Skip to content

build(deps): bump the npm_and_yarn group across 3 directories with 3 updates#914

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/core/generator/gapic-generator-typescript/npm_and_yarn-b85e5c3d9b
Closed

build(deps): bump the npm_and_yarn group across 3 directories with 3 updates#914
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/core/generator/gapic-generator-typescript/npm_and_yarn-b85e5c3d9b

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github May 15, 2026

Bumps the npm_and_yarn group with 1 update in the /core/generator/gapic-generator-typescript directory: protobufjs-cli.
Bumps the npm_and_yarn group with 1 update in the /core/packages/gax/test/test-application directory: @grpc/grpc-js.
Bumps the npm_and_yarn group with 1 update in the /handwritten/cloud-profiler directory: protobufjs.

Updates protobufjs-cli from 1.2.0 to 1.2.2

Release notes

Sourced from protobufjs-cli's releases.

protobufjs-cli: v1.2.2

1.2.2 (2026-04-28)

Bug Fixes

protobufjs-cli: v1.2.1

1.2.1 (2026-04-27)

Bug Fixes

  • Backport input hardening and CLI fixes to 7.x (#2173) (75392ea)
Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for protobufjs-cli since your current version.


Updates @grpc/grpc-js from 1.6.12 to 1.14.3

Release notes

Sourced from @​grpc/grpc-js's releases.

@​grpc/grpc-js 1.14.3

  • Send halfClose immediately after messages to prevent late halfClose issues with Envoy (#3031 contributed by @​serkanerip)

@​grpc/grpc-js 1.14.2

@​grpc/grpc-js 1.14.1

  • Fix a regression of the settings used internally for HTTP/2 sessions (#3023)

@​grpc/grpc-js-xds 1.14.0

  • Implement RBAC support (gRFC A41) (#2939, #2945)
  • Add weighted_round_robin to LB policy registry (#3001) (currently experimental, enabled by the environment variable GRPC_EXPERIMENTAL_XDS_WRR_LB)
  • Add wrr_locality to LB policy registry (#3003)

@​grpc/grpc-js 1.14.0

Changelog

  • Add getAuthContext method to client and server call classes (more details can be found in gRFC L35) (#2920)
  • Implement custom backend metrics support (gRFC A51) (#2978, #2983, #2985, #2986, #2999)
  • Add getConnectionInfo method to the ServerInterceptingCall class (#2922)
  • Implement the weighted_round_robin load balancing policy (#2998)
  • Fix jitter behavior for client retries (#2960 contributed by @​ekscentrysytet)
  • Start connecting from a random index in the round_robin LB policy (#2979)
  • Send connection-level WINDOW_UPDATE at session start (#2971 contributed by @​KoenRijpstra)

Experimental API Changes

Added:

  • CHANNEL_ARGS_CONFIG_SELECTOR_KEY
  • StatusOr<T>
  • CallStream
  • statusOrFromValue
  • statusOrFromError

Modified:

  • ResolverListener#onSuccessfulResolution now has the signature (endpointList: StatusOr<Endpoint[]>, attributes: { [key: string]: unknown }, serviceConfig: StatusOr<ServiceConfig> | null, resolutionNote: string): boolean
  • LoadBalancer#updateAddressList now has the signature `updateAddressList(endpointList: StatusOr<Endpoint[]>,lbConfig: TypedLoadBalancingConfig, channelOptions: ChannelOptions, resolutionNote: string): boolean

@​grpc/grpc-js 1.13.4

  • Fix ability to set SNI with ssl_target_name_override option (#2956)

@​grpc/grpc-js 1.13.3

  • Disable Nagle's algorithm (#2936)
  • Avoid calling http2.getDefaultSettings (#2937)

@​grpc/grpc-js 1.13.2

  • Fix a bug that caused clients to be unable to connect through local proxies (#2933)

... (truncated)

Commits
  • ccd29b2 Merge pull request #3032 from murgatroid99/grpc-js_retry_half_close_1.14
  • 9ea15ce grpc-js: Bump version to 1.14.3
  • 4d387d4 Use nextMessageToSend for early half-close
  • 88a083d remove halfCloseSent field
  • f6895cb Send halfClose immediately after messages to prevent late halfClose issues wi...
  • 37f2817 revert changes
  • 4e26a27 half close right after write
  • bf0dc8f Merge pull request #3029 from murgatroid99/grpc-js_keepalive_fix_backport
  • 235474e grpc-js: Bump to 1.14.2
  • 2f090c6 grpc-js: Fix server keep alive timeout not properly destroying connections
  • Additional commits viewable in compare view
Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.


Updates protobufjs from 7.4.0 to 8.3.0

Release notes

Sourced from protobufjs's releases.

protobufjs: v8.3.0

8.3.0 (2026-05-13)

Features

protobufjs: v8.2.1

8.2.1 (2026-05-13)

Bug Fixes

Performance Improvements

protobufjs: v8.2.0

8.2.0 (2026-05-09)

Features

Bug Fixes

... (truncated)

Changelog

Sourced from protobufjs's changelog.

8.3.0 (2026-05-13)

Features

8.2.1 (2026-05-13)

Bug Fixes

Performance Improvements

8.2.0 (2026-05-09)

Features

Bug Fixes

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for protobufjs since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump the npm_and_yarn group across 3 directories with 3 …
9a4e817 
…updates

Bumps the npm_and_yarn group with 1 update in the /core/generator/gapic-generator-typescript directory: [protobufjs-cli](https://github.com/protobufjs/protobuf.js).
Bumps the npm_and_yarn group with 1 update in the /core/packages/gax/test/test-application directory: [@grpc/grpc-js](https://github.com/grpc/grpc-node).
Bumps the npm_and_yarn group with 1 update in the /handwritten/cloud-profiler directory: [protobufjs](https://github.com/protobufjs/protobuf.js).


Updates `protobufjs-cli` from 1.2.0 to 1.2.2
- [Release notes](https://github.com/protobufjs/protobuf.js/releases)
- [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md)
- [Commits](protobufjs/protobuf.js@protobufjs-cli-v1.2.0...protobufjs-cli-v1.2.2)

Updates `@grpc/grpc-js` from 1.6.12 to 1.14.3
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.6.12...@grpc/grpc-js@1.14.3)

Updates `protobufjs` from 7.4.0 to 8.3.0
- [Release notes](https://github.com/protobufjs/protobuf.js/releases)
- [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md)
- [Commits](protobufjs/protobuf.js@protobufjs-v7.4.0...protobufjs-v8.3.0)

---
updated-dependencies:
- dependency-name: protobufjs-cli
  dependency-version: 1.2.2
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: "@grpc/grpc-js"
  dependency-version: 1.14.3
  dependency-type: direct:production
  dependency-group: npm_and_yarn
- dependency-name: protobufjs
  dependency-version: 8.3.0
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 15, 2026
@snyk-io
Copy link
Copy Markdown

snyk-io Bot commented May 15, 2026

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@dependabot @github
Copy link
Copy Markdown
Author

dependabot Bot commented on behalf of github May 22, 2026

Superseded by #916.

@dependabot dependabot Bot closed this May 22, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/core/generator/gapic-generator-typescript/npm_and_yarn-b85e5c3d9b branch May 22, 2026 10:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants