Home Original page

build(deps-dev): bump @microsoft/api-extractor from 7.52.7 to 7.52.10 by dependabot[bot] · Pull Request #2955 · firebase/firebase-admin-node

Bumps @microsoft/api-extractor from 7.52.7 to 7.52.10.

Changelog

Sourced from @​microsoft/api-extractor's changelog.

7.52.10

Fri, 01 Aug 2025 00:12:48 GMT

Patches

  • Upgrades the minimatch dependency from ~3.0.3 to 10.0.3 across the entire Rush monorepo to address a Regular Expression Denial of Service (ReDoS) vulnerability in the underlying brace-expansion dependency.

7.52.9

Wed, 23 Jul 2025 20:55:57 GMT

Version update only

7.52.8

Tue, 13 May 2025 02:09:20 GMT

Patches

  • Fixes API extractor error handling when changed APIs are encountered and the "--local" flag is not specified
Commits
  • 25c9267 Bump versions [skip ci]
  • 60ac227 Update changelogs [skip ci]
  • cd4b4f1 feat: upgrade minimatch to v10.0.3 (#5291)
  • 72fde22 Bump cyclics. (#5284)
  • a40a6e8 Bump versions [skip ci]
  • 44ad66f Update changelogs [skip ci]
  • aabb1ec Bump cyclic dependencies and convert the decoupled-local-node-rig to use flat...
  • fba6858 Bump versions [skip ci]
  • d4e0a6e Update changelogs [skip ci]
  • d9226f8 [api-extractor] Fix error handling when encountering changed APIs (#5226)
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)