build(deps): bump the npm_and_yarn group across 4 directories with 3 updates

[dependabot]

Bumps the npm_and_yarn group with 1 update in the /core/packages/gax/test/test-application directory: @grpc/grpc-js.
Bumps the npm_and_yarn group with 1 update in the /packages/google-cloud-automl/samples directory: mathjs.
Bumps the npm_and_yarn group with 1 update in the /packages/google-cloud-compute/samples directory: nodemailer.
Bumps the npm_and_yarn group with 1 update in the /packages/google-cloud-language/samples directory: mathjs.

Updates @grpc/grpc-js from 1.6.12 to 1.14.3

Release notes

Sourced from @​grpc/grpc-js's releases.

@​grpc/grpc-js 1.14.3

• Send halfClose immediately after messages to prevent late halfClose issues with Envoy (#3031 contributed by @​serkanerip)

@​grpc/grpc-js 1.14.2

• Fix server keep alive timeout not properly destroying connections (#3022 contributed by @​mattias-wiberg)

@​grpc/grpc-js 1.14.1

• Fix a regression of the settings used internally for HTTP/2 sessions (#3023)

@​grpc/grpc-js-xds 1.14.0

• Implement RBAC support (gRFC A41) (#2939, #2945)
• Add weighted_round_robin to LB policy registry (#3001) (currently experimental, enabled by the environment variable GRPC_EXPERIMENTAL_XDS_WRR_LB)
• Add wrr_locality to LB policy registry (#3003)

@​grpc/grpc-js 1.14.0

Changelog

• Add getAuthContext method to client and server call classes (more details can be found in gRFC L35) (#2920)
• Implement custom backend metrics support (gRFC A51) (#2978, #2983, #2985, #2986, #2999)
• Add getConnectionInfo method to the ServerInterceptingCall class (#2922)
• Implement the weighted_round_robin load balancing policy (#2998)
• Fix jitter behavior for client retries (#2960 contributed by @​ekscentrysytet)
• Start connecting from a random index in the round_robin LB policy (#2979)
• Send connection-level WINDOW_UPDATE at session start (#2971 contributed by @​KoenRijpstra)

Experimental API Changes

Added:

• CHANNEL_ARGS_CONFIG_SELECTOR_KEY
• StatusOr<T>
• CallStream
• statusOrFromValue
• statusOrFromError

Modified:

• ResolverListener#onSuccessfulResolution now has the signature (endpointList: StatusOr<Endpoint[]>, attributes: { [key: string]: unknown }, serviceConfig: StatusOr<ServiceConfig> | null, resolutionNote: string): boolean
• LoadBalancer#updateAddressList now has the signature `updateAddressList(endpointList: StatusOr<Endpoint[]>,lbConfig: TypedLoadBalancingConfig, channelOptions: ChannelOptions, resolutionNote: string): boolean

@​grpc/grpc-js 1.13.4

• Fix ability to set SNI with ssl_target_name_override option (#2956)

@​grpc/grpc-js 1.13.3

• Disable Nagle's algorithm (#2936)
• Avoid calling http2.getDefaultSettings (#2937)

@​grpc/grpc-js 1.13.2

• Fix a bug that caused clients to be unable to connect through local proxies (#2933)

... (truncated)

Commits

• ccd29b2 Merge pull request #3032 from murgatroid99/grpc-js_retry_half_close_1.14
• 9ea15ce grpc-js: Bump version to 1.14.3
• 4d387d4 Use nextMessageToSend for early half-close
• 88a083d remove halfCloseSent field
• f6895cb Send halfClose immediately after messages to prevent late halfClose issues wi...
• 37f2817 revert changes
• 4e26a27 half close right after write
• bf0dc8f Merge pull request #3029 from murgatroid99/grpc-js_keepalive_fix_backport
• 235474e grpc-js: Bump to 1.14.2
• 2f090c6 grpc-js: Fix server keep alive timeout not properly destroying connections
• Additional commits viewable in compare view

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.

Updates mathjs from 14.9.1 to 15.2.0

Changelog

Sourced from mathjs's changelog.

2026-04-07, 15.2.0

• Feat: Add amp-hour charge unit Ah (#3617). Thanks @​adrfantini.
• Feat: #3595 implement num and den functions returning the parts of a fraction (#3605). Thanks @​AnslemHack.
• Fix: Provide TypeScript types for [and/or]TransformDependencies (#3639). Thanks @​NilsDietrich.
• Fix: two security vulnerabilities that allowed executing arbitrary JavaScript via the expression parser. Thanks @​CykuTW for finding and reporting them.

2026-02-10, 15.1.1

• Fix: #3631 Handle bigints in compareNatural (#3632). Thanks @​Dheemanth07.
• Fix: #3578 interpret empty true-expr of conditional as error (#3581). Thanks @​gwhitney.
• Fix: #3597 added nullish type definitions (#3601). Thanks @​Ayo1984.
• Docs: Correct several arithmetic and relational documentation examples and add History (#3630). Thanks @​Anadian.
• Docs: fix #3565, update Matrix documentation (#3591). Thanks @​orelbn.
• Docs: #3341 add per-function HISTORY sections (#3606). Thanks @​gwhitney.
• Docs: describe that setDistinct sorts the elements (see #3602).

2025-11-05, 15.1.0

• Feat: implement functions isFinite and isBounded (#3554, #3553). Thanks @​gwhitney.
• Feat: add function bernoulli to calculate Bernoulli numbers (#3551). Thanks @​gwhitney.
• Feat: support for optional chaining object?.key (#3547). Thanks @​NilsDietrich.
• Fix: #3580, #3586, #3587 issues with the optional chaining operator: disallow double dot ?.., allow optional function calls, throw errors on invalid uses of ?. (#3585). Thanks @​AnslemHack.
• Fix: #3579 conditional parsed as optional chaining (#3584).
• Fix: #3564 Avoid error throws when mapping/filtering empty arrays/matrices. (#3567). Thanks @​richardt-cla.
• Fix: #3574 respect tolerances in function isInteger (#3575). Thanks @​gwhitney.
• Fix: #3562 serializing units missing an internal property (#3572).

2025-10-10, 15.0.0

!!! BE CAREFUL: BREAKING CHANGES !!!

• Feat: #3349 Decouple precedence of unary percentage operator and binary modulus operator (that both use symbol %), and raise the former (#3432). Thanks @​kiprobinsonknack.
• Feat: #1753 enhance Kronecker product to handle arbitrary dimension (#3461, #3455). Thanks @​gwhitney and @​Delaney.
• Feat: #2344 matrix subset according to the type of input (#3485).

... (truncated)

Commits

• fee4561 chore: publish v15.2.0
• 139dcab chore: update history
• 0aee2f6 fix: two security vulnerabilities allowing execution of arbitrary JavaScript ...
• f7c10b1 feat: Fraction numerator and denominator helper functions (#3605)
• 2066220 feat: Add Ah charge unit (#3617)
• 685da0f chore: Add andTransformDependencies and orTransformDependencies to index.d.ts...
• 8fe12e5 docs: update links to TestMu AI
• e50b18b chore: fix linting issues
• e910b54 chore: publish v15.1.1
• ed10f50 chore: run npm audit fix
• Additional commits viewable in compare view

Updates nodemailer from 7.0.13 to 8.0.5

Release notes

Sourced from nodemailer's releases.

v8.0.5

8.0.5 (2026-04-07)

Bug Fixes

• decode SMTP server responses as UTF-8 at line boundary (95876b1)
• sanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (0a43876)

v8.0.4

8.0.4 (2026-03-25)

Bug Fixes

• sanitize envelope size to prevent SMTP command injection (2d7b971)

v8.0.3

8.0.3 (2026-03-18)

Bug Fixes

• clean up addressparser and fix group name fallback producing undefined (9d55877)
• fix cookie bugs, remove dead code, and improve hot-path efficiency (e8c8b92)
• refactor smtp-connection for clarity and add Node.js 6 syntax compat test (c5b48ea)
• remove familySupportCache that broke DNS resolution tests (c803d90)

v8.0.2

8.0.2 (2026-03-09)

Bug Fixes

• merge fragmented display names with unquoted commas in addressparser (fe27f7f)

v8.0.1

8.0.1 (2026-02-07)

Bug Fixes

• absorb TLS errors during socket teardown (7f8dde4)
• absorb TLS errors during socket teardown (381f628)
• Add Gmail Workspace service configuration (#1787) (dc97ede)

v8.0.0

8.0.0 (2026-02-04)

... (truncated)

Changelog

Sourced from nodemailer's changelog.

8.0.5 (2026-04-07)

Bug Fixes

• decode SMTP server responses as UTF-8 at line boundary (95876b1)
• sanitize CRLF in transport name option to prevent SMTP command injection (GHSA-vvjj-xcjg-gr5g) (0a43876)

8.0.4 (2026-03-25)

Bug Fixes

• sanitize envelope size to prevent SMTP command injection (2d7b971)

8.0.3 (2026-03-18)

Bug Fixes

• clean up addressparser and fix group name fallback producing undefined (9d55877)
• fix cookie bugs, remove dead code, and improve hot-path efficiency (e8c8b92)
• refactor smtp-connection for clarity and add Node.js 6 syntax compat test (c5b48ea)
• remove familySupportCache that broke DNS resolution tests (c803d90)

8.0.2 (2026-03-09)

Bug Fixes

• merge fragmented display names with unquoted commas in addressparser (fe27f7f)

8.0.1 (2026-02-07)

Bug Fixes

• absorb TLS errors during socket teardown (7f8dde4)
• absorb TLS errors during socket teardown (381f628)
• Add Gmail Workspace service configuration (#1787) (dc97ede)

8.0.0 (2026-02-04)

⚠ BREAKING CHANGES

• Error code 'NoAuth' renamed to 'ENOAUTH'

Bug Fixes

... (truncated)

Commits

• 202cfb3 chore(master): release 8.0.5 (#1809)
• b634abf docs: add CLAUDE.md with project conventions and release process
• 95876b1 fix: decode SMTP server responses as UTF-8 at line boundary
• 0a43876 fix: sanitize CRLF in transport name option to prevent SMTP command injection...
• 08e59e6 chore: update dev dependencies
• 2d31975 chore(master): release 8.0.4 (#1806)
• 2d7b971 fix: sanitize envelope size to prevent SMTP command injection
• 4e702e9 chore(master): release 8.0.3 (#1804)
• c803d90 fix: remove familySupportCache that broke DNS resolution tests
• e8c8b92 fix: fix cookie bugs, remove dead code, and improve hot-path efficiency
• Additional commits viewable in compare view

Updates mathjs from 14.9.1 to 15.2.0

Changelog

Sourced from mathjs's changelog.

2026-04-07, 15.2.0

• Feat: Add amp-hour charge unit Ah (#3617). Thanks @​adrfantini.
• Feat: #3595 implement num and den functions returning the parts of a fraction (#3605). Thanks @​AnslemHack.
• Fix: Provide TypeScript types for [and/or]TransformDependencies (#3639). Thanks @​NilsDietrich.
• Fix: two security vulnerabilities that allowed executing arbitrary JavaScript via the expression parser. Thanks @​CykuTW for finding and reporting them.

2026-02-10, 15.1.1

• Fix: #3631 Handle bigints in compareNatural (#3632). Thanks @​Dheemanth07.
• Fix: #3578 interpret empty true-expr of conditional as error (#3581). Thanks @​gwhitney.
• Fix: #3597 added nullish type definitions (#3601). Thanks @​Ayo1984.
• Docs: Correct several arithmetic and relational documentation examples and add History (#3630). Thanks @​Anadian.
• Docs: fix #3565, update Matrix documentation (#3591). Thanks @​orelbn.
• Docs: #3341 add per-function HISTORY sections (#3606). Thanks @​gwhitney.
• Docs: describe that setDistinct sorts the elements (see #3602).

2025-11-05, 15.1.0

• Feat: implement functions isFinite and isBounded (#3554, #3553). Thanks @​gwhitney.
• Feat: add function bernoulli to calculate Bernoulli numbers (#3551). Thanks @​gwhitney.
• Feat: support for optional chaining object?.key (#3547). Thanks @​NilsDietrich.
• Fix: #3580, #3586, #3587 issues with the optional chaining operator: disallow double dot ?.., allow optional function calls, throw errors on invalid uses of ?. (#3585). Thanks @​AnslemHack.
• Fix: #3579 conditional parsed as optional chaining (#3584).
• Fix: #3564 Avoid error throws when mapping/filtering empty arrays/matrices. (#3567). Thanks @​richardt-cla.
• Fix: #3574 respect tolerances in function isInteger (#3575). Thanks @​gwhitney.
• Fix: #3562 serializing units missing an internal property (#3572).

2025-10-10, 15.0.0

!!! BE CAREFUL: BREAKING CHANGES !!!

• Feat: #3349 Decouple precedence of unary percentage operator and binary modulus operator (that both use symbol %), and raise the former (#3432). Thanks @​kiprobinsonknack.
• Feat: #1753 enhance Kronecker product to handle arbitrary dimension (#3461, #3455). Thanks @​gwhitney and @​Delaney.
• Feat: #2344 matrix subset according to the type of input (#3485).

... (truncated)

Commits

• fee4561 chore: publish v15.2.0
• 139dcab chore: update history
• 0aee2f6 fix: two security vulnerabilities allowing execution of arbitrary JavaScript ...
• f7c10b1 feat: Fraction numerator and denominator helper functions (#3605)
• 2066220 feat: Add Ah charge unit (#3617)
• 685da0f chore: Add andTransformDependencies and orTransformDependencies to index.d.ts...
• 8fe12e5 docs: update links to TestMu AI
• e50b18b chore: fix linting issues
• e910b54 chore: publish v15.1.1
• ed10f50 chore: run npm audit fix
• Additional commits viewable in compare view

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.