chore(deps): bump the npm_and_yarn group across 1 directory with 7 updates

[dependabot[bot]]

Bumps the npm_and_yarn group with 6 updates in the / directory:

Package	From	To
undici	5.28.3	6.11.1
firebase	10.8.1	10.11.0
@angular-devkit/build-angular	17.3.2	17.3.5
protobufjs	7.2.4	7.2.6
firebase-admin	11.11.1	12.1.0
tar	6.2.0	6.2.1

Updates undici from 5.28.3 to 6.11.1

Release notes

Sourced from undici's releases.

v6.11.1

:warning: Security Release ⚠️

What's Changed

• Fixes https://github.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7 CVE-2024-30260
• Fixes https://github.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672 CVE-2024-30261
• Revert "fix: don't leak internal class (#3024)" by @​mcollina in nodejs/undici#3044

Full Changelog: https://github.com/nodejs/undici/compare/v6.11.0...v6.11.1

v6.11.0

What's Changed

• refactor(#3023): Pass headers as array instead by @​metcoder95 in nodejs/undici#3025
• fix: don't leak internal class by @​ronag in nodejs/undici#3024
• build(deps): bump codecov/codecov-action from 4.1.0 to 4.1.1 by @​dependabot in nodejs/undici#3034
• build(deps-dev): bump tsd from 0.30.7 to 0.31.0 by @​dependabot in nodejs/undici#3038
• build(deps-dev): bump borp from 0.9.1 to 0.10.0 by @​dependabot in nodejs/undici#2947
• missing commits by @​ronag in nodejs/undici#3040
• build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @​dependabot in nodejs/undici#3036
• fix: regexp pattern by @​tsctx in nodejs/undici#3041

Full Changelog: https://github.com/nodejs/undici/compare/v6.10.2...v6.11.0

v6.10.2

What's Changed

• Do not fail test if streams support typed arrays by @​mcollina in nodejs/undici#2978
• fix(fetch): properly redirect non-ascii location header url by @​Xvezda in nodejs/undici#2971
• perf: Remove double-stringify in setCookie by @​peterver in nodejs/undici#2980
• [fix #2982] use DispatcherInterceptor type for Dispatcher#Compose by @​clovis-guillemot in nodejs/undici#2983
• fix: make EventSource properties enumerable by @​MattBidewell in nodejs/undici#2987
• docs: ✏️ fixed benchmark links by @​benhalverson in nodejs/undici#2991
• fix(#2986): bad start check by @​metcoder95 in nodejs/undici#2992
• fix(H2 Client): bind stream 'data' listener only after received 'response' event by @​St3ffGv4 in nodejs/undici#2985
• feat: added search input by @​benhalverson in nodejs/undici#2993
• chore: validate responses can be consumed without a Content-Length or… by @​jacob-ebey in nodejs/undici#2995
• fix error message by @​KhafraDev in nodejs/undici#2998
• Revert "perf: reuse TextDecoder instance (#2863)" by @​panva in nodejs/undici#2999
• test: remove only by @​metcoder95 in nodejs/undici#3001

New Contributors

• @​Xvezda made their first contribution in nodejs/undici#2971
• @​peterver made their first contribution in nodejs/undici#2980
• @​clovis-guillemot made their first contribution in nodejs/undici#2983
• @​MattBidewell made their first contribution in nodejs/undici#2987
• @​benhalverson made their first contribution in nodejs/undici#2991
• @​St3ffGv4 made their first contribution in nodejs/undici#2985
• @​jacob-ebey made their first contribution in nodejs/undici#2995

... (truncated)

Commits

• 6df3c73 Bumped v6.11.1
• c346b66 Revert "fix: don't leak internal class (#3024)"
• d542b8c Merge pull request from GHSA-9qxr-qj54-h672
• 6805746 Merge pull request from GHSA-m4v8-wqvr-p9f7
• ee5f892 Bumped v6.11.0
• 71a6d74 Merge branch 'main' of github.com:nodejs/undici
• 0f0f239 fix: regexp pattern (#3041)
• 31f9e67 build(deps): bump actions/checkout from 4.1.1 to 4.1.2 (#3036)
• c8a43ae fixup
• 8b5e2c8 fixup
• Additional commits viewable in compare view

Updates firebase from 10.8.1 to 10.11.0

Commits

• 826b571 Version Packages (#8143)
• 80fbb26 Merge master into release
• ad8d547 April Dependency Update Changeset (#8134)
• 13ddddf Bump browserify-sign from 4.2.1 to 4.2.3 in /e2e (#8136)
• 6393c95 Bump @​babel/traverse from 7.15.4 to 7.24.1 (#8140)
• 36b261c Fix terraform steps in CI PR #2 (#8147)
• 0068ed5 Conditionally run terraform CI steps only if secrets are available. (#8144)
• a6fa544 Fix internal assertion encountered when testing with jsdom. (#8142)
• 9297ef3 Use the latest published version for auth sample app (#8130)
• badff01 Merge master into release
• Additional commits viewable in compare view

Updates @angular-devkit/build-angular from 17.3.2 to 17.3.5

Release notes

Sourced from @​angular-devkit/build-angular's releases.

v17.3.5

17.3.5 (2024-04-17)

@​angular-devkit/build-angular

Commit	Description
	address Unable to deserialize cloned data issue with Yarn PnP
	remove type="text/css" from style tag

v17.3.4

17.3.4 (2024-04-11)

@​angular-devkit/build-angular

Commit	Description
	ensure esbuild-based builders exclusively produce ESM output

v17.3.3

@​schematics/angular

Commit	Description
	Revert "fix(@​schematics/angular): rename SSR port env variable"

Changelog

Sourced from @​angular-devkit/build-angular's changelog.

17.3.5 (2024-04-17)

@​angular-devkit/build-angular

Commit	Type	Description
6191d06ca	fix	address Unable to deserialize cloned data issue with Yarn PnP
0335d6a5d	fix	remove type="text/css" from style tag

17.3.4 (2024-04-11)

@​angular-devkit/build-angular

Commit	Type	Description
1128bdd64	fix	ensure esbuild-based builders exclusively produce ESM output

16.2.14 (2024-04-11)

@​angular-devkit/build-angular

Commit	Type	Description
1068c3c73	fix	update vite to 4.5.3

18.0.0-next.2 (2024-04-03)

@​schematics/angular

Commit	Type	Description
725883713	feat	use eventCoalescing option by default (standalone bootstrap)
508d97da7	feat	use ngZoneEventCoalescing option by default (module bootstrap)
157329384	fix	add spaces around eventCoalescing option

... (truncated)

Commits

• c5f20a3 release: cut the v17.3.5 release
• 6191d06 fix(@​angular-devkit/build-angular): address `Unable to deserialize cloned dat...
• 0335d6a fix(@​angular-devkit/build-angular): remove type="text/css" from style tag
• d0bff79 release: cut the v17.3.4 release
• 84ee482 docs: replace links links to aio with links to adev
• 1128bdd fix(@​angular-devkit/build-angular): ensure esbuild-based builders exclusively...
• 1f47a10 build: update vite and undici
• 97acaff release: cut the v17.3.3 release
• 6061a0b Revert "fix(@​schematics/angular): rename SSR port env variable"
• 97da8ba build: add missing dep in test to fix CI
• Additional commits viewable in compare view

Updates protobufjs from 7.2.4 to 7.2.6

Release notes

Sourced from protobufjs's releases.

protobufjs: v7.2.6

7.2.6 (2024-01-16)

Bug Fixes

• report missing import properly in loadSync (#1960) (af3ff83)

protobufjs: v7.2.5

7.2.5 (2023-08-21)

Bug Fixes

• crash in comment parsing (#1890) (eaf9f0a)
• deprecation warning for new Buffer (#1905) (e93286e)
• possible infinite loop when parsing option (#1923) (f2a8620)

Changelog

Sourced from protobufjs's changelog.

