firebase-functions 4.4.1 → 4.6.0

package/lib/bin/firebase-functions.js

@@ -46,7 +46,7 @@ let server = undefined;
 const app = express();
 function handleQuitquitquit(req, res) {
     res.send("ok");
-    server.close(() => console.log("shutdown requested via /__/quitquitquit"));
+    server.close();
 }
 app.get("/__/quitquitquit", handleQuitquitquit);
 app.post("/__/quitquitquit", handleQuitquitquit);
@@ -58,6 +58,7 @@ if (process.env.FUNCTIONS_CONTROL_API === "true") {
             res.send(JSON.stringify((0, manifest_1.stackToWire)(stack)));
         }
         catch (e) {
+            console.error(e);
             res.status(400).send(`Failed to generate manifest from function source: ${e}`);
         }
     });

package/lib/common/change.d.ts

@@ -1,5 +1,5 @@
 /**
- * `ChangeJson` is the JSON format used to construct a Change object.
+ * `ChangeJson` is the JSON format used to construct a `Change` object.
  */
 export interface ChangeJson {
     /**
@@ -17,8 +17,8 @@ export interface ChangeJson {
     fieldMask?: string;
 }
 /**
- * The Functions interface for events that change state, such as
- * Realtime Database or Cloud Firestore `onWrite` and `onUpdate`.
+ * The Cloud Functions interface for events that change state, such as
+ * Realtime Database or Cloud Firestore `onWrite` and `onUpdate` events.
  *
  * For more information about the format used to construct `Change` objects, see
  * {@link ChangeJson} below.
@@ -28,12 +28,12 @@ export declare class Change<T> {
     before: T;
     after: T;
     /**
-     * Factory method for creating a Change from a `before` object and an `after`
+     * Factory method for creating a `Change` from a `before` object and an `after`
      * object.
      */
     static fromObjects<T>(before: T, after: T): Change<T>;
     /**
-     * Factory method for creating a Change from a JSON and an optional customizer
+     * Factory method for creating a `Change` from JSON and an optional customizer
      * function to be applied to both the `before` and the `after` fields.
      */
     static fromJSON<T>(json: ChangeJson, customizer?: (x: any) => T): Change<T>;

package/lib/common/change.js

@@ -46,8 +46,8 @@ function applyFieldMask(sparseBefore, after, fieldMask) {
 }
 exports.applyFieldMask = applyFieldMask;
 /**
- * The Functions interface for events that change state, such as
- * Realtime Database or Cloud Firestore `onWrite` and `onUpdate`.
+ * The Cloud Functions interface for events that change state, such as
+ * Realtime Database or Cloud Firestore `onWrite` and `onUpdate` events.
  *
  * For more information about the format used to construct `Change` objects, see
  * {@link ChangeJson} below.
@@ -55,14 +55,14 @@ exports.applyFieldMask = applyFieldMask;
  */
 class Change {
     /**
-     * Factory method for creating a Change from a `before` object and an `after`
+     * Factory method for creating a `Change` from a `before` object and an `after`
      * object.
      */
     static fromObjects(before, after) {
         return new Change(before, after);
     }
     /**
-     * Factory method for creating a Change from a JSON and an optional customizer
+     * Factory method for creating a `Change` from JSON and an optional customizer
      * function to be applied to both the `before` and the `after` fields.
      */
     static fromJSON(json, customizer = (x) => x) {

