Merge master into release

firebase · Apr 9, 2024 · badff01 · badff01
2 parents 13762a4 + f1a57d0
commit badff01
Show file tree

Hide file tree

Showing 42 changed files with 2,436 additions and 1,135 deletions.
diff --git a/.changeset/cyan-pugs-buy.md b/.changeset/cyan-pugs-buy.md
@@ -0,0 +1,9 @@
+---
+'@firebase/auth-compat': patch
+'@firebase/firestore': patch
+'@firebase/functions': patch
+'@firebase/storage': patch
+'@firebase/auth': patch
+---
+
+Update undici version to 5.28.4 due to CVE-2024-30260.
diff --git a/.changeset/cyan-rats-itch.md b/.changeset/cyan-rats-itch.md
@@ -0,0 +1,5 @@
+---
+'@firebase/messaging': patch
+---
+
+Revised token update logic to keep existing tokens during update failures, preventing unnecessary deletions for transient issues.
diff --git a/.changeset/friendly-eyes-destroy.md b/.changeset/friendly-eyes-destroy.md
@@ -0,0 +1,5 @@
+---
+'@firebase/firestore': patch
+---
+
+Fixed the CSI issue where indexing on timestamp fields leads to incorrect query results.
diff --git a/.changeset/odd-gorillas-cough.md b/.changeset/odd-gorillas-cough.md
@@ -0,0 +1,6 @@
+---
+'@firebase/firestore': minor
+'firebase': minor
+---
+
+Enable queries with range & inequality filters on multiple fields.
diff --git a/.changeset/shy-bats-wave.md b/.changeset/shy-bats-wave.md
@@ -0,0 +1,5 @@
+---
+'@firebase/app': patch
+---
+
+FirebaseServerApp should not be JSON serializable
diff --git a/config/functions/package.json b/config/functions/package.json
@@ -3,7 +3,7 @@
   "description": "Cloud Functions for Firebase",
   "dependencies": {
     "cors": "2.8.5",
-    "firebase-admin": "11.10.1",
+    "firebase-admin": "11.11.1",
     "firebase-functions": "3.24.1"
   },
   "private": true,

diff --git a/docs-devsite/app.firebaseserverappsettings.md b/docs-devsite/app.firebaseserverappsettings.md
@@ -23,7 +23,7 @@ export interface FirebaseServerAppSettings extends FirebaseAppSettings
 
 |  Property | Type | Description |
 |  --- | --- | --- |
-|  [authIdToken](./app.firebaseserverappsettings.md#firebaseserverappsettingsauthidtoken) | string | An optional Auth ID token used to resume a signed in user session from a client runtime environment.<!-- -->Invoking <code>getAuth</code> with a <code>FirebaseServerApp</code> configured with a validated <code>authIdToken</code> causes an automatic attempt to sign in the user that the <code>authIdToken</code> represents. The token needs to have been recently minted for this operation to succeed.<!-- -->If the token fails local verification, or if the Auth service has failed to validate it when the Auth SDK is initialized, then a warning is logged to the console and the Auth SDK will not sign in a user on initalization.<!-- -->If a user is successfully signed in, then the Auth instance's <code>onAuthStateChanged</code> callback is invoked with the <code>User</code> object as per standard Auth flows. However, <code>User</code> objects created via an <code>authIdToken</code> do not have a refresh token. Attempted <code>refreshToken</code> operations fail. |
+|  [authIdToken](./app.firebaseserverappsettings.md#firebaseserverappsettingsauthidtoken) | string | An optional Auth ID token used to resume a signed in user session from a client runtime environment.<!-- -->Invoking <code>getAuth</code> with a <code>FirebaseServerApp</code> configured with a validated <code>authIdToken</code> causes an automatic attempt to sign in the user that the <code>authIdToken</code> represents. The token needs to have been recently minted for this operation to succeed.<!-- -->If the token fails local verification, or if the Auth service has failed to validate it when the Auth SDK is initialized, then a warning is logged to the console and the Auth SDK will not sign in a user on initialization.<!-- -->If a user is successfully signed in, then the Auth instance's <code>onAuthStateChanged</code> callback is invoked with the <code>User</code> object as per standard Auth flows. However, <code>User</code> objects created via an <code>authIdToken</code> do not have a refresh token. Attempted <code>refreshToken</code> operations fail. |
 |  [name](./app.firebaseserverappsettings.md#firebaseserverappsettingsname) | undefined | There is no <code>getApp()</code> operation for <code>FirebaseServerApp</code>, so the name is not relevant for applications. However, it may be used internally, and is declared here so that <code>FirebaseServerApp</code> conforms to the <code>FirebaseApp</code> interface. |
 |  [releaseOnDeref](./app.firebaseserverappsettings.md#firebaseserverappsettingsreleaseonderef) | object | An optional object. If provided, the Firebase SDK uses a <code>FinalizationRegistry</code> object to monitor the garbage collection status of the provided object. The Firebase SDK releases its reference on the <code>FirebaseServerApp</code> instance when the provided <code>releaseOnDeref</code> object is garbage collected.<!-- -->You can use this field to reduce memory management overhead for your application. If provided, an app running in a SSR pass does not need to perform <code>FirebaseServerApp</code> cleanup, so long as the reference object is deleted (by falling out of SSR scope, for instance.)<!-- -->If an object is not provided then the application must clean up the <code>FirebaseServerApp</code> instance by invoking <code>deleteApp</code>.<!-- -->If the application provides an object in this parameter, but the application is executed in a JavaScript engine that predates the support of <code>FinalizationRegistry</code> (introduced in node v14.6.0, for instance), then an error is thrown at <code>FirebaseServerApp</code> initialization. |
 
@@ -33,7 +33,7 @@ An optional Auth ID token used to resume a signed in user session from a client
 
 Invoking `getAuth` with a `FirebaseServerApp` configured with a validated `authIdToken` causes an automatic attempt to sign in the user that the `authIdToken` represents. The token needs to have been recently minted for this operation to succeed.
 
-If the token fails local verification, or if the Auth service has failed to validate it when the Auth SDK is initialized, then a warning is logged to the console and the Auth SDK will not sign in a user on initalization.
+If the token fails local verification, or if the Auth service has failed to validate it when the Auth SDK is initialized, then a warning is logged to the console and the Auth SDK will not sign in a user on initialization.
 
 If a user is successfully signed in, then the Auth instance's `onAuthStateChanged` callback is invoked with the `User` object as per standard Auth flows. However, `User` objects created via an `authIdToken` do not have a refresh token. Attempted `refreshToken` operations fail.
 

diff --git a/e2e/package.json b/e2e/package.json
@@ -21,12 +21,12 @@
     "firebase": "9.23.0"
   },
   "devDependencies": {
-    "@babel/core": "7.22.11",
+    "@babel/core": "7.24.3",
     "@babel/preset-env": "7.22.10",
-    "@types/chai": "4.3.5",
+    "@types/chai": "4.3.14",
     "@types/mocha": "9.1.1",
     "babel-loader": "8.3.0",
-    "chai": "4.3.7",
+    "chai": "4.4.1",
     "karma": "6.4.2",
     "karma-chrome-launcher": "3.2.0",
     "karma-mocha": "2.0.1",