build(deps): bump @grpc/grpc-js and @firebase/firestore in /frontend

[dependabot]

Bumps @grpc/grpc-js to 1.9.15 and updates ancestor dependency @firebase/firestore. These dependencies need to be updated together.

Updates @grpc/grpc-js from 1.7.2 to 1.9.15

Release notes

Sourced from @​grpc/grpc-js's releases.

@​grpc/grpc-js 1.9.15

• Avoid buffering significantly more than grpc.max_receive_message_size per received message.

@​grpc/grpc-js 1.9.14

• Fix a bug that could rarely cause connection leaks (#2644)
• Fix a bug that could cause clients to go IDLE incorrectly some time after calling waitForReady (#2643)

@​grpc/grpc-js 1.9.13

• Fix a bug that could cause the Node process to close early when establishing a connection while a request is pending (#2626)

@​grpc/grpc-js 1.9.12

• Fix a bug that could cause connectivity state information to become stale in some circumstances (#2623)

@​grpc/grpc-js 1.9.11

• Fix a busy loop when recovering from a failure to establish a connection to a unix domain socket address target (#2618)
• Fix a bug that caused clients to stop trying to connect to a fixed IP address target after a working connection drops (#2619)

@​grpc/grpc-js 1.9.10

• Provide the correct port to the proxy when connecting to a target without an explicitly specified port (#2608 contributed by @​segevfiner)
• Properly handle goaway events with no additional data attached (#2611)

@​grpc/grpc-js 1.9.9

• Fix a busy loop when recovering from a failure to establish a connection to a fixed IP address target (#2609)

@​grpc/grpc-js 1.9.8

• Fix a memory leak caused by creating and closing multiple clients (#2606)

@​grpc/grpc-js 1.9.7

• Fix a bug that could cause a client to not update name resolution after multiple failed connection attempts (#2602)

@​grpc/grpc-js 1.9.6

• Include more information in most "No connection established" errors (#2598)
• Remove the index tracer, and add more information to other trace logs (#2599)

@​grpc/grpc-js 1.9.5

• Fix a type inconsistency in server-call.ts (#2589 contributed by @​rsnullptr)
• Close ports if the server is shut down while the bind operation is ongoing (#2590)

@​grpc/grpc-js 1.9.4

• Fix a bug that could cause a client to sometimes incorrectly hold the process open when no longer in use (#2586)

@​grpc/grpc-js 1.9.3

• Make a few improvements to DNS resolving timing (#2571)

Experimental changes:

• Added grpc.experimental.BackoffTimeout#getEndTime

@​grpc/grpc-js 1.9.2

• Handle error when sending keepalive pings (#2563)

... (truncated)

Commits

• 08b0422 Merge pull request from GHSA-7v5v-9h63-cj86
• c75e048 grpc-js: Bump to 1.9.15
• d5d62b4 grpc-js: Avoid buffering significantly more than max_receive_message_size per...
• 02d0344 Merge pull request #2741 from sergiitk/backport-1.9-psm-interop-common-prod-t...
• cf14020 Merge pull request #2729 from sergiitk/psm-interop-common-prod-tests
• da44229 Merge pull request #2738 from murgatroid99/backport-1.9-grpc-js_linkify-it_fix
• 5ae7c8c Merge pull request #2735 from murgatroid99/grpc-js_linkify-it_fix
• eed21ba Merge pull request #2714 from sergiitk/backport-1.9-psm-interop-pkg-dev
• 63763a4 Merge pull request #2712 from sergiitk/psm-interop-pkg-dev
• 5be83dd Merge pull request #2643 from murgatroid99/grpc-js_idle_timer_fix
• Additional commits viewable in compare view

Updates @firebase/firestore from 3.11.0 to 4.6.3

Release notes

Sourced from @​firebase/firestore's releases.

4.5.2

Fixes

• Fixed a regression where the react-native property was missing from the firebase package.json
• Fixed a regression where the value of firebase.SDK_VERSION wasn't properly being populated.

4.5.1

Features

Shipped individual modules for the following packages:

• @firebase/app
• @firebase/auth
• @firebase/database
• @firebase/firestore
• @firebase/messaging
• @firebase/polyfill
• @firebase/storage
• @firebase/util

4.5.0

Features

• Added support for Cloud Firestore. For more information, see the following resources:
  • Blog post
  • Web getting started guide
  • Reference Documentation

4.4.0

Features

• Released multi-resource support for database #159

Fixes

• Fixed issue with null initialization in externs #160

4.3.0

Features

• Added client side localization for email actions (password reset, email verification, etc), phone authentication SMS messages, OAuth flows and reCAPTCHA verification.
• Added the ability to pass a continue URL/state when triggering a password reset/email verification which gives a user the ability to go back to the app after completion. In addition, added support for the ability to open these links directly from a mobile app instead of a web flow using Firebase Dynamic Links.

Fixes

• Fixed issue with IE10 auth state synchronization across tabs

4.2.0

Features

... (truncated)

Changelog

Sourced from @​firebase/firestore's changelog.

4.6.3

Patch Changes

• 2ce95696f #8247 - Fix multi-tab persistence raising empty snapshot issue

4.6.2

Patch Changes

• 4b49630c7 #8190 - Use closure-net as a dependency of webchannel-wrapper and Firestore.

• ab883d016 #8237 - Bump all packages so staging works.

• Updated dependencies [14f9da66f, 4b49630c7, ab883d016]:

  • @​firebase/webchannel-wrapper@​1.0.0
  • @​firebase/component@​0.6.7
  • @​firebase/logger@​0.4.2
  • @​firebase/util@​1.9.6

4.6.1

Patch Changes

• 224419457 #8145 - Prevent spurious "Backend didn't respond within 10 seconds" errors when network is indeed responding, just slowly.

• bd12e83cd #8150 - Updated protobufjs transitive dependency in Firetore.

• e1a7764cf #8197 - Go back using xmlhttprequest for bidi-streams, as fetch streams seem to be having connection issue.

• 84f9ff008 #8178 - Reduce code bundle size by 6.5 kB in applications that only use memory persistence (the default persistence mode). This bundle size regression was accidentally introduced in v10.7.2.

4.6.0

Minor Changes

• 666dddae0 #7999 - Enable queries with range & inequality filters on multiple fields.

Patch Changes

• fe09d8338 #8138 (fixes #8132) - Update undici version to 5.28.4 due to CVE-2024-30260.

• c6ecac8ac #8090 (fixes #8031) - Fixed the CSI issue where indexing on timestamp fields leads to incorrect query results.

• a6fa54417 #8142 - Fix internal assertion due to Buffer value not evaluating to instanceof Uint8Array, encountered when testing with jsdom.

• ad8d5470d #8134 - Updated dependencies. See GitHub PR #8098.

4.5.1

... (truncated)

Commits

• 7381f21 Version Packages (#8254)
• 2ce9569 Fix multi tab persistence issue (#8247)
• 8fb372a Version Packages (#8236)
• f25b9e5 [internal] Query/AggregateQuery to proto representation (#8177)
• 4b49630 Use closure-net as a dependency of Firestore (#8190)
• 7709f10 Version Packages (#8202)
• e1a7764 Go back using xmlhttprequest for bidi-streams (#8197)
• 2244194 Firestore: Fix spurious "Backend didn't respond within 10 seconds" errors whe...
• 84f9ff0 Firestore: simple_db.ts: move getAndroidVersion() to a free function (#8178)
• 826b571 Version Packages (#8143)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.