package/lib/common/providers/identity.d.ts

@@ -9,16 +9,17 @@ export { HttpsError };
  */
 export type AuthBlockingEventType = "beforeCreate" | "beforeSignIn";
 /**
- * The UserRecord passed to Cloud Functions is the same UserRecord that is returned by the Firebase Admin
- * SDK.
+ * The `UserRecord` passed to Cloud Functions is the same
+ * {@link https://firebase.google.com/docs/reference/admin/node/firebase-admin.auth.userrecord | UserRecord}
+ * that is returned by the Firebase Admin SDK.
  */
 export type UserRecord = auth.UserRecord;
 /**
- * UserInfo that is part of the UserRecord
+ * `UserInfo` that is part of the `UserRecord`.
  */
 export type UserInfo = auth.UserInfo;
 /**
- * Helper class to create the user metadata in a UserRecord object
+ * Helper class to create the user metadata in a `UserRecord` object.
  */
 export declare class UserRecordMetadata implements auth.UserMetadata {
     creationTime: string;
@@ -28,13 +29,13 @@ export declare class UserRecordMetadata implements auth.UserMetadata {
     toJSON(): AuthUserMetadata;
 }
 /**
- * Helper function that creates a UserRecord Class from data sent over the wire.
+ * Helper function that creates a `UserRecord` class from data sent over the wire.
  * @param wireData data sent over the wire
- * @returns an instance of UserRecord with correct toJSON functions
+ * @returns an instance of `UserRecord` with correct toJSON functions
  */
 export declare function userRecordConstructor(wireData: Record<string, unknown>): UserRecord;
 /**
- * User info that is part of the AuthUserRecord
+ * User info that is part of the `AuthUserRecord`.
  */
 export interface AuthUserInfo {
     /**
@@ -110,7 +111,7 @@ export interface AuthMultiFactorSettings {
     enrolledFactors: AuthMultiFactorInfo[];
 }
 /**
- * The UserRecord passed to auth blocking Cloud Functions from the identity platform.
+ * The `UserRecord` passed to auth blocking functions from the identity platform.
  */
 export interface AuthUserRecord {
     /**
@@ -182,6 +183,7 @@ export interface AdditionalUserInfo {
     profile?: any;
     username?: string;
     isNewUser: boolean;
+    recaptchaScore?: number;
 }
 /** The credential component of the auth event context */
 export interface Credential {
@@ -204,19 +206,24 @@ export interface AuthEventContext extends EventContext {
     additionalUserInfo?: AdditionalUserInfo;
     credential?: Credential;
 }
-/** Defines the auth event for v2 blocking events */
+/** Defines the auth event for 2nd gen blocking events */
 export interface AuthBlockingEvent extends AuthEventContext {
     data: AuthUserRecord;
 }
-/** The handler response type for beforeCreate blocking events */
+/**
+ * The reCAPTCHA action options.
+ */
+export type RecaptchaActionOptions = "ALLOW" | "BLOCK";
+/** The handler response type for `beforeCreate` blocking events */
 export interface BeforeCreateResponse {
     displayName?: string;
     disabled?: boolean;
     emailVerified?: boolean;
     photoURL?: string;
     customClaims?: object;
+    recaptchaActionOverride?: RecaptchaActionOptions;
 }
-/** The handler response type for beforeSignIn blocking events */
+/** The handler response type for `beforeSignIn` blocking events */
 export interface BeforeSignInResponse extends BeforeCreateResponse {
     sessionClaims?: object;
 }

