From bd30dfd26e5f6057f109b68011fb80af29c40d5e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 21 Jun 2026 10:24:07 +0000
Subject: [PATCH] Bump nodemailer in
 /Node-1st-gen/quickstarts/email-users/functions

Bumps [nodemailer](https://github.com/nodemailer/nodemailer) from 8.0.5 to 9.0.1.
- [Release notes](https://github.com/nodemailer/nodemailer/releases)
- [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodemailer/nodemailer/compare/v8.0.5...v9.0.1)

---
updated-dependencies:
- dependency-name: nodemailer
  dependency-version: 9.0.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .../quickstarts/email-users/functions/package.json  |  2 +-
 .../email-users/functions/pnpm-lock.yaml            | 13 +++++++------
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/Node-1st-gen/quickstarts/email-users/functions/package.json b/Node-1st-gen/quickstarts/email-users/functions/package.json
index ad4056fa1..45830fdcf 100644
--- a/Node-1st-gen/quickstarts/email-users/functions/package.json
+++ b/Node-1st-gen/quickstarts/email-users/functions/package.json
@@ -5,7 +5,7 @@
     "eslint-plugin-promise": "^7.2.1",
     "firebase-admin": "^13.9.0",
     "firebase-functions": "7.2.5",
-    "nodemailer": "^8.0.5"
+    "nodemailer": "^9.0.1"
   },
   "devDependencies": {
     "eslint": "^8.57.1"
diff --git a/Node-1st-gen/quickstarts/email-users/functions/pnpm-lock.yaml b/Node-1st-gen/quickstarts/email-users/functions/pnpm-lock.yaml
index df57e12a3..a6cd5dec5 100644
--- a/Node-1st-gen/quickstarts/email-users/functions/pnpm-lock.yaml
+++ b/Node-1st-gen/quickstarts/email-users/functions/pnpm-lock.yaml
@@ -18,8 +18,8 @@ importers:
         specifier: 7.2.5
         version: 7.2.5(firebase-admin@13.9.0)
       nodemailer:
-        specifier: ^8.0.5
-        version: 8.0.5
+        specifier: ^9.0.1
+        version: 9.0.1
     devDependencies:
       eslint:
         specifier: ^8.57.1
@@ -242,6 +242,7 @@ packages:
 
   '@ungap/structured-clone@1.3.0':
     resolution: {integrity: sha512-WmoN8qaIAo7WTYWbAZuG8PYEhn5fkz7dZrqTBZ7dtt//lL2Gwms1IcnQ5yHqjDfX8Ft5j4YzDM23f87zBfDe9g==}
+    deprecated: Potential CWE-502 - Update to 1.3.1 or higher
 
   abort-controller@3.0.0:
     resolution: {integrity: sha512-h8lQ8tacZYnR3vNQTgibj+tODHI5/+l06Au2Pcriv/Gmet0eaj4TwWH41sO9wnHDiQsEj19q0drzdWdeAHtweg==}
@@ -660,7 +661,7 @@ packages:
 
   glob@7.2.3:
     resolution: {integrity: sha512-nFR0zLpU2YCaRxwoCJvL6UvCH2JFyFVIvwTLsIf21AuHlMskA1hhTdk+LlYJtOlYt9v6dvszD2BGRqBL+iQK9Q==}
-    deprecated: Glob versions prior to v9 are no longer supported
+    deprecated: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me
 
   globals@13.24.0:
     resolution: {integrity: sha512-AhO5QUcj8llrbG09iWhPU2B204J1xnPeL8kQmVorSsy+Sjj1sk8gIyh6cUocGmH4L0UuhAJy+hJMRA4mgA4mFQ==}
@@ -943,8 +944,8 @@ packages:
     resolution: {integrity: sha512-LarFH0+6VfriEhqMMcLX2F7SwSXeWwnEAJEsYm5QKWchiVYVvJyV9v7UDvUv+w5HO23ZpQTXDv/GxdDdMyOuoQ==}
     engines: {node: '>= 6.13.0'}
 
-  nodemailer@8.0.5:
-    resolution: {integrity: sha512-0PF8Yb1yZuQfQbq+5/pZJrtF6WQcjTd5/S4JOHs9PGFxuTqoB/icwuB44pOdURHJbRKX1PPoJZtY7R4VUoCC8w==}
+  nodemailer@9.0.1:
+    resolution: {integrity: sha512-Gwv8SQewT616ZM/URn0H54b8PWo/Wum7md3EW2aWy1lO27+WZCX+Xyak3J+NlmHUjDh5ME+uesJUDRbR3Ye8Bw==}
     engines: {node: '>=6.0.0'}
 
   object-assign@4.1.1:
@@ -2383,7 +2384,7 @@ snapshots:
 
   node-forge@1.4.0: {}
 
-  nodemailer@8.0.5: {}
+  nodemailer@9.0.1: {}
 
   object-assign@4.1.1: {}