7.2.6 (2024-01-16)

Bug Fixes

• report missing import properly in loadSync (#1960) (af3ff83)

7.2.5 (2023-08-21)

Bug Fixes

• crash in comment parsing (#1890) (eaf9f0a)
• deprecation warning for new Buffer (#1905) (e93286e)
• possible infinite loop when parsing option (#1923) (f2a8620)

Commits

• 2f846fe chore: release master (#1962)
• af3ff83 fix: report missing import properly in loadSync (#1960)
• 4436cc7 chore: release master (#1925)
• e93286e fix: deprecation warning for new Buffer (#1905)
• eaf9f0a fix: crash in comment parsing (#1890)
• f2a8620 fix: possible infinite loop when parsing option (#1923)
• See full diff in compare view

Updates firebase-admin from 11.11.1 to 12.1.0

Release notes

Sourced from firebase-admin's releases.

Firebase Admin Node.js SDK v12.1.0

New Features

• feat(rc): Add server side Remote Config support (#2529)

Miscellaneous

• [chore] Release 12.1.0 (#2532)
• Fix minor typo (#2533)
• chore: Excluding certain event_types from processing uid (#2370)
• build(deps-dev): bump gulp from 4.0.2 to 5.0.0 (#2526)
• build(deps-dev): bump @​firebase/app-compat from 0.2.29 to 0.2.30 (#2527)
• build(deps): bump @​google-cloud/firestore from 7.5.0 to 7.6.0 (#2528)
• build(deps): bump undici in /.github/actions/send-email (#2521)
• build(deps-dev): bump @​firebase/auth-types from 0.12.0 to 0.12.1 (#2514)
• build(deps-dev): bump mocha from 10.3.0 to 10.4.0 (#2513)
• build(deps): bump @​types/node from 20.11.30 to 20.12.2 (#2516)
• build(deps): bump @​google-cloud/firestore from 7.4.0 to 7.5.0 (#2517)
• build(deps-dev): bump @​firebase/app-compat from 0.2.28 to 0.2.29 (#2510)
• build(deps): bump @​google-cloud/storage from 7.7.0 to 7.9.0 (#2509)
• build(deps-dev): bump @​microsoft/api-extractor from 7.42.3 to 7.43.0 (#2511)
• build(deps): bump @​types/node from 20.11.24 to 20.11.30 (#2508)
• [chore] Fixed links to rtdb api docs (#2501)
• issue 2467: add async to send each loop to prevent local validation from throwing in an unknown state (#2469)
• build(deps): bump @​fastify/busboy from 2.1.0 to 2.1.1 (#2491)
• build(deps): bump follow-redirects in /.github/actions/send-email (#2497)
• build(deps): bump @​google-cloud/firestore from 7.3.0 to 7.4.0 (#2499)
• build(deps): bump jose from 4.15.4 to 4.15.5 (#2489)
• build(deps-dev): bump @​microsoft/api-extractor from 7.42.0 to 7.42.3 (#2485)
• build(deps): bump @​types/node from 20.11.19 to 20.11.24 (#2484)
• build(deps-dev): bump @​firebase/app-compat from 0.2.27 to 0.2.28 (#2483)
• build(deps-dev): bump @​microsoft/api-extractor from 7.40.3 to 7.42.0 (#2480)
• build(deps-dev): bump eslint from 8.56.0 to 8.57.0 (#2473)
• build(deps-dev): bump nock from 13.5.3 to 13.5.4 (#2475)
• build(deps-dev): bump @​microsoft/api-extractor from 7.40.1 to 7.40.3 (#2465)
• build(deps-dev): bump nock from 13.5.1 to 13.5.3 (#2463)
• build(deps): bump @​types/node from 20.11.17 to 20.11.19 (#2464)
• build(deps): bump undici in /.github/actions/send-email (#2459)
• build(deps): bump @​types/node from 20.11.5 to 20.11.17 (#2455)
• build(deps-dev): bump mocha from 10.2.0 to 10.3.0 (#2454)
• build(deps-dev): bump @​microsoft/api-extractor from 7.39.4 to 7.40.1 (#2452)
• [chore] Update Github action workflows to fix node version and set-output deprecation warnings (#2431)
• [chore] Bump mailgun.js to v10.1.0 (#2451)
• build(deps): bump @​google-cloud/firestore from 7.1.0 to 7.3.0 (#2446)
• build(deps-dev): bump @​types/uuid from 9.0.7 to 9.0.8 (#2445)
• build(deps-dev): bump @​firebase/app-compat from 0.2.25 to 0.2.27 (#2443)
• build(deps-dev): bump @​types/sinon from 17.0.2 to 17.0.3 (#2442)
• [chore] Bump @actions/core to ^1.10.1 to remove set-output warning and set action to use Node 20 (#2432)
• build(deps-dev): bump ts-node from 10.9.1 to 10.9.2 (#2435)