package/lib/common/providers/identity.js

@@ -21,7 +21,7 @@
 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 // SOFTWARE.
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.wrapHandler = exports.getUpdateMask = exports.validateAuthResponse = exports.parseAuthEventContext = exports.parseAuthUserRecord = exports.parseMultiFactor = exports.parseDate = exports.parseProviderData = exports.parseMetadata = exports.isValidRequest = exports.userRecordConstructor = exports.UserRecordMetadata = exports.HttpsError = void 0;
+exports.wrapHandler = exports.getUpdateMask = exports.validateAuthResponse = exports.parseAuthEventContext = exports.generateResponsePayload = exports.parseAuthUserRecord = exports.parseMultiFactor = exports.parseDate = exports.parseProviderData = exports.parseMetadata = exports.isValidRequest = exports.userRecordConstructor = exports.UserRecordMetadata = exports.HttpsError = void 0;
 const auth = require("firebase-admin/auth");
 const logger = require("../../logger");
 const app_1 = require("../app");
@@ -51,7 +51,7 @@ const EVENT_MAPPING = {
     beforeSignIn: "providers/cloud.auth/eventTypes/user.beforeSignIn",
 };
 /**
- * Helper class to create the user metadata in a UserRecord object
+ * Helper class to create the user metadata in a `UserRecord` object.
  */
 class UserRecordMetadata {
     constructor(creationTime, lastSignInTime) {
@@ -68,9 +68,9 @@ class UserRecordMetadata {
 }
 exports.UserRecordMetadata = UserRecordMetadata;
 /**
- * Helper function that creates a UserRecord Class from data sent over the wire.
+ * Helper function that creates a `UserRecord` class from data sent over the wire.
  * @param wireData data sent over the wire
- * @returns an instance of UserRecord with correct toJSON functions
+ * @returns an instance of `UserRecord` with correct toJSON functions
  */
 function userRecordConstructor(wireData) {
     // Falsey values from the wire format proto get lost when converted to JSON, this adds them back.
@@ -122,7 +122,7 @@ function userRecordConstructor(wireData) {
 }
 exports.userRecordConstructor = userRecordConstructor;
 /**
- * Checks for a valid identity platform web request, otherwise throws an HttpsError
+ * Checks for a valid identity platform web request, otherwise throws an HttpsError.
  * @internal
  */
 function isValidRequest(req) {
@@ -156,15 +156,15 @@ function unsafeDecodeAuthBlockingToken(token) {
     return decoded;
 }
 /**
- * Helper function to parse the decoded metadata object into a UserMetaData object
+ * Helper function to parse the decoded metadata object into a `UserMetaData` object
  * @internal
  */
 function parseMetadata(metadata) {
     const creationTime = (metadata === null || metadata === void 0 ? void 0 : metadata.creation_time)
-        ? new Date(metadata.creation_time * 1000).toUTCString()
+        ? new Date(metadata.creation_time).toUTCString()
         : null;
     const lastSignInTime = (metadata === null || metadata === void 0 ? void 0 : metadata.last_sign_in_time)
-        ? new Date(metadata.last_sign_in_time * 1000).toUTCString()
+        ? new Date(metadata.last_sign_in_time).toUTCString()
         : null;
     return {
         creationTime,
@@ -173,7 +173,7 @@ function parseMetadata(metadata) {
 }
 exports.parseMetadata = parseMetadata;
 /**
- * Helper function to parse the decoded user info array into an AuthUserInfo array
+ * Helper function to parse the decoded user info array into an `AuthUserInfo` array.
  * @internal
  */
 function parseProviderData(providerData) {
@@ -192,7 +192,7 @@ function parseProviderData(providerData) {
 }
 exports.parseProviderData = parseProviderData;
 /**
- * Helper function to parse the date into a UTC string
+ * Helper function to parse the date into a UTC string.
  * @internal
  */
 function parseDate(tokensValidAfterTime) {
@@ -276,7 +276,7 @@ function parseAuthUserRecord(decodedJWTUserRecord) {
     };
 }
 exports.parseAuthUserRecord = parseAuthUserRecord;
-/** Helper to get the AdditionalUserInfo from the decoded jwt */
+/** Helper to get the `AdditionalUserInfo` from the decoded JWT */
 function parseAdditionalUserInfo(decodedJWT) {
     let profile;
     let username;
@@ -301,9 +301,33 @@ function parseAdditionalUserInfo(decodedJWT) {
         profile,
         username,
         isNewUser: decodedJWT.event_type === "beforeCreate" ? true : false,
+        recaptchaScore: decodedJWT.recaptcha_score,
     };
 }
-/** Helper to get the Credential from the decoded jwt */
+/**
+ * Helper to generate a response from the blocking function to the Firebase Auth backend.
+ * @internal
+ */
+function generateResponsePayload(authResponse) {
+    if (!authResponse) {
+        return {};
+    }
+    const { recaptchaActionOverride, ...formattedAuthResponse } = authResponse;
+    const result = {};
+    const updateMask = getUpdateMask(formattedAuthResponse);
+    if (updateMask.length !== 0) {
+        result.userRecord = {
+            ...formattedAuthResponse,
+            updateMask,
+        };
+    }
+    if (recaptchaActionOverride !== undefined) {
+        result.recaptchaActionOverride = recaptchaActionOverride;
+    }
+    return result;
+}
+exports.generateResponsePayload = generateResponsePayload;
+/** Helper to get the Credential from the decoded JWT */
 function parseAuthCredential(decodedJWT, time) {
     if (!decodedJWT.sign_in_attributes &&
         !decodedJWT.oauth_id_token &&
@@ -437,15 +461,7 @@ function wrapHandler(eventType, handler) {
                     })) || undefined;
             }
             validateAuthResponse(eventType, authResponse);
-            const updateMask = getUpdateMask(authResponse);
-            const result = updateMask.length === 0
-                ? {}
-                : {
-                    userRecord: {
-                        ...authResponse,
-                        updateMask,
-                    },
-                };
+            const result = generateResponsePayload(authResponse);
             res.status(200);
             res.setHeader("Content-Type", "application/json");
             res.send(JSON.stringify(result));

package/lib/common/providers/tasks.d.ts

@@ -53,17 +53,60 @@ export interface TaskContext {
      * The result of decoding and verifying an ODIC token.
      */
     auth?: AuthData;
+    /**
+     * The name of the queue.
+     * Populated via the `X-CloudTasks-QueueName` header.
+     */
+    queueName: string;
+    /**
+     * The "short" name of the task, or, if no name was specified at creation, a unique
+     * system-generated id.
+     * This is the "my-task-id" value in the complete task name, such as "task_name =
+     * projects/my-project-id/locations/my-location/queues/my-queue-id/tasks/my-task-id."
+     * Populated via the `X-CloudTasks-TaskName` header.
+     */
+    id: string;
+    /**
+     * The number of times this task has been retried.
+     * For the first attempt, this value is 0. This number includes attempts where the task failed
+     * due to 5XX error codes and never reached the execution phase.
+     * Populated via the `X-CloudTasks-TaskRetryCount` header.
+     */
+    retryCount: number;
+    /**
+     * The total number of times that the task has received a response from the handler.
+     * Since Cloud Tasks deletes the task once a successful response has been received, all
+     * previous handler responses were failures. This number does not include failures due to 5XX
+     * error codes.
+     * Populated via the `X-CloudTasks-TaskExecutionCount` header.
+     */
+    executionCount: number;
+    /**
+     * The schedule time of the task, as an RFC 3339 string in UTC time zone.
+     * Populated via the `X-CloudTasks-TaskETA` header, which uses seconds since January 1 1970.
+     */
+    scheduledTime: string;
+    /**
+     * The HTTP response code from the previous retry.
+     * Populated via the `X-CloudTasks-TaskPreviousResponse` header
+     */
+    previousResponse?: number;
+    /**
+     * The reason for retrying the task.
+     * Populated via the `X-CloudTasks-TaskRetryReason` header.
+     */
+    retryReason?: string;
+    /**
+     * Raw request headers.
+     */
+    headers?: Record<string, string>;
 }
 /**
- * The request used to call a Task Queue function.
+ * The request used to call a task queue function.
  */
-export interface Request<T = any> {
+export type Request<T = any> = TaskContext & {
     /**
      * The parameters used by a client when calling this function.
      */
     data: T;
-    /**
-     * The result of decoding and verifying an ODIC token.
-     */
-    auth?: AuthData;
-}
+};

package/lib/common/providers/tasks.js

@@ -33,7 +33,28 @@ function onDispatchHandler(handler) {
                 logger.error("Invalid request, unable to process.");
                 throw new https.HttpsError("invalid-argument", "Bad Request");
             }
-            const context = {};
+            const headers = {};
+            for (const [key, value] of Object.entries(req.headers)) {
+                if (!Array.isArray(value)) {
+                    headers[key] = value;
+                }
+            }
+            const context = {
+                queueName: req.header("X-CloudTasks-QueueName"),
+                id: req.header("X-CloudTasks-TaskName"),
+                retryCount: req.header("X-CloudTasks-TaskRetryCount")
+                    ? Number(req.header("X-CloudTasks-TaskRetryCount"))
+                    : undefined,
+                executionCount: req.header("X-CloudTasks-TaskExecutionCount")
+                    ? Number(req.header("X-CloudTasks-TaskExecutionCount"))
+                    : undefined,
+                scheduledTime: req.header("X-CloudTasks-TaskETA"),
+                previousResponse: req.header("X-CloudTasks-TaskPreviousResponse")
+                    ? Number(req.header("X-CloudTasks-TaskPreviousResponse"))
+                    : undefined,
+                retryReason: req.header("X-CloudTasks-TaskRetryReason"),
+                headers,
+            };
             if (!process.env.FUNCTIONS_EMULATOR) {
                 const authHeader = req.header("Authorization") || "";
                 const token = (_a = authHeader.match(/^Bearer (.*)$/)) === null || _a === void 0 ? void 0 : _a[1];

package/lib/v1/function-configuration.d.ts

@@ -177,7 +177,8 @@ export interface RuntimeOptions {
      *
      * @remarks
      * Set this to true to enable the App Check replay protection feature by consuming the App Check token on callable
-     * request. Tokens that are found to be already consumed will have request.app.alreadyConsumed property set true.
+     * request. Tokens that are found to be already consumed will have the `request.app.alreadyConsumed` property set
+     * to true.
      *
      *
      * Tokens are only considered to be consumed if it is sent to the App Check service by setting this option to true.
@@ -188,10 +189,10 @@ export interface RuntimeOptions {
      * performance and can potentially deplete your attestation providers' quotas faster. Use this feature only for
      * protecting low volume, security critical, or expensive operations.
      *
-     * This option does not affect the enforceAppCheck option. Setting the latter to true will cause the callable function
-     * to automatically respond with a 401 Unauthorized status code when request includes an invalid App Check token.
-     * When request includes valid but consumed App Check tokens, requests will not be automatically rejected. Instead,
-     * the request.app.alreadyConsumed property will be set to true and pass the execution to the handler code for making
+     * This option does not affect the `enforceAppCheck` option. Setting the latter to true will cause the callable function
+     * to automatically respond with a 401 Unauthorized status code when the request includes an invalid App Check token.
+     * When the request includes valid but consumed App Check tokens, requests will not be automatically rejected. Instead,
+     * the `request.app.alreadyConsumed` property will be set to true and pass the execution to the handler code for making
      * further decisions, such as requiring additional security checks or rejecting the request.
      */
     consumeAppCheckToken?: boolean;

