase@12.12.0

Minor Changes

• cccb6d0 #9771 - [deprecated] All Imagen models are deprecated and will shut down as early as June 2026. As a replacement, you can migrate your apps to use Gemini Image models (the "Nano Banana" models).

• 44c234c #9773 - Add support for the parent expression

• 5cd6509 #9728 - Add support for timestamp_trunc, timestamp_diff and timestamp_extract expressions

• 34c63bf #9822 - Fix header names for auth and app check tokens over streaming

• 715c042 #9740 (fixes #9739) - Updated the peer dependency range for @​react-native-async-storage/async-storage to support both v2 and v3

• 6cbe865 #9816 - Deprecate topK and temperature properties for hybrid inference mode.

... (truncated)

Commits

• 78fc282 Version Packages (#9821)
• 00a46d5 Merge main into release
• 34c63bf fix(data-connect): Fix auth and app check token names on stream wire (#9822)
• 1623fb0 Merge main into release
• 87d5cc1 feat(data-connect): add support for streaming transport (#9809)
• 6e7226e Merge main into release
• 9c8e864 feat(ai): Chat history and auto function calling for server templates (#9763)
• 6cbe865 fix(ai): deprecate topK and temperature for hybrid (#9816)
• 9620f9a feat(firestore): Add array expressions (#9788)
• 2ca39c7 Bump mock responses major version (#9818)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.