Skip to content

chore(deps): bump fast-xml-parser from 5.5.12 to 5.6.0#11051

Merged
mergify[bot] merged 1 commit intomainfrom
dependabot/npm_and_yarn/fast-xml-parser-5.6.0
Apr 15, 2026
Merged

chore(deps): bump fast-xml-parser from 5.5.12 to 5.6.0#11051
mergify[bot] merged 1 commit intomainfrom
dependabot/npm_and_yarn/fast-xml-parser-5.6.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 15, 2026

Bumps fast-xml-parser from 5.5.12 to 5.6.0.

Release notes

Sourced from fast-xml-parser's releases.

use @​nodable/entities to replace entities

  • No API change
  • No change in performance for basic usage
  • No typing change
  • No config change
  • new dependency
  • breaking: error messages for entities might have been changed.

Full Changelog: NaturalIntelligence/fast-xml-parser@v5.5.12...v5.6.0

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

Note: Due to some last quick changes on v4, detail of v4.5.3 & v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion

5.6.0 / 2026-04-15

  • fix: entity replacement for numeric entities
  • use @​nodable/entities to replace entities
    • this may change some error messages related to entities expansion limit or inavlid use
    • post check would be exposed in future version

5.5.12 / 2026-04-13

  • Performance Improvement: update path-expression-matcher
    • use proxy pattern than Proxy class

5.5.11 / 2026-04-08

  • Performance Improvement
    • integrate ExpressionSet for stopNodes

5.5.10 / 2026-04-03

  • increase default entity explansion limit as many projects demand for that
  • performance improvement
    • reduce calls to toString
    • early return when entities are not present
    • prepare rawAttrsForMatcher only if user sets jPath: false

5.5.9 / 2026-03-23

  • combine typing files

4.5.5 / 2026-03-22

apply fixes from v5 (legacy maintenance branch v4-maintenance)

  • support maxEntityCount
  • support onDangerousProperty
  • support maxNestedTags
  • handle prototype pollution
  • fix incorrect entity name replacement
  • fix incorrect condition for entity expansion

5.5.8 / 2026-03-20

  • pass read only matcher in callback

5.5.7 / 2026-03-19

  • fix: entity expansion limits
  • update strnum package to 2.2.0

5.5.6 / 2026-03-16

  • update builder dependency
  • fix incorrect regex to replace . in entity name

... (truncated)

Commits
  • 7cb49e5 update release detail
  • 1b14fa7 include currency entities in default list
  • e41e99f update @​nodable/entities
  • 169fbf9 use @​nodable/entities to replace entities
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump fast-xml-parser from 5.5.12 to 5.6.0
8d43df5 
Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 5.5.12 to 5.6.0.
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](NaturalIntelligence/fast-xml-parser@v5.5.12...v5.6.0)

---
updated-dependencies:
- dependency-name: fast-xml-parser
  dependency-version: 5.6.0
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 15, 2026
@mergify mergify bot deployed to Mergify Merge Protections April 15, 2026 06:05 Active
@mergify
Copy link
Copy Markdown
Contributor

mergify bot commented Apr 15, 2026
edited
Loading

Merge Protections

Your pull request matches the following merge protections and will not be merged until they are valid.

🟢 🤖 Continuous Integration

Wonderful, this rule succeeded.
  • all of:
    • check-success = build
    • check-success = lint
    • check-success = test
    • any of:
      • check-success = test-broken-links
      • label = ignore-broken-links
    • any of:
      • check-success=Cloudflare Pages
      • -head-repo-full-name~=^Mergifyio/

🟢 👀 Review Requirements

Wonderful, this rule succeeded.
  • any of:
    • author = dependabot[bot]
    • #approved-reviews-by >= 2
    • author = mergify-ci-bot

🟢 Enforce conventional commit

Wonderful, this rule succeeded.

Make sure that we follow https://www.conventionalcommits.org/en/v1.0.0/

  • title ~= ^(fix|feat|docs|style|refactor|perf|test|build|ci|chore|revert)(?:\(.+\))?:

🟢 🔎 Reviews

Wonderful, this rule succeeded.
  • #changes-requested-reviews-by = 0
  • #review-requested = 0
  • #review-threads-unresolved = 0

🟢 📕 PR description

Wonderful, this rule succeeded.
  • body ~= (?ms:.{48,})

@mergify
Copy link
Copy Markdown
Contributor

mergify bot commented Apr 15, 2026
edited
Loading

Merge Queue Status

This pull request spent 55 minutes 23 seconds in the queue, including 7 minutes 30 seconds running CI.

Required conditions to merge

mergify bot added a commit that referenced this pull request Apr 15, 2026
@mergify
Merge of #11051
e064e31
@mergify mergify bot added the queued label Apr 15, 2026
@mergify mergify bot mentioned this pull request Apr 15, 2026
Closed
49 tasks
mergify bot added a commit that referenced this pull request Apr 15, 2026
@mergify
Merge of #11051
6d67389
mergify bot added a commit that referenced this pull request Apr 15, 2026
@mergify
Merge of #11051
4e84674
mergify bot added a commit that referenced this pull request Apr 15, 2026
@mergify
Merge of #11051
0bf67cd
@mergify mergify bot mentioned this pull request Apr 15, 2026
Closed
49 tasks
mergify bot added a commit that referenced this pull request Apr 15, 2026
@mergify
Merge of #11051
c9af892
mergify bot added a commit that referenced this pull request Apr 15, 2026
@mergify
Merge of #11051
1801c44
@mergify mergify bot mentioned this pull request Apr 15, 2026
Closed
49 tasks
@mergify mergify bot merged commit b9f15f7 into main Apr 15, 2026
9 checks passed
@mergify mergify bot deleted the dependabot/npm_and_yarn/fast-xml-parser-5.6.0 branch April 15, 2026 07:03
@mergify mergify bot removed the queued label Apr 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants