Skip to content

Release 25/06/2026#2897

Open
CorieW wants to merge 15 commits into
masterfrom
next
Open

Release 25/06/2026#2897
CorieW wants to merge 15 commits into
masterfrom
next

Conversation

@CorieW

@CorieW CorieW commented Jun 25, 2026

Copy link
Copy Markdown
Member

No description provided.

CorieW and others added 5 commits June 1, 2026 10:28
@CorieW
chore(dependabot): group security & supply chain attack hardening (#2850
51d1239 
)

* chore(deps): group security

* chore(deps): rename dependency group for minor and patch updates

* chore(deps): rename security updates group in dependabot configuration

* chore(deps): add cooldown settings for Dependabot updates
@inlined
Merge pull request #2890 from firebase/master
3c04e6e 
I seem to have merged into the wrong branch
@CorieW
Merge pull request #2893 from firebase/master
43e4b6c 
sync next with master
@CorieW
chore: update extension release metadata
8aa8e42
@CorieW
Merge pull request #2896 from firebase/chore/update-extension-release…
102eaa4 
…-metadata

chore: update extension release metadata
gemini-code-assist[bot]
gemini-code-assist Bot reviewed Jun 25, 2026
View reviewed changes

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the Dependabot configuration and bumps versions across several Firebase extensions, including updating their respective changelogs. The review feedback highlights that the newly added cooldown configuration in .github/dependabot.yml is unsupported by GitHub Dependabot and will cause a schema validation error, so it should be removed.

Comment thread .github/dependabot.yml
Comment on lines +9 to +13
cooldown:
default-days: 7
semver-major-days: 7
semver-minor-days: 7
semver-patch-days: 7

@gemini-code-assist gemini-code-assist Bot Jun 25, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

The cooldown option is not a supported configuration option for GitHub Dependabot. Including this unsupported key will cause a schema validation error, preventing Dependabot from running and updating dependencies in this repository. Please remove the cooldown block.

@github-advanced-security

github-advanced-security AI commented Jun 25, 2026

Copy link
Copy Markdown

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

4 similar comments
@github-advanced-security

github-advanced-security AI commented Jun 25, 2026

Copy link
Copy Markdown

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

@github-advanced-security

github-advanced-security AI commented Jun 25, 2026

Copy link
Copy Markdown

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

@github-advanced-security

github-advanced-security AI commented Jun 25, 2026

Copy link
Copy Markdown

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

@github-advanced-security

github-advanced-security AI commented Jun 25, 2026

Copy link
Copy Markdown

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer
@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments
Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@CorieW @github-advanced-security @cabljac @inlined