deps: bump the safe-app-dependencies group with 5 updates

[dependabot]

Bumps the safe-app-dependencies group with 5 updates:

Package	From	To
firebase	10.4.0	10.11.0
@babel/core	7.23.0	7.24.4
concurrently	8.2.1	8.2.2
dotenv-cli	7.3.0	7.4.1
esbuild	0.19.4	0.20.2

Updates firebase from 10.4.0 to 10.11.0

Commits

• 826b571 Version Packages (#8143)
• 80fbb26 Merge master into release
• ad8d547 April Dependency Update Changeset (#8134)
• 13ddddf Bump browserify-sign from 4.2.1 to 4.2.3 in /e2e (#8136)
• 6393c95 Bump @​babel/traverse from 7.15.4 to 7.24.1 (#8140)
• 36b261c Fix terraform steps in CI PR #2 (#8147)
• 0068ed5 Conditionally run terraform CI steps only if secrets are available. (#8144)
• a6fa544 Fix internal assertion encountered when testing with jsdom. (#8142)
• 9297ef3 Use the latest published version for auth sample app (#8130)
• badff01 Merge master into release
• Additional commits viewable in compare view

Updates @babel/core from 7.23.0 to 7.24.4

Release notes

Sourced from @​babel/core's releases.

v7.24.4 (2024-04-03)

Thanks @​Dunqing, @​luiscubal, and @​samualtnorman for your first PRs!

👓 Spec Compliance

• babel-parser
  • #16403 Forbid initializerless using (@​JLHwung)
• babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
  • #16388 Ensure decorators are callable (@​JLHwung)

🐛 Bug Fix

• babel-generator
  • #16402 fix: Correctly prints { [key in Bar]? } (@​liuxingbaoyu)
  • #16394 fix: Correctly generate TSMappedType (@​liuxingbaoyu)
• babel-compat-data, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-preset-env
  • #16390 Create bugfix plugin for classes in computed keys in Firefox (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • #16387 fix: support mutated outer decorated class binding (@​JLHwung)
  • #16385 fix: Decorators when super() exists and protoInit is not needed (@​liuxingbaoyu)
• babel-plugin-transform-block-scoping
  • #16384 fix: Transform scoping for for X in loop (@​liuxingbaoyu)
  • #16368 fix: Capture let when the for body is not a block (@​liuxingbaoyu)
• babel-core, babel-plugin-transform-block-scoped-functions, babel-plugin-transform-block-scoping
  • #16363 Fix incorrect function hoisting in some case statements (@​luiscubal)

Committers: 7

• Babel Bot (@​babel-bot)
• Dunqing (@​Dunqing)
• Huáng Jùnliàng (@​JLHwung)
• Luís Reis (@​luiscubal)
• Nicolò Ribaudo (@​nicolo-ribaudo)
• Samual Norman (@​samualtnorman)
• @​liuxingbaoyu

v7.24.3 (2024-03-20)

Thanks @​ota-meshi for your first PR!

🐛 Bug Fix

• babel-helper-module-imports
  • #16370 fix: do not inject the same imported identifier multiple times (@​ota-meshi)

Committers: 2

• Nicolò Ribaudo (@​nicolo-ribaudo)
• Yosuke Ota (@​ota-meshi)

v7.24.2 (2024-03-19)

🐛 Bug Fix

• babel-code-frame, babel-highlight

... (truncated)

Changelog

Sourced from @​babel/core's changelog.

v7.24.4 (2024-04-03)

👓 Spec Compliance

• babel-parser
  • #16403 Forbid initializerless using (@​JLHwung)
• babel-helpers, babel-plugin-proposal-decorators, babel-runtime-corejs3
  • #16388 Ensure decorators are callable (@​JLHwung)

🐛 Bug Fix

• babel-generator
  • #16402 fix: Correctly prints { [key in Bar]? } (@​liuxingbaoyu)
  • #16394 fix: Correctly generate TSMappedType (@​liuxingbaoyu)
• babel-compat-data, babel-plugin-bugfix-firefox-class-in-computed-class-key, babel-preset-env
  • #16390 Create bugfix plugin for classes in computed keys in Firefox (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • #16387 fix: support mutated outer decorated class binding (@​JLHwung)
  • #16385 fix: Decorators when super() exists and protoInit is not needed (@​liuxingbaoyu)
• babel-plugin-transform-block-scoping
  • #16384 fix: Transform scoping for for X in loop (@​liuxingbaoyu)
  • #16368 fix: Capture let when the for body is not a block (@​liuxingbaoyu)
• babel-core, babel-plugin-transform-block-scoped-functions, babel-plugin-transform-block-scoping
  • #16363 Fix incorrect function hoisting in some case statements (@​luiscubal)

v7.24.3 (2024-03-20)

🐛 Bug Fix

• babel-helper-module-imports
  • #16370 fix: do not inject the same imported identifier multiple times (@​ota-meshi)

v7.24.2 (2024-03-19)

🐛 Bug Fix

• babel-code-frame, babel-highlight
  • #16362 Restore previous FORCE_COLOR=0 behavior (@​nicolo-ribaudo)

v7.24.1 (2024-03-19)

🐛 Bug Fix

• babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators
  • #16350 Fix decorated class computed keys ordering (@​JLHwung)
  • #16344 Fix decorated class static field private access (@​JLHwung)
• babel-plugin-proposal-decorators, babel-plugin-proposal-json-modules, babel-plugin-transform-async-generator-functions, babel-plugin-transform-regenerator, babel-plugin-transform-runtime, babel-preset-env
  • #16329 Respect moduleName for @babel/runtime/regenerator imports (@​nicolo-ribaudo)
• babel-helper-create-class-features-plugin, babel-plugin-proposal-decorators, babel-plugin-proposal-pipeline-operator, babel-plugin-transform-class-properties
  • #16331 Fix decorator memoiser binding kind (@​JLHwung)
• babel-helper-create-class-features-plugin, babel-helper-replace-supers, babel-plugin-proposal-decorators, babel-plugin-transform-class-properties
  • #16325 Fix decorator evaluation private environment (@​JLHwung)

📝 Documentation

• #16319 Update SECURITY.md (@​nicolo-ribaudo)

🏠 Internal

• babel-code-frame, babel-highlight

... (truncated)

Commits

• 5a8c692 v7.24.4
• d4ade61 Test Babel 7/8 compatibility for plugins from es2019 to es2024 (#16399)
• b8eb831 Fix incorrect function hoisting in some case statements (#16363)
• 0eac8ca v7.24.3
• fb7cf63 [babel 8] Remove import_ fallback (#16365)
• 822b025 v7.24.1
• 19fdca5 Reduce the use of class names (#16326)
• 40110e9 Update source map deps (#16327)
• ce59160 v7.24.0
• 4bd1d41 Implement noUninitializedPrivateFieldAccess assumption (#16267)
• Additional commits viewable in compare view

Updates concurrently from 8.2.1 to 8.2.2

Release notes

Sourced from concurrently's releases.

v8.2.2

What's Changed

• fix(suggestion): prefixColors API type to embrace string type by @​SeiwonPark in open-cli-tools/concurrently#439
• Update dependencies by @​paescuj in open-cli-tools/concurrently#441
• Test against Node.js v20 instead of v19 by @​paescuj in open-cli-tools/concurrently#442
• Update dependencies by @​paescuj in open-cli-tools/concurrently#449

New Contributors

• @​SeiwonPark made their first contribution in open-cli-tools/concurrently#439

Full Changelog: open-cli-tools/concurrently@v8.2.1...v8.2.2

Commits

• 5a45482 8.2.2
• e06501b Update dependencies (#449)
• ac668c7 logger: use subscribeSpyTo in tests
• a61ef39 Test against Node.js v20 instead of v19 (#442)
• 565e0b1 Update dependencies (#441)
• 81529a9 fix(suggestion): prefixColors API type to embrace string type (#439)
• See full diff in compare view

Updates dotenv-cli from 7.3.0 to 7.4.1

Release notes

Sourced from dotenv-cli's releases.

Fix bug with -p in 7.4.0

Fixes entropitor/dotenv-cli#106 through entropitor/dotenv-cli@e794d3e

Release better variable usage (-v)

Releases entropitor/dotenv-cli#105

Commits

• ed62fc7 7.4.1
• e794d3e fix: assignment to const
• 4fc25ee v7.4.0
• b4314ea fix: Allow Whitespace in CLI Variable Values (#105)
• 052cb84 docs: encourage use of -- as default practice (#103)
• 89d021b docs: update override example (#95)
• See full diff in compare view

Updates esbuild from 0.19.4 to 0.20.2

Release notes

Sourced from esbuild's releases.

v0.20.2

• Support TypeScript experimental decorators on abstract class fields (#3684)