... (truncated)

Commits

• 67151e6 [chore] Release 12.1.0 (#2532)
• ba20755 Fix minor typo (#2533)
• 19c74dc chore: Excluding certain event_types from processing uid (#2370)
• a833f4e feat(rc): Add server side Remote Config support (#2529)
• a00de0c build(deps-dev): bump gulp from 4.0.2 to 5.0.0 (#2526)
• 25b2c68 build(deps-dev): bump @​firebase/app-compat from 0.2.29 to 0.2.30 (#2527)
• fa59e2a build(deps): bump @​google-cloud/firestore from 7.5.0 to 7.6.0 (#2528)
• 34f0ac2 build(deps): bump undici in /.github/actions/send-email (#2521)
• 837b69b build(deps-dev): bump @​firebase/auth-types from 0.12.0 to 0.12.1 (#2514)
• e7ea83e build(deps-dev): bump mocha from 10.3.0 to 10.4.0 (#2513)
• Additional commits viewable in compare view

Updates tar from 6.2.0 to 6.2.1

Commits

• bef7b1e 6.2.1
• fe8cd57 prevent extraction in excessively deep subfolders
• fe7ebfd remove security.md
• See full diff in compare view

Updates vite from 5.1.5 to 5.1.7

Changelog

Sourced from vite's changelog.

5.1.7 (2024-03-24)

• fix: fs.deny with globs with directories (#16250) (5a056dd), closes #16250

5.1.6 (2024-03-11)

• chore(deps): update all non-major dependencies (#16131) (a862ecb), closes #16131
• fix: check for publicDir before checking if it is a parent directory (#16046) (b6fb323), closes #16046
• fix: escape single quote when relative base is used (#16060) (8f74ce4), closes #16060
• fix: handle function property extension in namespace import (#16113) (f699194), closes #16113
• fix: server middleware mode resolve (#16122) (8403546), closes #16122
• fix(esbuild): update tsconfck to fix bug that could cause a deadlock (#16124) (fd9de04), closes #16124
• fix(worker): hide "The emitted file overwrites" warning if the content is same (#16094) (60dfa9e), closes #16094
• fix(worker): throw error when circular worker import is detected and support self referencing worker (eef9da1), closes #16103
• style(utils): remove null check (#16112) (0d2df52), closes #16112
• refactor(runtime): share more code between runtime and main bundle (#16063) (93be84e), closes #16063

Commits

• e710c2f release: v5.1.7
• 5a056dd fix: fs.deny with globs with directories (#16250)
• 6f7466e release: v5.1.6
• a862ecb chore(deps): update all non-major dependencies (#16131)
• 8403546 fix: server middleware mode resolve (#16122)
• b6fb323 fix: check for publicDir before checking if it is a parent directory (#16046)
• fd9de04 fix(esbuild): update tsconfck to fix bug that could cause a deadlock (#16124)
• f699194 fix: handle function property extension in namespace import (#16113)
• 0d2df52 style(utils): remove null check (#16112)
• eef9da1 fix(worker): throw error when circular worker import is detected and support ...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/julianpoy/RecipeSage/network/alerts).

[dependabot[bot]]

Superseded by #1375.