Skip to content

Bump fast-xml-parser from 5.5.12 to 5.6.0#7976

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/fast-xml-parser-5.6.0
Open

Bump fast-xml-parser from 5.5.12 to 5.6.0#7976
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/fast-xml-parser-5.6.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 16, 2026
edited
Loading

Bumps fast-xml-parser from 5.5.12 to 5.6.0.

Release notes

Sourced from fast-xml-parser's releases.

use @​nodable/entities to replace entities

  • No API change
  • No change in performance for basic usage
  • No typing change
  • No config change
  • new dependency
  • breaking: error messages for entities might have been changed.

Full Changelog: NaturalIntelligence/fast-xml-parser@v5.5.12...v5.6.0

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

Note: Due to some last quick changes on v4, detail of v4.5.3 & v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion

5.6.0 / 2026-04-15

  • fix: entity replacement for numeric entities
  • use @​nodable/entities to replace entities
    • this may change some error messages related to entities expansion limit or inavlid use
    • post check would be exposed in future version

5.5.12 / 2026-04-13

  • Performance Improvement: update path-expression-matcher
    • use proxy pattern than Proxy class

5.5.11 / 2026-04-08

  • Performance Improvement
    • integrate ExpressionSet for stopNodes

5.5.10 / 2026-04-03

  • increase default entity explansion limit as many projects demand for that
  • performance improvement
    • reduce calls to toString
    • early return when entities are not present
    • prepare rawAttrsForMatcher only if user sets jPath: false

5.5.9 / 2026-03-23

  • combine typing files

4.5.5 / 2026-03-22

apply fixes from v5 (legacy maintenance branch v4-maintenance)

  • support maxEntityCount
  • support onDangerousProperty
  • support maxNestedTags
  • handle prototype pollution
  • fix incorrect entity name replacement
  • fix incorrect condition for entity expansion

5.5.8 / 2026-03-20

  • pass read only matcher in callback

5.5.7 / 2026-03-19

  • fix: entity expansion limits
  • update strnum package to 2.2.0

5.5.6 / 2026-03-16

  • update builder dependency
  • fix incorrect regex to replace . in entity name

... (truncated)

Commits
  • 7cb49e5 update release detail
  • 1b14fa7 include currency entities in default list
  • e41e99f update @​nodable/entities
  • 169fbf9 use @​nodable/entities to replace entities
  • See full diff in compare view

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 16, 2026
@github-actions github-actions bot enabled auto-merge April 16, 2026 00:08
@wdower wdower temporarily deployed to heimdall2-dependabot-np-rgy1im April 16, 2026 00:09 Inactive
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/fast-xml-parser-5.6.0 branch from e65a58f to e89aa50 Compare April 16, 2026 00:29
@wdower wdower temporarily deployed to heimdall2-dependabot-np-rgy1im April 16, 2026 00:30 Inactive
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/fast-xml-parser-5.6.0 branch from e89aa50 to ad5ae6e Compare April 16, 2026 01:01
@wdower wdower temporarily deployed to heimdall2-dependabot-np-rgy1im April 16, 2026 01:02 Inactive
@dependabot
Bump fast-xml-parser from 5.5.12 to 5.6.0
22965d6 
Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 5.5.12 to 5.6.0.
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](NaturalIntelligence/fast-xml-parser@v5.5.12...v5.6.0)

---
updated-dependencies:
- dependency-name: fast-xml-parser
  dependency-version: 5.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/fast-xml-parser-5.6.0 branch from ad5ae6e to 22965d6 Compare April 16, 2026 01:35
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Apr 16, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@wdower