  With this release, you can now use TypeScript experimental decorators on abstract class fields. This was silently compiled incorrectly in esbuild 0.19.7 and below, and was an error from esbuild 0.19.8 to esbuild 0.20.1. Code such as the following should now work correctly:

  // Original code
  const log = (x: any, y: string) => console.log(y)
  abstract class Foo { @log abstract foo: string }
  new class extends Foo { foo = '' }
  // Old output (with --loader=ts --tsconfig-raw={"compilerOptions":{"experimentalDecorators":true}})
  const log = (x, y) => console.log(y);
  class Foo {
  }
  new class extends Foo {
  foo = "";
  }();
  // New output (with --loader=ts --tsconfig-raw={"compilerOptions":{"experimentalDecorators":true}})
  const log = (x, y) => console.log(y);
  class Foo {
  }
  __decorateClass([
  log
  ], Foo.prototype, "foo", 2);
  new class extends Foo {
  foo = "";
  }();

• JSON loader now preserves __proto__ properties (#3700)

  Copying JSON source code into a JavaScript file will change its meaning if a JSON object contains the __proto__ key. A literal __proto__ property in a JavaScript object literal sets the prototype of the object instead of adding a property named __proto__, while a literal __proto__ property in a JSON object literal just adds a property named __proto__. With this release, esbuild will now work around this problem by converting JSON to JavaScript with a computed property key in this case:

  // Original code
  import data from 'data:application/json,{"__proto__":{"fail":true}}'
  if (Object.getPrototypeOf(data)?.fail) throw 'fail'
  // Old output (with --bundle)
  (() => {
  // <data:application/json,{"proto":{"fail":true}}>
  var json_proto_fail_true_default = { proto: { fail: true } };
  // entry.js
  if (Object.getPrototypeOf(json_proto_fail_true_default)?.fail)
  throw "fail";
  })();

... (truncated)

Changelog

Sourced from esbuild's changelog.

0.20.2

• Support TypeScript experimental decorators on abstract class fields (#3684)

  With this release, you can now use TypeScript experimental decorators on abstract class fields. This was silently compiled incorrectly in esbuild 0.19.7 and below, and was an error from esbuild 0.19.8 to esbuild 0.20.1. Code such as the following should now work correctly:

  // Original code
  const log = (x: any, y: string) => console.log(y)
  abstract class Foo { @log abstract foo: string }
  new class extends Foo { foo = '' }
  // Old output (with --loader=ts --tsconfig-raw={"compilerOptions":{"experimentalDecorators":true}})
  const log = (x, y) => console.log(y);
  class Foo {
  }
  new class extends Foo {
  foo = "";
  }();
  // New output (with --loader=ts --tsconfig-raw={"compilerOptions":{"experimentalDecorators":true}})
  const log = (x, y) => console.log(y);
  class Foo {
  }
  __decorateClass([
  log
  ], Foo.prototype, "foo", 2);
  new class extends Foo {
  foo = "";
  }();

• JSON loader now preserves __proto__ properties (#3700)

  Copying JSON source code into a JavaScript file will change its meaning if a JSON object contains the __proto__ key. A literal __proto__ property in a JavaScript object literal sets the prototype of the object instead of adding a property named __proto__, while a literal __proto__ property in a JSON object literal just adds a property named __proto__. With this release, esbuild will now work around this problem by converting JSON to JavaScript with a computed property key in this case:

  // Original code
  import data from 'data:application/json,{"__proto__":{"fail":true}}'
  if (Object.getPrototypeOf(data)?.fail) throw 'fail'
  // Old output (with --bundle)
  (() => {
  // <data:application/json,{"proto":{"fail":true}}>
  var json_proto_fail_true_default = { proto: { fail: true } };
  // entry.js
  if (Object.getPrototypeOf(json_proto_fail_true_default)?.fail)
  throw "fail";
  })();

... (truncated)

Commits

• 617edda publish 0.20.2 to npm
• 4780075 fix #3700: json loader preserves __proto__ keys
• 30bed2d better errors for invalid js decorator syntax
• 300eeb7 ts: allow non-null assertions in js decorators
• 4d997d9 fix #3698: yarn pnp edge case with tsconfig.json
• cf42954 resolver: improve some debug logging
• b0765ae fix some lints
• dfa6206 fix some comments (closes #3683)
• ae5cc17 fix #3684: abstract experimental decorators
• c809af0 fix #2388: allow consuming types without dom types (#3679)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions