Merge master into release

Author: google-oss-bot

.changeset/dry-cats-lick.md

@@ -0,0 +1,5 @@
+---
+'@firebase/auth': patch
+---
+
+Increase the popup poller timeout to 8s to support blocking functions + Firefox

.changeset/grumpy-bees-shake.md

@@ -0,0 +1,5 @@
+---
+"@firebase/firestore": patch
+---
+
+Fixed stack overflow caused by deeply nested server timestamps.

.changeset/olive-cycles-count.md

@@ -0,0 +1,6 @@
+---
+'firebase': minor
+'@firebase/firestore': minor
+---
+
+Introduces a new LRU garbage document collector for memory cache.

.changeset/olive-goats-greet.md

@@ -0,0 +1,5 @@
+---
+"@firebase/firestore": patch
+---
+
+Simplified the internal handling of aggregation results.

.changeset/silent-islands-fix.md

@@ -0,0 +1,6 @@
+---
+'@firebase/analytics': minor
+'firebase': minor
+---
+
+Add method `getGoogleAnalyticsClientId()` to retrieve an unique identifier for a web client. This allows users to log purchase and other events from their backends using Google Analytics 4 Measurement Protocol and to have those events be connected to actions taken on the client within their Firebase web app. `getGoogleAnalyticsClientId()` will simplify this event recording process.

.changeset/strong-ghosts-compare.md

@@ -0,0 +1,5 @@
+---
+'@firebase/webchannel-wrapper': patch
+---
+
+Make webchannel-wrapper exports Node-ESM-friendly.

.changeset/swift-eels-change.md

@@ -0,0 +1,7 @@
+---
+'@firebase/webchannel-wrapper': minor
+'@firebase/firestore': minor
+'firebase': minor
+---
+
+Implemented an optimization in the local cache synchronization logic that reduces the number of billed document reads when documents were deleted on the server while the client was not actively listening to the query (e.g. while the client was offline).

.changeset/wicked-tomatoes-smoke.md

@@ -0,0 +1,6 @@
+---
+"@firebase/app-check": minor
+"firebase": minor
+---
+
+Add new limited use token method to App Check

.github/CODEOWNERS

@@ -7,38 +7,13 @@
 #
 #######################################################################################################
 
-# ===========================================================
-#  @firebase/jssdk-global-approvers
-# ===========================================================
-#  Used for approving minor changes, large-scale refactorings, and emergency situations.
-#  (secret team to avoid review requests)
-#
-#   - @lahirumaramba
-#   - @hsubox76
-#   - @allspain
-#   - @dwyfrequency
-
-
-# ===========================================================
-#  @firebase/firestore-js-team
-# ===========================================================
-#  Used for approving firestore changes.
-#  (secret team to avoid review requests)
-#
-# - @schmidt-sebastian
-# - @thebrianchen
-# - @wu-hui
-# - @ehsannas
-# - @dconeybe
-
-
 # These owners will be the default owners for everything in the repo.
 *       @dwyfrequency @hsubox76 @firebase/jssdk-global-approvers
 
 # Database Code
-packages/database @maneesht @jsdt @IanWyszynski @firebase/jssdk-global-approvers
-packages/database-compat @maneesht @jsdt @IanWyszynski @firebase/jssdk-global-approvers
-packages/database-types @maneesht @jsdt @IanWyszynski @firebase/jssdk-global-approvers
+packages/database @maneesht @jsdt @jmwski @firebase/jssdk-global-approvers
+packages/database-compat @maneesht @jsdt @jmwski @firebase/jssdk-global-approvers
+packages/database-types @maneesht @jsdt @jmwski @firebase/jssdk-global-approvers
 
 # Firestore Code
 packages/firestore  @firebase/firestore-js-team @firebase/jssdk-global-approvers

.github/workflows/release-staging.yml

@@ -134,7 +134,9 @@ jobs:
         https://api.github.com/repos/firebase/firebase-js-sdk/dispatches
     - name: Check for changes requiring a reference doc publish
       id: docs-check
-      run: git diff --exit-code origin/master HEAD docs-devsite
+      run: |
+        LAST_PUBLISHED_VERSION=$(npm info firebase version)
+        git diff --exit-code firebase@$LAST_PUBLISHED_VERSION HEAD docs-devsite
     - name: No diff, docs not needed
       if: ${{ success() }}
       run: echo "DOCS_NEEDED=false" >> $GITHUB_STATE

.github/workflows/test-all.yml

@@ -16,9 +16,13 @@ jobs:
     steps:
     # install Chrome first, so the correct version of webdriver can be installed by chromedriver when setting up the repo
     - name: install Chrome stable
+      # Install Chrome version 110.0.5481.177-1 as some Auth tests start to fail on version 111.
+      # Temporary: Auth team will explore what's going wrong with the auth tests.
       run: |
         sudo apt-get update
-        sudo apt-get install google-chrome-stable
+        sudo apt-get install wget
+        sudo wget http://dl.google.com/linux/chrome/deb/pool/main/g/google-chrome-stable/google-chrome-stable_110.0.5481.177-1_amd64.deb
+        sudo apt-get install -f ./google-chrome-stable_110.0.5481.177-1_amd64.deb --allow-downgrades
     - uses: actions/checkout@v3
     - name: Set up Node (16)
       uses: actions/setup-node@v3

.github/workflows/test-changed-auth.yml

@@ -15,7 +15,7 @@ jobs:
       # install Chrome first, so the correct version of webdriver can be installed by chromedriver when setting up the repo
       - name: install Chrome stable
         # Install Chrome version 110.0.5481.177-1 as test starts to fail on version 111.
-        # We will retry to use the latest, once version 112 becomes stable.
+        # Temporary: Auth team will explore what's going wrong with the auth tests.
         run: |
           sudo apt-get update
           sudo apt-get install wget

README.md

@@ -29,7 +29,7 @@ Please see [Environment Support](https://firebase.google.com/support/guides/envi
 #### Node.js
 
 Before you can start working on the Firebase JS SDK, you need to have Node.js
-installed on your machine. The currently supported versions are `10.15.0` or greater.
+installed on your machine. The currently supported versions are `10.15.0` through `16.6.0`.
 
 To download Node.js visit https://nodejs.org/en/download/.
 
@@ -43,9 +43,14 @@ In addition to Node.js we use `yarn` to facilitate multi package development.
 To install `yarn` follow the instructions listed on their website:
 https://yarnpkg.com/en/docs/install
 
+This repo currently supports building with yarn `1.x`. For instance, after installating yarn, run
+```bash
+$ yarn set version 1.22.11`
+```
+
 #### Java
 
-The closure compiler requires a modern Java installation. Java 8+ should be installed: http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html
+The closure compiler requires a modern Java installation. Java 11+ should be installed: http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html
 
 #### Verify Prerequisites
 
@@ -57,8 +62,8 @@ $ yarn -v
 $ java -version
 ```
 
-Your Node.js version should be `10.15.0` or greater, your `yarn` version should
-be `1.0.0` or greater, and your `java` version should be `1.8.0` or greater.
+Your `node` version should be between `10.15.0` and `16.6.0`, your `yarn` version should
+be between `1.0.0` and `1.22.11`, and your `java` version should be `11.0` or greater.
 
 _NOTE: We will update the documentation as new versions are required, however
 for continuing development on the SDK, staying up to date on the stable versions
@@ -109,7 +114,7 @@ will be overwritten below.
 
 Visit the "Realtime Database" section of the console and create a realtime
 database. When prompted to select the set of initial security rules, select
-any option (e.g. "Start in Production Mode") since these permission settings
+any option (e.g. "Start in Locked Mode") since these permission settings
 will be overwritten below.
 
 #### Storage Setup
@@ -127,8 +132,10 @@ order to run the tests, you will need to update your bucket's CORS rules.
     }
 ]
 ```
-2. Install `gsutil` from https://cloud.google.com/storage/docs/gsutil_install
-3. Run `gsutil cors set cors.json gs://<your-cloud-storage-bucket>`
+1. Install `gsutil` from https://cloud.google.com/storage/docs/gsutil_install
+1. You will need to login if this is your first time using `gsutil`. Run `gcloud auth login`
+and follow the instructions to login.
+1. Run `gsutil cors set cors.json gs://<your-cloud-storage-bucket>`
 
 For more information, visit https://firebase.google.com/docs/storage/web/download-files#cors_configuration
 

common/api-review/analytics.api.md

@@ -133,6 +133,9 @@ export interface EventParams {
 // @public
 export function getAnalytics(app?: FirebaseApp): Analytics;
 
+// @public
+export function getGoogleAnalyticsClientId(analyticsInstance: Analytics): Promise<string>;
+
 // @public
 export interface GtagConfigParams {
     // (undocumented)

common/api-review/app-check.api.md

@@ -60,6 +60,9 @@ export interface CustomProviderOptions {
     getToken: () => Promise<AppCheckToken>;
 }
 
+// @public
+export function getLimitedUseToken(appCheckInstance: AppCheck): Promise<AppCheckTokenResult>;
+
 // @public
 export function getToken(appCheckInstance: AppCheck, forceRefresh?: boolean): Promise<AppCheckTokenResult>;
 

common/api-review/auth.api.md

@@ -20,7 +20,7 @@ export interface ActionCodeInfo {
         multiFactorInfo?: MultiFactorInfo | null;
         previousEmail?: string | null;
     };
-    operation: typeof ActionCodeOperation[keyof typeof ActionCodeOperation];
+    operation: (typeof ActionCodeOperation)[keyof typeof ActionCodeOperation];
 }
 
 // @public
@@ -456,21 +456,21 @@ export function multiFactor(user: User): MultiFactorUser;
 
 // @public
 export interface MultiFactorAssertion {
-    readonly factorId: typeof FactorId[keyof typeof FactorId];
+    readonly factorId: (typeof FactorId)[keyof typeof FactorId];
 }
 
 // @public
 export interface MultiFactorError extends AuthError {
     readonly customData: AuthError['customData'] & {
-        readonly operationType: typeof OperationType[keyof typeof OperationType];
+        readonly operationType: (typeof OperationType)[keyof typeof OperationType];
     };
 }
 
 // @public
 export interface MultiFactorInfo {
     readonly displayName?: string | null;
     readonly enrollmentTime: string;
-    readonly factorId: typeof FactorId[keyof typeof FactorId];
+    readonly factorId: (typeof FactorId)[keyof typeof FactorId];
     readonly uid: string;
 }
 
@@ -844,7 +844,7 @@ export interface User extends UserInfo {
 
 // @public
 export interface UserCredential {
-    operationType: typeof OperationType[keyof typeof OperationType];
+    operationType: (typeof OperationType)[keyof typeof OperationType];
     providerId: string | null;
     user: User;
 }

common/api-review/firestore.api.md

@@ -331,14 +331,42 @@ export interface LoadBundleTaskProgress {
 
 export { LogLevel }
 
+// @public
+export interface MemoryCacheSettings {
+    garbageCollector?: MemoryGarbageCollector;
+}
+
+// @public
+export interface MemoryEagerGarbageCollector {
+    // (undocumented)
+    kind: 'memoryEager';
+}
+
+// @public
+export function memoryEagerGarbageCollector(): MemoryEagerGarbageCollector;
+
+// @public
+export type MemoryGarbageCollector = MemoryEagerGarbageCollector | MemoryLruGarbageCollector;
+
 // @public
 export interface MemoryLocalCache {
     // (undocumented)
     kind: 'memory';
 }
 
 // @public
-export function memoryLocalCache(): MemoryLocalCache;
+export function memoryLocalCache(settings?: MemoryCacheSettings): MemoryLocalCache;
+
+// @public
+export interface MemoryLruGarbageCollector {
+    // (undocumented)
+    kind: 'memoryLru';
+}
+
+// @public
+export function memoryLruGarbageCollector(settings?: {
+    cacheSizeBytes?: number;
+}): MemoryLruGarbageCollector;
 
 // @public
 export function namedQuery(firestore: Firestore, name: string): Promise<Query | null>;

common/api-review/storage.api.md

@@ -304,7 +304,7 @@ export interface StorageReference {
 }
 
 // @public
-export type StringFormat = typeof StringFormat[keyof typeof StringFormat];
+export type StringFormat = (typeof StringFormat)[keyof typeof StringFormat];
 
 // @public
 export const StringFormat: {
@@ -329,7 +329,7 @@ export const _TaskEvent: {
 export type TaskState = 'running' | 'paused' | 'success' | 'canceled' | 'error';
 
 // @internal
-export type _TaskState = typeof _TaskState[keyof typeof _TaskState];
+export type _TaskState = (typeof _TaskState)[keyof typeof _TaskState];
 
 // @internal
 export const _TaskState: {

config/functions/package.json

@@ -3,7 +3,7 @@
   "description": "Cloud Functions for Firebase",
   "dependencies": {
     "cors": "2.8.5",
-    "firebase-admin": "11.5.0",
+    "firebase-admin": "11.6.0",
     "firebase-functions": "3.24.1"
   },
   "private": true,

docs-devsite/analytics.md

@@ -20,6 +20,7 @@ Firebase Analytics
 |  [getAnalytics(app)](./analytics.md#getanalytics) | Returns an [Analytics](./analytics.analytics.md#analytics_interface) instance for the given app. |
 |  [initializeAnalytics(app, options)](./analytics.md#initializeanalytics) | Returns an [Analytics](./analytics.analytics.md#analytics_interface) instance for the given app. |
 |  <b>function(analyticsInstance...)</b> |
+|  [getGoogleAnalyticsClientId(analyticsInstance)](./analytics.md#getgoogleanalyticsclientid) | Retrieves a unique Google Analytics identifier for the web client. See [client\_id](https://developers.google.com/analytics/devguides/collection/ga4/reference/config#client_id)<!-- -->. |
 |  [logEvent(analyticsInstance, eventName, eventParams, options)](./analytics.md#logevent) | Sends a Google Analytics event with given <code>eventParams</code>. This method automatically associates this logged event with this Firebase web app instance on this device.<!-- -->List of recommended event parameters can be found in [the GA4 reference documentation](https://developers.google.com/gtagjs/reference/ga4-events)<!-- -->. |
 |  [logEvent(analyticsInstance, eventName, eventParams, options)](./analytics.md#logevent) | Sends a Google Analytics event with given <code>eventParams</code>. This method automatically associates this logged event with this Firebase web app instance on this device.<!-- -->List of recommended event parameters can be found in [the GA4 reference documentation](https://developers.google.com/gtagjs/reference/ga4-events)<!-- -->. |
 |  [logEvent(analyticsInstance, eventName, eventParams, options)](./analytics.md#logevent) | Sends a Google Analytics event with given <code>eventParams</code>. This method automatically associates this logged event with this Firebase web app instance on this device.<!-- -->See [Track Screenviews](https://firebase.google.com/docs/analytics/screenviews)<!-- -->. |
@@ -121,6 +122,26 @@ export declare function initializeAnalytics(app: FirebaseApp, options?: Analytic
 
 [Analytics](./analytics.analytics.md#analytics_interface)
 
+## getGoogleAnalyticsClientId()
+
+Retrieves a unique Google Analytics identifier for the web client. See [client\_id](https://developers.google.com/analytics/devguides/collection/ga4/reference/config#client_id)<!-- -->.
+
+<b>Signature:</b>
+
+```typescript
+export declare function getGoogleAnalyticsClientId(analyticsInstance: Analytics): Promise<string>;
+```
+
+### Parameters
+
+|  Parameter | Type | Description |
+|  --- | --- | --- |
+|  analyticsInstance | [Analytics](./analytics.analytics.md#analytics_interface) |  |
+
+<b>Returns:</b>
+
+Promise&lt;string&gt;
+
 ## logEvent()
 
 Sends a Google Analytics event with given `eventParams`<!-- -->. This method automatically associates this logged event with this Firebase web app instance on this device.

docs-devsite/app-check.md

@@ -19,6 +19,7 @@ Firebase App Check
 |  <b>function(app...)</b> |
 |  [initializeAppCheck(app, options)](./app-check.md#initializeappcheck) | Activate App Check for the given app. Can be called only once per app. |
 |  <b>function(appCheckInstance...)</b> |
+|  [getLimitedUseToken(appCheckInstance)](./app-check.md#getlimitedusetoken) | Requests a Firebase App Check token. This method should be used only if you need to authorize requests to a non-Firebase backend.<!-- -->Returns limited-use tokens that are intended for use with your non-Firebase backend endpoints that are protected with <a href="https://firebase.google.com/docs/app-check/custom-resource-backend#replay-protection"> Replay Protection</a>. This method does not affect the token generation behavior of the \#getAppCheckToken() method. |
 |  [getToken(appCheckInstance, forceRefresh)](./app-check.md#gettoken) | Get the current App Check token. Attaches to the most recent in-flight request if one is present. Returns null if no token is present and no token requests are in-flight. |
 |  [onTokenChanged(appCheckInstance, observer)](./app-check.md#ontokenchanged) | Registers a listener to changes in the token state. There can be more than one listener registered at the same time for one or more App Check instances. The listeners call back on the UI thread whenever the current token associated with this App Check instance changes. |
 |  [onTokenChanged(appCheckInstance, onNext, onError, onCompletion)](./app-check.md#ontokenchanged) | Registers a listener to changes in the token state. There can be more than one listener registered at the same time for one or more App Check instances. The listeners call back on the UI thread whenever the current token associated with this App Check instance changes. |
@@ -69,6 +70,30 @@ export declare function initializeAppCheck(app: FirebaseApp | undefined, options
 
 [AppCheck](./app-check.appcheck.md#appcheck_interface)
 
+## getLimitedUseToken()
+
+Requests a Firebase App Check token. This method should be used only if you need to authorize requests to a non-Firebase backend.
+
+Returns limited-use tokens that are intended for use with your non-Firebase backend endpoints that are protected with <a href="https://firebase.google.com/docs/app-check/custom-resource-backend#replay-protection"> Replay Protection</a>. This method does not affect the token generation behavior of the \#getAppCheckToken() method.
+
+<b>Signature:</b>
+
+```typescript
+export declare function getLimitedUseToken(appCheckInstance: AppCheck): Promise<AppCheckTokenResult>;
+```
+
+### Parameters
+
+|  Parameter | Type | Description |
+|  --- | --- | --- |
+|  appCheckInstance | [AppCheck](./app-check.appcheck.md#appcheck_interface) | The App Check service instance. |
+
+<b>Returns:</b>
+
+Promise&lt;[AppCheckTokenResult](./app-check.appchecktokenresult.md#appchecktokenresult_interface)<!-- -->&gt;
+
+The limited use token.
+
 ## getToken()
 
 Get the current App Check token. Attaches to the most recent in-flight request if one is present. Returns null if no token is present and no token requests are in-flight.