Bump protobufjs and @google-cloud/spanner in /courses/cloud-spanner/omegatrade/backend

[dependabot]

Bumps protobufjs to 7.5.8 and updates ancestor dependency @google-cloud/spanner. These dependencies need to be updated together.

Updates protobufjs from 6.10.2 to 7.5.8

Release notes

Sourced from protobufjs's releases.

protobufjs: v7.5.8

7.5.8 (2026-05-12)

Bug Fixes

• Backport parser hardening to 7.x (#2245) (54b593f)

protobufjs: v7.5.7

7.5.7 (2026-05-09)

Bug Fixes

• Restore first-match namespace lookup (#2236) (cc7d595)

protobufjs: v7.5.6

7.5.6 (2026-04-27)

Bug Fixes

• Backport input hardening and CLI fixes to 7.x (#2173) (75392ea)

v7.5.5

This release backports two reported security issues to 7.x branch.

• fix: do not allow setting __proto__ in Message constructor (#2126)
• fix: filter invalid characters from the type name (#2127)

Full Changelog: protobufjs/protobuf.js@protobufjs-v7.5.4...protobufjs-v7.5.5

protobufjs: v7.5.4

7.5.4 (2025-08-15)

Bug Fixes

• invalid syntax in descriptor.proto (#2092) (5a3769a)

protobufjs: v7.5.3

7.5.3 (2025-05-28)

Bug Fixes

• descriptor extensions handling post-editions (#2075) (6e255d4)

protobufjs: v7.5.2

7.5.2 (2025-05-14)

... (truncated)

Changelog

Sourced from protobufjs's changelog.

7.5.8 (2026-05-12)

Bug Fixes

• Backport parser hardening to 7.x (#2245) (54b593f)

7.5.7 (2026-05-09)

Bug Fixes

• Restore first-match namespace lookup (#2236) (cc7d595)

7.5.6 (2026-04-27)

Bug Fixes

• Backport input hardening and CLI fixes to 7.x (#2173) (75392ea)

7.5.4 (2025-08-15)

Bug Fixes

• invalid syntax in descriptor.proto (#2092) (5a3769a)

7.5.3 (2025-05-28)

Bug Fixes

• descriptor extensions handling post-editions (#2075) (6e255d4)

7.5.2 (2025-05-14)

Bug Fixes

• ensure that types are always resolved (#2068) (4b51cb2)

7.5.1 (2025-05-08)

Bug Fixes

• optimize regressions from editions implementations (#2066) (6406d4c)
• reserved field inside group blocks fail parsing (#2058) (56782bf)

... (truncated)

Commits

• d7035f9 chore: release protobufjs-v7.x (#2248)
• 54b593f fix: Backport parser hardening to 7.x (#2245)
• e88fcea chore: release protobufjs-v7.x (#2239)
• cc7d595 fix: Restore first-match namespace lookup (#2236)
• 3abc9b5 chore: release protobufjs-v7.x (#2190)
• a0bf2df fix: Update CLI peer dependency (7.x) (#2189)
• 2189e5b chore: release protobufjs-v7.x (#2174)
• 75392ea fix: Backport input hardening and CLI fixes to 7.x (#2173)
• 8af8d7c chore(ci): Fix 7.x release please configuration (#2169)
• e92ca42 chore(ci): Enable release-please for 7.x (#2166)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for protobufjs since your current version.

Install script changes

This version modifies prepublish script that runs during installation. Review the package contents before updating.