package/lib/v2/core.d.ts

@@ -1,5 +1,5 @@
 /**
- * Core functionality of the Firebase Functions v2 SDK.
+ * Core functionality of the Cloud Functions for Firebase 2nd gen SDK.
  * @packageDocumentation
  */
 import { Change } from "../common/change";
@@ -7,8 +7,8 @@ import { ManifestEndpoint } from "../runtime/manifest";
 export { Change };
 export { ParamsOf } from "../common/params";
 /**
- * A CloudEventBase is the base of a cross-platform format for encoding a serverless event.
- * More information can be found in https://github.com/cloudevents/spec
+ * A `CloudEventBase` is the base of a cross-platform format for encoding a serverless event.
+ * For more information, see https://github.com/cloudevents/spec.
  * @typeParam T - The type of the event data.
  * @beta
  */
@@ -17,9 +17,9 @@ export interface CloudEvent<T> {
     readonly specversion: "1.0";
     /** A globally unique ID for this event. */
     id: string;
-    /** The resource which published this event. */
+    /** The resource that published this event. */
     source: string;
-    /** The resource, provided by source, that this event relates to */
+    /** The resource, provided by source, that this event relates to. */
     subject?: string;
     /** The type of event that this represents. */
     type: string;
@@ -41,10 +41,10 @@ export interface CloudFunction<EventType extends CloudEvent<unknown>> {
     /** @alpha */
     __endpoint: ManifestEndpoint;
     /**
-     * The callback passed to the CloudFunction constructor.
-     * Use run to test a CloudFunction
+     * The callback passed to the `CloudFunction` constructor.
+     * Use `run` to test a function.
      * @param event - The parsed event to handle.
-     * @returns Any return value. Google Cloud Functions awaits any promise
+     * @returns Any return value. Cloud Functions awaits any promise
      *          before shutting down your function. Resolved return values
      *          are only used for unit testing purposes.
      * @beta

package/lib/v2/core.js

@@ -23,7 +23,7 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.Change = void 0;
 /**
- * Core functionality of the Firebase Functions v2 SDK.
+ * Core functionality of the Cloud Functions for Firebase 2nd gen SDK.
  * @packageDocumentation
  */
 const change_1 = require("../common/change");

package/lib/v2/index.d.ts

@@ -1,8 +1,8 @@
 /**
- * The V2 API for Cloud Functions for Firebase.
- * This SDK also supports deep imports. For example, the namespace
- * 'pubsub' is available at 'firebase-functions/v2' or is directly importable
- * from 'firebase-functions/v2/pubsub'.
+ * The 2nd gen API for Cloud Functions for Firebase.
+ * This SDK supports deep imports. For example, the namespace
+ * `pubsub` is available at `firebase-functions/v2` or is directly importable
+ * from `firebase-functions/v2/pubsub`.
  * @packageDocumentation
  */
 import * as logger from "../logger";

package/lib/v2/index.js

@@ -23,10 +23,10 @@
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.params = exports.Change = exports.setGlobalOptions = exports.firestore = exports.testLab = exports.remoteConfig = exports.scheduler = exports.eventarc = exports.tasks = exports.logger = exports.pubsub = exports.identity = exports.https = exports.storage = exports.database = exports.alerts = void 0;
 /**
- * The V2 API for Cloud Functions for Firebase.
- * This SDK also supports deep imports. For example, the namespace
- * 'pubsub' is available at 'firebase-functions/v2' or is directly importable
- * from 'firebase-functions/v2/pubsub'.
+ * The 2nd gen API for Cloud Functions for Firebase.
+ * This SDK supports deep imports. For example, the namespace
+ * `pubsub` is available at `firebase-functions/v2` or is directly importable
+ * from `firebase-functions/v2/pubsub`.
  * @packageDocumentation
  */
 const logger = require("../logger");

package/lib/v2/options.d.ts

@@ -3,7 +3,7 @@ import { Expression } from "../params";
 import { ParamSpec, SecretParam } from "../params/types";
 export { RESET_VALUE } from "../common/options";
 /**
- * List of all regions supported by Cloud Functions v2
+ * List of all regions supported by Cloud Functions (2nd gen).
  */
 export type SupportedRegion = "asia-east1" | "asia-northeast1" | "asia-northeast2" | "europe-north1" | "europe-west1" | "europe-west4" | "us-central1" | "us-east1" | "us-east4" | "us-west1" | "asia-east2" | "asia-northeast3" | "asia-southeast1" | "asia-southeast2" | "asia-south1" | "australia-southeast1" | "europe-central2" | "europe-west2" | "europe-west3" | "europe-west6" | "northamerica-northeast1" | "southamerica-east1" | "us-west2" | "us-west3" | "us-west4";
 /**
@@ -11,16 +11,16 @@ export type SupportedRegion = "asia-east1" | "asia-northeast1" | "asia-northeast
  */
 export type MemoryOption = "128MiB" | "256MiB" | "512MiB" | "1GiB" | "2GiB" | "4GiB" | "8GiB" | "16GiB" | "32GiB";
 /**
- * List of available options for VpcConnectorEgressSettings.
+ * List of available options for `VpcConnectorEgressSettings`.
  */
 export type VpcEgressSetting = "PRIVATE_RANGES_ONLY" | "ALL_TRAFFIC";
 /**
- * List of available options for IngressSettings.
+ * List of available options for `IngressSettings`.
  */
 export type IngressSetting = "ALLOW_ALL" | "ALLOW_INTERNAL_ONLY" | "ALLOW_INTERNAL_AND_GCLB";
 /**
- * GlobalOptions are options that can be set across an entire project.
- * These options are common to HTTPS and Event handling functions.
+ * `GlobalOptions` are options that can be set across an entire project.
+ * These options are common to HTTPS and event handling functions.
  */
 export interface GlobalOptions {
     /**
@@ -40,30 +40,30 @@ export interface GlobalOptions {
      * HTTPS functions can specify a higher timeout.
      *
      * @remarks
-     * The minimum timeout for a gen 2 function is 1s. The maximum timeout for a
+     * The minimum timeout for a 2nd gen function is 1s. The maximum timeout for a
      * function depends on the type of function: Event handling functions have a
      * maximum timeout of 540s (9 minutes). HTTPS and callable functions have a
      * maximum timeout of 36,00s (1 hour). Task queue functions have a maximum
-     * timeout of 1,800s (30 minutes)
+     * timeout of 1,800s (30 minutes).
      */
     timeoutSeconds?: number | Expression<number> | ResetValue;
     /**
-     * Min number of actual instances to be running at a given time.
+     * Minimum number of actual instances to be running at a given time.
      *
      * @remarks
-     * Instances will be billed for memory allocation and 10% of CPU allocation
+     * Instances are billed for memory allocation and 10% of CPU allocation
      * while idle.
      */
     minInstances?: number | Expression<number> | ResetValue;
     /**
-     * Max number of instances to be running in parallel.
+     * Max number of instances that can be running in parallel.
      */
     maxInstances?: number | Expression<number> | ResetValue;
     /**
      * Number of requests a function can serve at once.
      *
      * @remarks
-     * Can only be applied to functions running on Cloud Functions v2.
+     * Can be applied only to functions running on Cloud Functions (2nd gen)).
      * A value of null restores the default concurrency (80 when CPU >= 1, 1 otherwise).
      * Concurrency cannot be set to any value other than 1 if `cpu` is less than 1.
      * The maximum value for concurrency is 1,000.
@@ -75,13 +75,13 @@ export interface GlobalOptions {
      * @remarks
      * Defaults to 1 for functions with <= 2GB RAM and increases for larger memory sizes.
      * This is different from the defaults when using the gcloud utility and is different from
-     * the fixed amount assigned in Google Cloud Functions generation 1.
-     * To revert to the CPU amounts used in gcloud or in Cloud Functions generation 1, set this
+     * the fixed amount assigned in Cloud Functions (1st gen).
+     * To revert to the CPU amounts used in gcloud or in Cloud Functions (1st gen), set this
      * to the value "gcf_gen1"
      */
     cpu?: number | "gcf_gen1";
     /**
-     * Connect cloud function to specified VPC connector.
+     * Connect a function to a specified VPC connector.
      */
     vpcConnector?: string | Expression<string> | ResetValue;
     /**
@@ -97,7 +97,7 @@ export interface GlobalOptions {
      */
     ingressSettings?: IngressSetting | ResetValue;
     /**
-     * Invoker to set access control on https functions.
+     * Invoker to set access control on HTTPS functions.
      */
     invoker?: "public" | "private" | string | string[];
     /**
@@ -106,36 +106,39 @@ export interface GlobalOptions {
     labels?: Record<string, string>;
     secrets?: (string | SecretParam)[];
     /**
-     * Determines whether Firebase AppCheck is enforced. Defaults to false.
+     * Determines whether Firebase App Check is enforced. Defaults to false.
      *
      * @remarks
      * When true, requests with invalid tokens autorespond with a 401
      * (Unauthorized) error.
-     * When false, requests with invalid tokens set event.app to undefined.
+     * When false, requests with invalid tokens set `event.app` to `undefined`.
      */
     enforceAppCheck?: boolean;
     /**
      * Controls whether function configuration modified outside of function source is preserved. Defaults to false.
      *
      * @remarks
-     * When setting configuration available in the underlying platform that is not yet available in the Firebase Functions
-     * SDK, we highly recommend setting `preserveExternalChanges` to `true`. Otherwise, when the Firebase Functions SDK releases
+     * When setting configuration available in an underlying platform that is not yet available in the Firebase SDK
+     * for Cloud Functions, we recommend setting `preserveExternalChanges` to `true`. Otherwise, when Google releases
      * a new version of the SDK with support for the missing configuration, your function's manually configured setting
      * may inadvertently be wiped out.
      */
     preserveExternalChanges?: boolean;
 }
 /**
- * Sets default options for all functions written using the v2 SDK.
+ * Sets default options for all functions written using the 2nd gen SDK.
  * @param options Options to set as default
  */
 export declare function setGlobalOptions(options: GlobalOptions): void;
 /**
- * Additional fields that can be set on any event-handling Cloud Function.
+ * Additional fields that can be set on any event-handling function.
  */
 export interface EventHandlerOptions extends Omit<GlobalOptions, "enforceAppCheck"> {
+    /** Type of the event. Valid values are TODO */
     eventType?: string;
+    /** TODO */
     eventFilters?: Record<string, string | Expression<string>>;
+    /** TODO */
     eventFilterPathPatterns?: Record<string, string | Expression<string>>;
     /** Whether failed executions should be delivered again. */
     retry?: boolean | Expression<boolean> | ResetValue;

