chore(deps): bump the production-dependencies group across 1 directory with 2 updates

[dependabot]

Bumps the production-dependencies group with 2 updates in the / directory: googleapis and nodemailer.

Updates googleapis from 171.4.0 to 173.0.0

Release notes

Sourced from googleapis's releases.

googleapis: v173.0.0

173.0.0 (2026-05-28)

⚠ BREAKING CHANGES

• This release has breaking changes.

Features

• run the generator (#3920) (08443b4)

Commits

• 9e92f53 chore: release main (#3923)
• 08443b4 feat: run the generator (#3920)
• cf35f69 chore: release main (#3922)
• dec51bf fix: update release-please-config.json to remove non-existent package (#3921)
• b385d3f feat: run the generator (#3919)
• 7fa3d49 feat: regenerate index files
• 9fd8b53 feat(walletobjects): update the API
• 45054a1 feat(servicecontrol): update the API
• 0538d74 fix(orgpolicy): update the API
• efe33ba feat(dataflow): update the API
• Additional commits viewable in compare view

Updates nodemailer from 8.0.7 to 8.0.10

Release notes

Sourced from nodemailer's releases.

v8.0.10

8.0.10 (2026-05-29)

Bug Fixes

• fall back to lower-severity handler when custom logger lacks a level method (6d849df)

v8.0.9

8.0.9 (2026-05-26)

Bug Fixes

• two pending security advisories (jsonTransport access bypass, List-* CRLF injection) (#1820) (5f69497)

v8.0.8

8.0.8 (2026-05-23)

Bug Fixes

• enforce strict TLS for OAuth2 and Ethereal credential requests (#1818) (833d6e5)
• four listener/stream leaks in SMTP transport, connection, pool (#1817) (850bb91)

Changelog

Sourced from nodemailer's changelog.

8.0.10 (2026-05-29)

Bug Fixes

• fall back to lower-severity handler when custom logger lacks a level method (6d849df)

8.0.9 (2026-05-26)

Bug Fixes

• two pending security advisories (jsonTransport access bypass, List-* CRLF injection) (#1820) (5f69497)

8.0.8 (2026-05-23)

Bug Fixes

• enforce strict TLS for OAuth2 and Ethereal credential requests (#1818) (833d6e5)
• four listener/stream leaks in SMTP transport, connection, pool (#1817) (850bb91)

Commits

• 948ae3f chore(master): release 8.0.10 (#1823)
• 9eedad9 docs: add SECURITY.md policy (#1824)
• 6d849df fix: fall back to lower-severity handler when custom logger lacks a level method
• 07303cb chore(master): release 8.0.9 (#1821)
• 5f69497 fix: two pending security advisories (jsonTransport access bypass, List-* CRL...
• 15138a8 chore(master): release 8.0.8 (#1819)
• 850bb91 fix: four listener/stream leaks in SMTP transport, connection, pool (#1817)
• 833d6e5 fix: enforce strict TLS for OAuth2 and Ethereal credential requests (#1818)
• See full diff in compare view

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	googleapis@​171.4.0 ⏵ 173.0.0	-3		+1
	nodemailer@​8.0.7 ⏵ 8.0.10			+1

View full report

[socket-security]

All alerts resolved. Learn more about Socket for GitHub.

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

View full report

[codecov]

Bundle Report

Bundle size has no change ✅

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 99.40%. Comparing base (1a42785) to head (caf6e7b).
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #208   +/-   ##
=======================================
  Coverage   99.40%   99.40%           
=======================================
  Files          33       33           
  Lines        1859     1859           
  Branches      513      513           
=======================================
  Hits         1848     1848           
  Misses          9        9           
  Partials        2        2           

---

Continue to review full report in Codecov by Harness.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 1a42785...caf6e7b. Read the comment docs.

[klodr]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR updates the googleapis dependency in package.json from ^171.4.0 to ^173.0.0. No other files or package metadata were changed.

Changes

Dependency Update

Layer / File(s)	Summary
googleapis dependency version bump package.json	The googleapis library dependency is bumped from ^171.4.0 to ^173.0.0 in the dependencies section of the package manifest.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• klodr/gmail-mcp#75: Updates package.json dependencies to modify Google API client tooling.

Suggested labels

Review effort 2/5

Suggested reviewers

• klodr

---

Caution

Pre-merge checks failed

Please resolve all errors before merging. Addressing warnings is optional.

• Ignore (reviewers only)

❌ Failed checks (1 error)

Check name	Status	Explanation	Resolution
Title check	❌ Error	Title exceeds 72-character limit (85 characters) and uses vague language ('bump the production-dependencies group') that doesn't specify the main changes.	Revise title to follow Conventional Commits: stay within 72 characters and be more specific (e.g., 'chore(deps): update googleapis and nodemailer').

✅ Passed checks (3 passed)

Check name	Status	Explanation
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Description check	✅ Passed	The PR description clearly describes a dependency update for googleapis and nodemailer with detailed release notes and commit history.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[klodr]

@dependabot rebase

[klodr]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[klodr]

@dependabot rebase

[klodr]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 0

[klodr]

Reviewed dependency bump, auto-merge enabled — letting CI + CodeRabbit + Scorecard gate the merge.

[klodr]

@dependabot rebase

[dependabot]

Looks like this PR is already up-to-date with main! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[klodr]

@coderabbitai review

[coderabbitai]

✅ Action performed

Review finished.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.