Skip to content

Bump form-data and firebase-tools#1510

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/multi-a19f3aed33
Open

Bump form-data and firebase-tools#1510
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/multi-a19f3aed33

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Contributor

Bumps form-data to 3.0.5 and updates ancestor dependency firebase-tools. These dependencies need to be updated together.

Updates form-data from 3.0.1 to 3.0.5

Release notes

Sourced from form-data's releases.

v3.0.2

Fixes

  • npmignore temporary build files (#532)
  • move util.isArray to Array.isArray (#564)

Tests

  • migrate from travis to GHA
Changelog

Sourced from form-data's changelog.

v3.0.5 - 2026-06-12

Commits

  • [Fix] escape CR, LF, and " in field names and filenames 8777e67
  • [Dev Deps] update @ljharb/eslint-config, auto-changelog, eslint, tape 27c61a5
  • [Deps] update hasown 6a8a1c6

v3.0.4 - 2025-07-16

Fixed

Commits

  • [eslint] update linting config f5e7eb0
  • [meta] add auto-changelog d2eb290
  • [Tests] handle predict-v8-randomness failures in node < 17 and node > 23 e8c574c
  • [Fix] Switch to using crypto random for boundary values c6ced61
  • [Refactor] use hasown 1a78b5d
  • [Fix] validate boundary type in setBoundary() method 70bbaa0
  • [Tests] add tests to check the behavior of getBoundary with non-strings b22a64e
  • [meta] actually ensure the readme backup isn’t published 0150851
  • [meta] remove local commit hooks fc42bb9
  • [Dev Deps] remove unused deps a14d09e
  • [meta] fix scripts to use prepublishOnly 11d9f73
  • [meta] fix readme capitalization fc38b48

v3.0.3 - 2025-02-14

Merged

Fixed

Commits

  • [Refactor] use Object.prototype.hasOwnProperty.call 7fecefe
  • [Dev Deps] update @types/node, browserify, coveralls, cross-spawn, eslint, formidable, in-publish, pkgfiles, pre-commit, puppeteer, request, tape, typescript 8261fcb
  • Only apps should have lockfiles b82f590
  • [Dev Deps] pin request which via tough-cookie ^2.4 depends on psl e5df7f2
  • [Deps] update mime-types 5a5bafe

v3.0.2 - 2024-10-10

Merged

... (truncated)

Commits
  • be3f3cf v3.0.5
  • 6a8a1c6 [Deps] update hasown
  • 27c61a5 [Dev Deps] update @ljharb/eslint-config, auto-changelog, eslint, tape
  • 8777e67 [Fix] escape CR, LF, and " in field names and filenames
  • 9c82fcd v3.0.4
  • e8c574c [Tests] handle predict-v8-randomness failures in node < 17 and node > 23
  • c6ced61 [Fix] Switch to using crypto random for boundary values
  • 0150851 [meta] actually ensure the readme backup isn’t published
  • fc38b48 [meta] fix readme capitalization
  • d2eb290 [meta] add auto-changelog
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by ljharb, a new releaser for form-data since your current version.

Install script changes

This version modifies prepublish script that runs during installation. Review the package contents before updating.


Updates firebase-tools from 11.24.0 to 15.20.0

Release notes

Sourced from firebase-tools's releases.

v15.20.0

  • Removed the prompt and backend deletion of Data Connect services during firebase deploy. (#10619)
  • Fixes firebase init dataconnect failing with ENOEXEC when creating a new template app on some operating systems. (#10616)
  • Support setting the Google Cloud Storage (GCS) test results bucket in apptesting:execute and appdistribution:distribute

v15.19.1

  • Updated Firebase SQL Connect genAI features to use new Agent Service API
  • Updated the Firebase Data Connect local toolkit to v3.4.10, which includes the following changes:
    • Extended client cache consistency validation to include conflicts with schema field names.

v15.19.0

  • Updated Pub/Sub emulator to version 0.8.32
  • Added support for 6 more iD providers in auth:import and auth:export commands
  • Fixed issue where auth:export didn't escape double quotes for CSV format. (#3484)
  • Fixes CloudSQLConnectorError: The connector was closed unhandled exception during Data Connect deployments. (#10555)
  • Updated the Firebase Data Connect local toolkit to v3.4.9, which includes the following changes: (#10567)
    • Added support for nested mutations for literals and also variables that define an incomplete set of fields.
    • Fixed an issue in the JS Generated SDK where QueryFetchPolicy wasn't being respected.

v15.18.0

  • Updated Pub/Sub emulator to version 0.8.31
  • Resolves undefined regions earlier, during the build to backend resolution phase (#10471)
  • Updated the Firebase Data Connect local toolkit to v3.4.8, which includes the following changes:
    • Fixed an issue in Dart code generation where nullable BigInt was not handled correctly.
    • Added support for nested 1:Many relational batch inserts.
    • Updated the Golang dependency version to 1.25.10.
  • Default timeout for Dart functions is now 60 seconds when not explicitly set (#10501)
  • Support secret environment variables for Cloud Run functions (#10489)
  • Set requiredProjectBindings in AI Logic services (#10503)

v15.17.0

  • Added support for creating search indexes for Firestore. (#10431)
  • Fixed an issue where some MCP tools would error with "Invalid input: expected record, received array". (#10437)
  • Fixed an issue causing errors when multiple Firestore databases were configured in firebase.json (#8114)
  • Updated the Firebase Data Connect local toolkit to v3.4.7, which includes the following changes: (#10461)
    • Fix emulator crash when using uuidv4() on operations.
    • Support for _Data input types as variables with @allow(fields, maxCount) to constraint the input JSON, enabling batch mutations in admin SDK. Client SDK support will come soon.
  • Increase supported range for Next.js to version 16.0 (#9463)
  • Updated Cloud Function default resource locations. This does not affect existing functions. (#10414)
  • Added warning for cross-region event triggers (#10408)

v15.16.0

  • Updated Firestore Emulator to v1.21.0, which adds support for subqueries and new stages like let(...), as well as allowing setting database-edition per-database.
  • Suppressed the 'punycode' deprecation warning during firebase deploy on Node 22. (#10385)
  • Fixed an issue where hosting deploy allowed publishing to a site in a different project. (#10376)
  • Added SSE mode support to firebase mcp. To use it, run firebase mcp --mode=sse --port=3000, and connect your client on http://localhost:3000.
  • Update the valid Python runtimes for functions. Default Python runtime is now Python 3.14.
  • Fix CLI non-interactive mode for dataconnect init (#10401)
  • Fixed issue where rules for non-default Firestore databases were not being deployed correctly.
  • Suppress SSR warning for non-SSR Angular projects on init hosting (#10364)

... (truncated)

Commits
  • 978a2ef 15.20.0
  • 74f62c6 Add changelog entry for PR #10619 (#10622)
  • 5aff739 fix: update dependencies in integration script packages to remediate vulnerab...
  • 6b9723e Remove Data Connect service deletion logic on deploy (#10619)
  • 07931cf fix: update dependencies in standalone bundler to remediate vulnerabilities (...
  • 073a953 fix: use cross-spawn to avoid exec format errors when creating dataconnect ap...
  • 7657d15 Update version of telemetry admin api (#10617)
  • 1657829 fix: update dependencies in firebase-vscode to remediate vulnerabilities (#10...
  • 7f54806 fix mistake in class initialization for ailogic (#10570)
  • b665c53 Add --results-bucket update to CHANGELOG.md (#10604)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump form-data and firebase-tools
d7360c0 
Bumps [form-data](https://github.com/form-data/form-data) to 3.0.5 and updates ancestor dependency [firebase-tools](https://github.com/firebase/firebase-tools). These dependencies need to be updated together.


Updates `form-data` from 3.0.1 to 3.0.5
- [Release notes](https://github.com/form-data/form-data/releases)
- [Changelog](https://github.com/form-data/form-data/blob/master/CHANGELOG.md)
- [Commits](form-data/form-data@v3.0.1...v3.0.5)

Updates `firebase-tools` from 11.24.0 to 15.20.0
- [Release notes](https://github.com/firebase/firebase-tools/releases)
- [Changelog](https://github.com/firebase/firebase-tools/blob/main/CHANGELOG.md)
- [Commits](firebase/firebase-tools@v11.24.0...v15.20.0)

---
updated-dependencies:
- dependency-name: form-data
  dependency-version: 3.0.5
  dependency-type: indirect
- dependency-name: firebase-tools
  dependency-version: 15.20.0
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 15, 2026
@dependabot dependabot Bot requested a review from justinfagnani as a code owner June 15, 2026 19:05
@dependabot dependabot Bot added javascript Pull requests that update javascript code dependencies Pull requests that update a dependency file labels Jun 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@justinfagnani justinfagnani Awaiting requested review from justinfagnani justinfagnani is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants