Dependency Updates: Bump the dependencies group across 1 directory with 3 updates

[dependabot]

Bumps the dependencies group with 3 updates in the / directory: dotenv, firebase-admin and zod.

Updates dotenv from 16.4.5 to 16.4.7

Changelog

Sourced from dotenv's changelog.

16.4.7 (2024-12-03)

Changed

• Ignore .tap folder when publishing. (oops, sorry about that everyone. - @​motdotla) #848

16.4.6 (2024-12-02)

Changed

• Clean up stale dev dependencies #847
• Various README updates clarifying usage and alternative solutions using dotenvx

Commits

• a338d68 16.4.7
• daf3e3d changelog 🪵
• fb74f68 Merge pull request #848 from Spice-King/patch-1
• fe87ba2 Add .tap to .npmignore
• 0c9f764 16.4.6
• fd5f26b changelog 🪵
• bb19b6b Merge pull request #847 from motdotla/deps-updates
• 2f4e36b further dev dependency cleanup
• c2fdd01 send to codecov
• 6707487 add test coverage
• Additional commits viewable in compare view

Updates firebase-admin from 12.7.0 to 13.0.2

Release notes

Sourced from firebase-admin's releases.

Firebase Admin Node.js SDK v13.0.2

Bug Fixes

• fix(auth): Fix credentials issue in createToken() when using ADC (#2801)

Miscellaneous

• [chore] Release 13.0.2 (#2813)
• build(deps-dev): bump @​microsoft/api-extractor from 7.48.0 to 7.48.1 (#2810)
• build(deps): bump @​fastify/busboy from 3.0.0 to 3.1.0 (#2805)
• chore: Add firebaseAdminVersion to Firestore settings (#2795)
• build(deps): bump @​types/node from 22.10.0 to 22.10.1 (#2798)
• build(deps-dev): bump @​types/mocha from 10.0.9 to 10.0.10 (#2786)
• build(deps): bump @​types/node from 22.9.0 to 22.10.0 (#2790)
• build(deps-dev): bump @​firebase/app-compat from 0.2.45 to 0.2.46 (#2784)
• build(deps-dev): bump @​microsoft/api-extractor from 7.47.11 to 7.48.0 (#2788)

Firebase Admin Node.js SDK v13.0.1

Bug Fixes

• fix: Fix the property names when initializing the SDK with ServiceAccount type (#2779)

Miscellaneous

• [chore] Release 13.0.1 (#2780)
• build(deps-dev): bump @​firebase/auth-compat from 0.5.15 to 0.5.16 (#2776)
• build(deps): bump google-auth-library from 9.14.2 to 9.15.0 (#2773)
• build(deps): bump @​firebase/database-compat from 2.0.0 to 2.0.1 (#2774)
• build(deps-dev): bump @​firebase/auth-types from 0.12.2 to 0.12.3 (#2775)

Firebase Admin Node.js SDK v13.0.0

Breaking Changes

• change(rc): Update Remote Config condition evaluation hashing (#2760)
• change(fcm): Remove deprecated FCM APIs (#2759)
• change: Update Node support to 18 (#2756)
• change: Migrate credentials to use google-auth-library (#2466)

New Features

• feat(fcm): Add directBootOk field to AndroidConfig (#2745)

Bug Fixes

• fix: Set the Quota Project ID only for ADC human accounts (#2761)

Miscellaneous

... (truncated)

Commits

• 486ab16 [chore] Release 13.0.2 (#2813)
• cb374ca build(deps-dev): bump @​microsoft/api-extractor from 7.48.0 to 7.48.1 (#2810)
• ebd2164 build(deps): bump @​fastify/busboy from 3.0.0 to 3.1.0 (#2805)
• 86094a7 fix(auth): Fix credentials issue in createToken() when using ADC (#2801)
• 69d6494 chore: Add firebaseAdminVersion to Firestore settings (#2795)
• 79b78c4 build(deps): bump @​types/node from 22.10.0 to 22.10.1 (#2798)
• 8358549 build(deps-dev): bump @​types/mocha from 10.0.9 to 10.0.10 (#2786)
• 1772ac7 build(deps): bump @​types/node from 22.9.0 to 22.10.0 (#2790)
• de540fc build(deps-dev): bump @​firebase/app-compat from 0.2.45 to 0.2.46 (#2784)
• a1ba932 build(deps-dev): bump @​microsoft/api-extractor from 7.47.11 to 7.48.0 (#2788)
• Additional commits viewable in compare view

Updates zod from 3.23.8 to 3.24.1

Release notes

Sourced from zod's releases.

v3.24.1

Commits:

• 0c6cbbdd1315683dd3d589fbdc5765c26431dcc9 Undeprecate .nonempty()
• 4e219d6ad9d5e56e20afd7423092f506400a29e4 Bump min TS version to 5.0
• 65adeeacef0274abbda5438470a3d2bfd376256d v3.24.1

v3.24.0

Implement @standard-schema/spec

This is the first version of Zod to implement the Standard Schema spec. This is a new community effort among several validation library authors to implement a common interface, with the goal of simplifying the process of integrating schema validators with the rest of the ecosystem. Read more about the project and goals here.

z.string().jwt()

Thanks to @​Mokshit06 and @​Cognition-Labs for this contribution!

To verify that a string is a valid 3-part JWT.

z.string().jwt();

⚠️ This does not verify your JWT cryptographically! It merely ensures its in the proper format. Use a library like jsonwebtoken to verify the JWT signature, parse the token, and read the claims.

To constrain the JWT to a specific algorithm:

z.string().jwt({ alg: "RS256" });

z.string().base64url()

Thank you to @​marvinruder!

To complement the JWT validation, Zod 3.24 implements a standalone .base64url() string validation API. (The three elements of JWTs are base64url-encoded JSON strings.)

z.string().base64url()

This functionality is available along the standard z.string().base64() validator added in Zod 3.23.

z.string().cidr()

Thanks to @​wataryooou for their work on this!

A validator for CIDR notation for specifying IP address ranges, e.g. 192.24.12.0/22.

... (truncated)

Commits

• 65adeea v3.24.1
• 4e219d6 Bump min TS version to 5.0
• 0c6cbbd Undeprecate .nonempty()
• b333f96 Fix deno tests
• 964d622 Fix lint
• b68c05f feat: Add JWT string validator (#3893)
• c1dd537 Adds frrm package to documentation (#3818)
• 69a1798 Implement Standard Schema spec (#3850)
• 963386d Fix lint
• 3755146 Remove createParams cascade from .array() (#3530)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by colinhacks, a new releaser for zod since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.