deps: bump the safe-app-dependencies group across 1 directory with 4 updates

[dependabot]

Bumps the safe-app-dependencies group with 4 updates in the / directory: firebase, @babel/core, dotenv-cli and esbuild.

Updates firebase from 10.11.0 to 10.12.2

Release notes

Sourced from firebase's releases.

firebase@10.12.2

For more detailed release notes, see Firebase JavaScript SDK Release Notes.

What's Changed

@​firebase/app@​0.10.5

Patch Changes

• Update SDK_VERSION.

@​firebase/app-compat@​0.2.35

Patch Changes

• Updated dependencies []:
• @​firebase/app@​0.10.5

@​firebase/auth@​1.7.4

Patch Changes

• 0af23e02e #8251 (fixes #8222) - Generate dts rollups for auth web extension and cordova

@​firebase/auth-compat@​0.5.9

Patch Changes

• Updated dependencies [0af23e02e]:
• @​firebase/auth@​1.7.4

firebase@10.12.2

Patch Changes

• Updated dependencies [3883133c3, 0af23e02e]:
• @​firebase/app@​0.10.5
• @​firebase/vertexai-preview@​0.0.2
• @​firebase/auth@​1.7.4
• @​firebase/app-compat@​0.2.35
• @​firebase/auth-compat@​0.5.9

@​firebase/vertexai-preview@​0.0.2

Patch Changes

• 3883133c3 #8256 - Change types paths to point to rolled-up public d.ts files. This fixes some TypeScript compiler errors users are seeing.

firebase@10.12.1

For more detailed release notes, see Firebase JavaScript SDK Release Notes.

... (truncated)

Commits

• d92d01e Version Packages (#8264)
• a8bdda6 Merge master into release
• 52d6266 Add vertex preview token to canary deploy workflow. (#8262)
• 0af23e0 Generate dts rollups for auth webextension and cordova (#8251)
• 370b6c8 Add toc (#8257)
• aa060a7 More robust clean up after unexpected docgen process exits. (#8260)
• 3883133 Fix typings issue (#8256)
• 7381f21 Version Packages (#8254)
• ff65c13 Merge master into release
• 43a8d99 Add job to create a GitHub release (#8248)
• Additional commits viewable in compare view

Updates @babel/core from 7.24.4 to 7.24.6

Release notes

Sourced from @​babel/core's releases.

v7.24.6 (2024-05-24)

Thanks @​amjed-98, @​blakewilson, @​coelhucas, and @​SukkaW for your first PRs!

🐛 Bug Fix

• babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • #16514 Fix source maps for private member expressions (@​nicolo-ribaudo)
• babel-core, babel-generator, babel-plugin-transform-modules-commonjs
  • #16515 Fix source maps for template literals (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • #16485 Support undecorated static accessor in anonymous classes (@​JLHwung)
  • #16484 Fix decorator bare yield await (@​JLHwung)
• babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
  • #16483 Fix: throw TypeError if addInitializer is called after finished (@​JLHwung)
• babel-parser, babel-plugin-transform-typescript
  • #16476 fix: Correctly parse cls.fn<C> = x (@​liuxingbaoyu)

🏠 Internal

• babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #16501 Generate helper metadata at build time (@​nicolo-ribaudo)
• babel-helpers
  • #16499 Add tsconfig.json for @babel/helpers/src/helpers (@​nicolo-ribaudo)
• babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #16495 Move all runtime helpers to individual files (@​nicolo-ribaudo)
• babel-parser, babel-traverse
  • #16482 Statically generate boilerplate for bitfield accessors (@​nicolo-ribaudo)
• Other
  • #16466 Migrate import assertions syntax (@​JLHwung)

Committers: 9

• Amjad Yahia Robeen Hassan (@​amjed-98)
• Babel Bot (@​babel-bot)
• Blake Wilson (@​blakewilson)
• Huáng Jùnliàng (@​JLHwung)
• Lucas Coelho (@​coelhucas)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• Sukka (@​SukkaW)
• Zzzen (@​Zzzen)
• @​liuxingbaoyu

v7.24.5 (2024-04-29)

Thanks @​romgrk and @​sossost for your first PRs!

🐛 Bug Fix

• babel-plugin-transform-classes, babel-traverse
  • #16377 fix: TypeScript annotation affects output (@​liuxingbaoyu)
• babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3
  • #16440 Fix suppressed error order (@​sossost)
  • #16408 Await nullish async disposable (@​JLHwung)

... (truncated)

Changelog

Sourced from @​babel/core's changelog.

v7.24.6 (2024-05-24)

🐛 Bug Fix

• babel-helper-create-class-features-plugin, babel-plugin-transform-class-properties
  • #16514 Fix source maps for private member expressions (@​nicolo-ribaudo)
• babel-core, babel-generator, babel-plugin-transform-modules-commonjs
  • #16515 Fix source maps for template literals (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • #16485 Support undecorated static accessor in anonymous classes (@​JLHwung)
  • #16484 Fix decorator bare yield await (@​JLHwung)
• babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
  • #16483 Fix: throw TypeError if addInitializer is called after finished (@​JLHwung)
• babel-parser, babel-plugin-transform-typescript
  • #16476 fix: Correctly parse cls.fn<C> = x (@​liuxingbaoyu)

🏠 Internal

• babel-core, babel-helpers, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #16501 Generate helper metadata at build time (@​nicolo-ribaudo)
• babel-helpers
  • #16499 Add tsconfig.json for @babel/helpers/src/helpers (@​nicolo-ribaudo)
• babel-cli, babel-helpers, babel-plugin-external-helpers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties, babel-plugin-transform-modules-commonjs, babel-plugin-transform-modules-systemjs, babel-plugin-transform-runtime, babel-preset-env, babel-runtime-corejs2, babel-runtime-corejs3, babel-runtime
  • #16495 Move all runtime helpers to individual files (@​nicolo-ribaudo)
• babel-parser, babel-traverse
  • #16482 Statically generate boilerplate for bitfield accessors (@​nicolo-ribaudo)
• Other
  • #16466 Migrate import assertions syntax (@​JLHwung)

v7.24.5 (2024-04-29)

🐛 Bug Fix

• babel-plugin-transform-classes, babel-traverse
  • #16377 fix: TypeScript annotation affects output (@​liuxingbaoyu)
• babel-helpers, babel-plugin-proposal-explicit-resource-management, babel-runtime-corejs3
  • #16440 Fix suppressed error order (@​sossost)
  • #16408 Await nullish async disposable (@​JLHwung)

💅 Polish

• babel-parser
  • #16407 Recover from exported using declaration (@​JLHwung)

🏠 Internal

• Other
  • #16414 Relax ESLint peerDependency constraint to allow v9 (@​liuxingbaoyu)
• babel-parser
  • #16425 Improve @babel/parser AST types (@​nicolo-ribaudo)
  • #16417 Always pass type argument to .startNode (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-helper-member-expression-to-functions, babel-helper-module-transforms, babel-helper-split-export-declaration, babel-helper-wrap-function, babel-helpers, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-plugin-proposal-explicit-resource-management, babel-plugin-transform-block-scoping, babel-plugin-transform-destructuring, babel-plugin-transform-object-rest-spread, babel-plugin-transform-optional-chaining, babel-plugin-transform-parameters, babel-plugin-transform-private-property-in-object, babel-plugin-transform-react-jsx-self, babel-plugin-transform-typeof-symbol, babel-plugin-transform-typescript, babel-traverse
  • #16439 Make NodePath<T | U> distributive (@​nicolo-ribaudo)
• babel-plugin-proposal-partial-application, babel-types
  • #16421 Remove JSXNamespacedName from valid CallExpression args (@​nicolo-ribaudo)
• babel-plugin-transform-class-properties, babel-preset-env

... (truncated)

Commits

• 9630250 v7.24.6
• 553e433 Generate helper metadata at build time (#16501)
• fbfe16c Fix source maps for template literals (#16515)
• 6e3539b [babel 8] Publish .d.ts files for every package (#16416)
• e37e64d Use eslint v9 (#16479)
• 71c247a [babel 8] Require Node.js ^18.20.0 || ^20.10.0 || >=21.0.0 (#16457)
• ddbea7d v7.24.5
• ee48754 Use multiple TypeScript projects (#16430)
• a8994f8 Reduce platform-specific tests (#16436)
• See full diff in compare view

Updates dotenv-cli from 7.4.1 to 7.4.2

Commits

• 40728f3 7.4.2
• See full diff in compare view

Updates esbuild from 0.20.2 to 0.21.4

Release notes

Sourced from esbuild's releases.

v0.21.4

• Update support for import assertions and import attributes in node (#3778)

  Import assertions (the assert keyword) have been removed from node starting in v22.0.0. So esbuild will now strip them and generate a warning with --target=node22 or above:

  ▲ [WARNING] The "assert" keyword is not supported in the configured target environment ("node22") [assert-to-with]
  example.mjs:1:40:
    1 │ import json from "esbuild/package.json" assert { type: "json" }
      │                                         ~~~~~~
      ╵                                         with
  
  Did you mean to use "with" instead of "assert"?
  

  Import attributes (the with keyword) have been backported to node 18 starting in v18.20.0. So esbuild will no longer strip them with --target=node18.N if N is 20 or greater.

• Fix for await transform when a label is present

  This release fixes a bug where the for await transform, which wraps the loop in a try statement, previously failed to also move the loop's label into the try statement. This bug only affects code that uses both of these features in combination. Here's an example of some affected code:

  // Original code
  async function test() {
    outer: for await (const x of [Promise.resolve([0, 1])]) {
      for (const y of x) if (y) break outer
      throw 'fail'
    }
  }
  // Old output (with --target=es6)
  function test() {
  return __async(this, null, function* () {
  outer: try {
  for (var iter = __forAwait([Promise.resolve([0, 1])]), more, temp, error; more = !(temp = yield iter.next()).done; more = false) {
  const x = temp.value;
  for (const y of x) if (y) break outer;
  throw "fail";
  }
  } catch (temp) {
  error = [temp];
  } finally {
  try {
  more && (temp = iter.return) && (yield temp.call(iter));
  } finally {
  if (error)
  throw error[0];
  }
  }

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.21.4

• Update support for import assertions and import attributes in node (#3778)

  Import assertions (the assert keyword) have been removed from node starting in v22.0.0. So esbuild will now strip them and generate a warning with --target=node22 or above:

  ▲ [WARNING] The "assert" keyword is not supported in the configured target environment ("node22") [assert-to-with]
  example.mjs:1:40:
    1 │ import json from "esbuild/package.json" assert { type: "json" }
      │                                         ~~~~~~
      ╵                                         with
  
  Did you mean to use "with" instead of "assert"?
  

  Import attributes (the with keyword) have been backported to node 18 starting in v18.20.0. So esbuild will no longer strip them with --target=node18.N if N is 20 or greater.

• Fix for await transform when a label is present

  This release fixes a bug where the for await transform, which wraps the loop in a try statement, previously failed to also move the loop's label into the try statement. This bug only affects code that uses both of these features in combination. Here's an example of some affected code:

  // Original code
  async function test() {
    outer: for await (const x of [Promise.resolve([0, 1])]) {
      for (const y of x) if (y) break outer
      throw 'fail'
    }
  }
  // Old output (with --target=es6)
  function test() {
  return __async(this, null, function* () {
  outer: try {
  for (var iter = __forAwait([Promise.resolve([0, 1])]), more, temp, error; more = !(temp = yield iter.next()).done; more = false) {
  const x = temp.value;
  for (const y of x) if (y) break outer;
  throw "fail";
  }
  } catch (temp) {
  error = [temp];
  } finally {
  try {
  more && (temp = iter.return) && (yield temp.call(iter));
  } finally {
  if (error)
  throw error[0];
  }

... (truncated)

Commits

• 67cbf87 publish 0.21.4 to npm
• 4ad11c3 fix #3639, fix #3646: pass with to onResolve
• 516ca31 fix #3343: allow bundle-internal string aliases
• 9e2f304 fix #3416, fix #3425: better enum constant folding
• 8f1faf7 implement late constant-folding for && || ??
• 7d50a50 implement late constant-folding of string enums
• 1b29ac7 fold equality checks after cross-module inlining
• d7a8bf3 formatting support for @position-try (for #3773)
• 5069410 fix #3778: import assertions/attributes for node
• 11d568c run make update-compat-table
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.