Updates @google-cloud/spanner from 5.4.0 to 8.7.1

Release notes

Sourced from @​google-cloud/spanner's releases.

spanner: v8.7.1

8.7.1 (2026-05-06)

Bug Fixes

• Bump all node submodules (#8178) (9fd76ef)
• Change the copyright year for files in the packages folder (#8109) (c1a03fe)
• spanner: Clear metrics tracers after operation completion (#8172) (4c33205)
• spanner: Disable metrics tracer when built-in metrics are disabled (#8170) (0dd9a53)
• spanner: GetTransaction type with options, cb (#8045) (8e31dd7)
• spanner: Record fractional latency metrics (#8168) (9e91cc8)

firestore: v8.6.0

8.6.0 (2026-05-11)

Features

• firestore: Added FieldValue.minimum() and FieldValue.maximum() (#8151) (41671b0)
• firestore: Added search stage support for languageCode, offset, limit, and retrievalDepth (#8161) (4acb075)

Bug Fixes

• Bump all node submodules (#8178) (9fd76ef)
• firestore: Ensure limit(0) is properly serialized in query requests (#8076) (8631008), closes #7382
• firestore: Respect ignoreUndefinedProperties in subpipelines (#8089) (a9f6c3f)

bigquery: v8.3.1

8.3.1 (2026-05-11)

Bug Fixes

• bigquery: Run npm run types in correct directory in owlbot (#8061) (0948b35)
• Bump all node submodules (#8178) (9fd76ef)
• Pin @​sinonjs/fake-timers to unblock build in bigquery (#8121) (374167b)

gcp-metadata: v8.1.3

8.1.3 (2026-05-11)

Bug Fixes

• Bump all node submodules (#8178) (9fd76ef)

retry-request: v8.0.3

8.0.3 (2026-05-11)

... (truncated)

Changelog

Sourced from @​google-cloud/spanner's changelog.

8.7.1 (2026-05-06)

Bug Fixes

• Bump all node submodules (#8178) (9fd76ef)
• Change the copyright year for files in the packages folder (#8109) (c1a03fe)
• spanner: Clear metrics tracers after operation completion (#8172) (4c33205)
• spanner: Disable metrics tracer when built-in metrics are disabled (#8170) (0dd9a53)
• spanner: GetTransaction type with options, cb (#8045) (8e31dd7)
• spanner: Record fractional latency metrics (#8168) (9e91cc8)

8.7.0 (2026-04-14)

Features

• add SI, adapt, split point related proto (#2527) (f1650a8)
• spanner: include cache updates into the ResultSet response (#2519) (184684f)

Bug Fixes

• spanner: enable afe_connectivity_error_count metric (#7964) (4d59769)
• spanner: override gcp-metadata to resolve punycode deprecation](googleapis/google-cloud-node#7815) (16971e7)
• spanner: override gcp-metadata to resolve punycode deprecation](googleapis/google-cloud-node#7815) (01d1d9e)
• spanner: override gcp-metadata to resolve punycode deprecation](googleapis/google-cloud-node#7815) (c717550)
• spanner: resolve type conflicts between @​types/sinon and @​sinonjs/fake-timers (6d513f9)
• spanner: trigger release (4c82399)
• spanner: type conflict between @​sinonjs/fake-timers and @​types/sinonjs__fake-timers (2280f7a)

8.6.0 (2026-01-28)

Features

• Refactor and deprecate databaseRole and Session Labels SessionPoolOptions (#2511) (163534c)

Bug Fixes

• Ensure all data is consumed before emitting end event in PartialResultStream (#2516) (210ef50)

8.5.0 (2026-01-22)

Features

• Added OUTPUT_ONLY annotations to create_time and update_time in InternalRange to reflect existing service behavior (#2505) (1058683)

... (truncated)

Commits

• da2ee2d chore(main): release spanner 8.7.1 (#8202)
• 9fd76ef fix: bump all node submodules (#8178)
• 4c33205 fix(spanner): clear metrics tracers after operation completion (#8172)
• 0dd9a53 fix(spanner): disable metrics tracer when built-in metrics are disabled (#8170)
• 9e91cc8 fix(spanner): record fractional latency metrics (#8168)
• 8e31dd7 fix(spanner): getTransaction type with options, cb (#8045)
• 7062994 chore(test-release-please-spanner): release spanner 8.7.0 (#8054)
• ff633d5 chore(spanner): add support for new cloud client test framework in google-clo...
• ca7959c build: pin packages to sinon 21.0.3 for now to dodge a build error (#8053)
• 4ab95d8 fix(spanner): trigger release (#8041)
• Additional commits viewable in compare view

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.