chore(deps): bump @google-cloud/firestore and firebase-admin in /functions

[dependabot]

Bumps @google-cloud/firestore to 7.11.6 and updates ancestor dependency firebase-admin. These dependencies need to be updated together.

Updates @google-cloud/firestore from 4.15.1 to 7.11.6

Release notes

Sourced from @​google-cloud/firestore's releases.

speech: v7.3.1

7.3.1 (2026-05-01)

Bug Fixes

• Change the copyright year for files in the packages folder (#8109) (c1a03fe)
• Do not publish the protos to npm (#8079) (816216b)
• Revert "fix: Do not publish the protos to npm" (#8096) (ac0fbb6)

recommender: v7.2.2

7.2.2 (2026-05-01)

Bug Fixes

• Change the copyright year for files in the packages folder (#8109) (c1a03fe)
• Do not publish the protos to npm (#8079) (816216b)
• Revert "fix: Do not publish the protos to npm" (#8096) (ac0fbb6)

talent: v7.1.2

7.1.2 (2026-05-01)

Bug Fixes

• Change the copyright year for files in the packages folder (#8109) (c1a03fe)
• Do not publish the protos to npm (#8079) (816216b)
• Revert "fix: Do not publish the protos to npm" (#8096) (ac0fbb6)

security-private-ca: v7.0.2

7.0.2 (2026-05-01)

Bug Fixes

• Change the copyright year for files in the packages folder (#8109) (c1a03fe)
• Do not publish the protos to npm (#8079) (816216b)
• Revert "fix: Do not publish the protos to npm" (#8096) (ac0fbb6)

recaptcha-enterprise: v6.4.1

6.4.1 (2026-05-01)

Bug Fixes

• Change the copyright year for files in the packages folder (#8109) (c1a03fe)
• Do not publish the protos to npm (#8079) (816216b)
• Revert "fix: Do not publish the protos to npm" (#8096) (ac0fbb6)

... (truncated)

Changelog

Sourced from @​google-cloud/firestore's changelog.

7.11.6 (2025-09-26)

Bug Fixes

• Pool.ts: add even more logging (c508d1b)

7.11.5 (2025-09-22)

Bug Fixes

• Pool.ts: add more detailed logging for client garbage collection (#2420) (1bbca46)

7.11.4 (2025-09-16)

Bug Fixes

• Improve debug logging for the internal client pool. Added client IDs to debug log statements for client management. (99918f1)

7.11.3 (2025-07-09)

Bug Fixes

• Improve performance of the UTF-8 string comparison logic (#2380) (bc6a03e)

7.11.2 (2025-06-19)

Bug Fixes

• Firestore Client caching stub in bad state issue (#2365) (04ad0a4)

7.11.1 (2025-05-02)

Bug Fixes

• Aggregate query readtime bug (#2331) (9ac0394)
• Bump default deadline on CreateDatabase and RestoreDatabase to 2 minutes (#2274) (d559080)
• Close default BulkWriter upon terminate. (#2276) (1e714a8)
• Correctly escape field paths with multiple backslashes or backticks (#2259) (#2261) (7056ba7)
• Do not send page size with auto-paginate. Fixes warnings in listCollections and listDocuments. (#2336) (844b4ca)
• Finalize fixing typings for headers in generator (#2287) (c6c85b6)
• Prevent crashes if an inactive stream receives an error. (#2283) (f58fe79)
• Remove unused "long" dependency from firestore proto (#2324) (5937b93)
• Sort document reference by long type id (#2257) (3fd0de9)
• Sort strings in UTF-8 encoded byte order (#2275) (a2950e0)

... (truncated)

Commits

• See full diff in compare view

Updates firebase-admin from 10.3.0 to 13.9.0

Release notes

Sourced from firebase-admin's releases.

Firebase Admin Node.js SDK v13.9.0

New Features

• feat(remote-config): add optional exposurePercent field to ExperimentValue (#3096)

Miscellaneous

• [chore] Release 13.9.0 (#3129)
• chore: Deprecate support for Node.js 20 (#3128)
• build(deps-dev): bump @​typescript-eslint/parser from 8.57.2 to 8.59.1 (#3114)
• build(deps): bump follow-redirects in /.github/actions/send-email (#3113)
• build(deps): bump protobufjs from 7.5.4 to 7.5.5 (#3119)
• build(deps): bump uuid and @​actions/core in /.github/actions/send-email (#3120)
• build(deps): bump axios in /.github/actions/send-email (#3123)
• build(deps): bump fast-xml-parser from 5.5.9 to 5.7.1 (#3122)

Firebase Admin Node.js SDK v13.8.0

New Features

• feat(pnv): Add support for Phone Number Verification (#3101)
• feat(fcm): Add bandwidthConstrainedOk and restrictedSatelliteOk (#2994)

Miscellaneous

• [chore] Release 13.8.0 (#3109)
• chore(deps): bump node-forge to 1.4.0 (#3108)
• build(deps-dev): bump @​types/node from 25.3.0 to 25.3.3 (#3090)
• build(deps-dev): bump lodash and @​microsoft/api-extractor (#3106)
• build(deps): bump fast-xml-parser from 5.5.6 to 5.5.7 (#3095)
• build(deps): bump fast-xml-parser from 5.4.1 to 5.5.6 (#3093)
• build(deps): bump fast-xml-parser from 5.3.7 to 5.4.1 (#3087)

Firebase Admin Node.js SDK v13.7.0

New Features

• feat(rc): Support Rollout, Personalization, and Experiment values (#3046)

Bug Fixes

• fix: upgrade @​google-cloud/storage@​7.19.0 (#3071)

Miscellaneous

• [chore] Release 13.7.0 (#3081)
• build(deps-dev): bump @​types/lodash from 4.17.18 to 4.17.24 (#3083)
• build(deps-dev): bump @​typescript-eslint/eslint-plugin (#3086)
• build(deps): bump node-forge from 1.3.2 to 1.3.3 (#3085)

... (truncated)

Commits

• 0efb21f [chore] Release 13.9.0 (#3129)
• 363a302 chore: Deprecate support for Node.js 20 (#3128)
• b28b921 build(deps-dev): bump @​typescript-eslint/parser from 8.57.2 to 8.59.1 (#3114)
• 5933705 build(deps): bump follow-redirects in /.github/actions/send-email (#3113)
• ce3b9e0 build(deps): bump protobufjs from 7.5.4 to 7.5.5 (#3119)
• e891a3c build(deps): bump uuid and @​actions/core in /.github/actions/send-email (#3120)
• 92003fc feat(remote-config): add optional exposurePercent field to ExperimentValue (#...
• 8b9b7a7 build(deps): bump axios in /.github/actions/send-email (#3123)
• e310a72 build(deps): bump fast-xml-parser from 5.5.9 to 5.7.1 (#3122)
• ff4c94d [chore] Release 13.8.0 (#3109)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
yt-studio	Error		May 11, 2026 7:34am
yt-studio-production	Error		May 11, 2026 7:34am

[bolt-new-by-stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
❌ Deployment failed View logs	ytstudio	46ad47f	May 11 2026, 07:34 AM

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Updated (UTC)
❌ Deployment failed View logs	ytstudio	46ad47f	May 11 2026, 07:34 AM

[dependabot]

Dependabot can't parse your package-lock.json. Because of this, Dependabot cannot update this pull request.

[dependabot]

Dependabot can't parse your package-lock.json. Because of this, Dependabot cannot update this pull request.