build(deps): bump the npm_and_yarn group across 2 directories with 2 updates

[dependabot]

Bumps the npm_and_yarn group with 1 update in the /core/generator/gapic-generator-typescript directory: ajv.
Bumps the npm_and_yarn group with 1 update in the /core/packages/gax/test/test-application directory: @grpc/grpc-js.

Updates ajv from 6.12.6 to 6.14.0

Commits

• e3af0a7 6.14.0
• b552ed6 add regExp option to address $data exploit via a regular expression (CVE-2025...
• 72f2286 docs: update v7 info
• 231e52b Merge pull request #1320 from philsturgeon/patch-1
• d3475fc Add spectral, an AJV util from a sponsor
• 413afe0 docs: v7.0.0-beta.3
• 11e997b update readme for v7
• See full diff in compare view

Updates @grpc/grpc-js from 1.6.12 to 1.14.3

Release notes

Sourced from @​grpc/grpc-js's releases.

@​grpc/grpc-js 1.14.3

• Send halfClose immediately after messages to prevent late halfClose issues with Envoy (#3031 contributed by @​serkanerip)

@​grpc/grpc-js 1.14.2

• Fix server keep alive timeout not properly destroying connections (#3022 contributed by @​mattias-wiberg)

@​grpc/grpc-js 1.14.1

• Fix a regression of the settings used internally for HTTP/2 sessions (#3023)

@​grpc/grpc-js-xds 1.14.0

• Implement RBAC support (gRFC A41) (#2939, #2945)
• Add weighted_round_robin to LB policy registry (#3001) (currently experimental, enabled by the environment variable GRPC_EXPERIMENTAL_XDS_WRR_LB)
• Add wrr_locality to LB policy registry (#3003)

@​grpc/grpc-js 1.14.0

Changelog

• Add getAuthContext method to client and server call classes (more details can be found in gRFC L35) (#2920)
• Implement custom backend metrics support (gRFC A51) (#2978, #2983, #2985, #2986, #2999)
• Add getConnectionInfo method to the ServerInterceptingCall class (#2922)
• Implement the weighted_round_robin load balancing policy (#2998)
• Fix jitter behavior for client retries (#2960 contributed by @​ekscentrysytet)
• Start connecting from a random index in the round_robin LB policy (#2979)
• Send connection-level WINDOW_UPDATE at session start (#2971 contributed by @​KoenRijpstra)

Experimental API Changes

Added:

• CHANNEL_ARGS_CONFIG_SELECTOR_KEY
• StatusOr<T>
• CallStream
• statusOrFromValue
• statusOrFromError

Modified:

• ResolverListener#onSuccessfulResolution now has the signature (endpointList: StatusOr<Endpoint[]>, attributes: { [key: string]: unknown }, serviceConfig: StatusOr<ServiceConfig> | null, resolutionNote: string): boolean
• LoadBalancer#updateAddressList now has the signature `updateAddressList(endpointList: StatusOr<Endpoint[]>,lbConfig: TypedLoadBalancingConfig, channelOptions: ChannelOptions, resolutionNote: string): boolean

@​grpc/grpc-js 1.13.4

• Fix ability to set SNI with ssl_target_name_override option (#2956)

@​grpc/grpc-js 1.13.3

• Disable Nagle's algorithm (#2936)
• Avoid calling http2.getDefaultSettings (#2937)

@​grpc/grpc-js 1.13.2

• Fix a bug that caused clients to be unable to connect through local proxies (#2933)

... (truncated)

Commits

• ccd29b2 Merge pull request #3032 from murgatroid99/grpc-js_retry_half_close_1.14
• 9ea15ce grpc-js: Bump version to 1.14.3
• 4d387d4 Use nextMessageToSend for early half-close
• 88a083d remove halfCloseSent field
• f6895cb Send halfClose immediately after messages to prevent late halfClose issues wi...
• 37f2817 revert changes
• 4e26a27 half close right after write
• bf0dc8f Merge pull request #3029 from murgatroid99/grpc-js_keepalive_fix_backport
• 235474e grpc-js: Bump to 1.14.2
• 2f090c6 grpc-js: Fix server keep alive timeout not properly destroying connections
• Additional commits viewable in compare view

Install script changes

This version modifies prepare script that runs during installation. Review the package contents before updating.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.