package/lib/v2/options.js

@@ -46,7 +46,7 @@ const MemoryOptionToMB = {
 };
 let globalOptions;
 /**
- * Sets default options for all functions written using the v2 SDK.
+ * Sets default options for all functions written using the 2nd gen SDK.
  * @param options Options to set as default
  */
 function setGlobalOptions(options) {

package/lib/v2/providers/firestore.js

@@ -30,6 +30,7 @@ const core_1 = require("../core");
 Object.defineProperty(exports, "Change", { enumerable: true, get: function () { return core_1.Change; } });
 const options_1 = require("../options");
 const firestore_1 = require("../../common/providers/firestore");
+const trace_1 = require("../trace");
 /** @internal */
 exports.writtenEventType = "google.cloud.firestore.document.v1.written";
 /** @internal */
@@ -219,7 +220,7 @@ function onOperation(eventType, documentOrOpts, handler) {
         const event = raw;
         const params = makeParams(event.document, documentPattern);
         const firestoreEvent = makeFirestoreEvent(eventType, event, params);
-        return handler(firestoreEvent);
+        return (0, trace_1.wrapTraceContext)(handler)(firestoreEvent);
     };
     func.run = handler;
     func.__endpoint = makeEndpoint(eventType, opts, documentPattern, database, namespace);

package/lib/v2/providers/https.js

@@ -78,16 +78,18 @@ function onRequest(optsOrHandler, handler) {
                     allowInsecure: false,
                 },
             };
+            (0, encoding_1.convertIfPresent)(trigger.httpsTrigger, options.getGlobalOptions(), "invoker", "invoker", encoding_1.convertInvoker);
             (0, encoding_1.convertIfPresent)(trigger.httpsTrigger, opts, "invoker", "invoker", encoding_1.convertInvoker);
             return trigger;
         },
     });
-    const baseOpts = options.optionsToEndpoint(options.getGlobalOptions());
+    const globalOpts = options.getGlobalOptions();
+    const baseOpts = options.optionsToEndpoint(globalOpts);
     // global options calls region a scalar and https allows it to be an array,
     // but optionsToTriggerAnnotations handles both cases.
     const specificOpts = options.optionsToEndpoint(opts);
     const endpoint = {
-        ...(0, manifest_1.initV2Endpoint)(options.getGlobalOptions(), opts),
+        ...(0, manifest_1.initV2Endpoint)(globalOpts, opts),
         platform: "gcfv2",
         ...baseOpts,
         ...specificOpts,
@@ -97,6 +99,7 @@ function onRequest(optsOrHandler, handler) {
         },
         httpsTrigger: {},
     };
+    (0, encoding_1.convertIfPresent)(endpoint.httpsTrigger, globalOpts, "invoker", "invoker", encoding_1.convertInvoker);
     (0, encoding_1.convertIfPresent)(endpoint.httpsTrigger, opts, "invoker", "invoker", encoding_1.convertInvoker);
     handler.__endpoint = endpoint;
     return handler;
@@ -116,11 +119,12 @@ function onCall(optsOrHandler, handler) {
     // onCallHandler sniffs the function length to determine which API to present.
     // fix the length to prevent api versions from being mismatched.
     const fixedLen = (req) => handler(req);
-    const func = (0, https_1.onCallHandler)({
+    let func = (0, https_1.onCallHandler)({
         cors: { origin, methods: "POST" },
         enforceAppCheck: (_a = opts.enforceAppCheck) !== null && _a !== void 0 ? _a : options.getGlobalOptions().enforceAppCheck,
         consumeAppCheckToken: opts.consumeAppCheckToken,
     }, fixedLen);
+    func = (0, trace_1.wrapTraceContext)(func);
     Object.defineProperty(func, "__trigger", {
         get: () => {
             const baseOpts = options.optionsToTriggerAnnotations(options.getGlobalOptions());

package/lib/v2/providers/tasks.js

@@ -52,6 +52,7 @@ function onTaskDispatched(optsOrHandler, handler) {
             const specificOpts = options.optionsToTriggerAnnotations(opts);
             const taskQueueTrigger = {};
             (0, encoding_1.copyIfPresent)(taskQueueTrigger, opts, "retryConfig", "rateLimits");
+            (0, encoding_1.convertIfPresent)(taskQueueTrigger, options.getGlobalOptions(), "invoker", "invoker", encoding_1.convertInvoker);
             (0, encoding_1.convertIfPresent)(taskQueueTrigger, opts, "invoker", "invoker", encoding_1.convertInvoker);
             return {
                 platform: "gcfv2",
@@ -82,6 +83,7 @@ function onTaskDispatched(optsOrHandler, handler) {
     };
     (0, encoding_1.copyIfPresent)(func.__endpoint.taskQueueTrigger.retryConfig, opts.retryConfig, "maxAttempts", "maxBackoffSeconds", "maxDoublings", "maxRetrySeconds", "minBackoffSeconds");
     (0, encoding_1.copyIfPresent)(func.__endpoint.taskQueueTrigger.rateLimits, opts.rateLimits, "maxConcurrentDispatches", "maxDispatchesPerSecond");
+    (0, encoding_1.convertIfPresent)(func.__endpoint.taskQueueTrigger, options.getGlobalOptions(), "invoker", "invoker", encoding_1.convertInvoker);
     (0, encoding_1.convertIfPresent)(func.__endpoint.taskQueueTrigger, opts, "invoker", "invoker", encoding_1.convertInvoker);
     func.__requiredAPIs = [
         {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "firebase-functions",
-  "version": "4.4.1",
+  "version": "4.6.0",
   "description": "Firebase SDK for Cloud Functions",
   "keywords": [
     "firebase",
@@ -225,7 +225,7 @@
     "eslint-config-prettier": "^8.3.0",
     "eslint-plugin-jsdoc": "^39.2.9",
     "eslint-plugin-prettier": "^4.0.0",
-    "firebase-admin": "^11.8.0",
+    "firebase-admin": "^12.0.0",
     "js-yaml": "^3.13.1",
     "jsdom": "^16.2.1",
     "jsonwebtoken": "^9.0.0",
@@ -245,7 +245,7 @@
     "yargs": "^15.3.1"
   },
   "peerDependencies": {
-    "firebase-admin": "^10.0.0 || ^11.0.0"
+    "firebase-admin": "^10.0.0 || ^11.0.0 || ^12.0.0"
   },
   "engines": {
     "node": ">=14.10.0"