chore(deps): bump fast-xml-parser from 5.4.1 to 5.5.7 in /docs #3064

Merged

dependabot[bot] merged 1 commit from refs/pull/3064/head into staging

2026-03-26 00:34:52 +00:00

dependabot[bot] commented

2026-03-20 00:56:57 +00:00

(Migrated from github.com)

Owner

Imported from GitHub pull request.

Original GitHub pull request: #3058
Original author: @dependabot[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/3058
Original created: 2026-03-20T00:56:57Z
Original updated: 2026-03-26T00:34:53Z
Original head: carverauto/serviceradar:dependabot/npm_and_yarn/docs/fast-xml-parser-5.5.7
Original base: staging
Original merged: 2026-03-26T00:34:52Z by @mfreeman451

Bumps fast-xml-parser from 5.4.1 to 5.5.7.

Release notes

Sourced from fast-xml-parser's releases.

fix entity expansion and incorrect replacement and performance

Full Changelog: https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6

support onDangerousProperty

Full Changelog: https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5

update dependecies to fix typings

Full Changelog: https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2

integrate path-expression-matcher

support path-expression-matcher

fix: stopNode should not be parsed

performance improvement for stopNode checking

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

Note: Due to some last quick changes on v4, detail of v4.5.3 & v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion

5.5.7 / 2026-03-19

fix: entity expansion limits

update strnum package to 2.2.0

5.5.6 / 2026-03-16

update builder dependency

fix incorrect regex to replace . in entity name

fix check for entitiy expansion for lastEntities and html entities too

5.5.5 / 2026-03-13

sanitize dangerous tag or attribute name

error on critical property name

support onDangerousProperty option

5.5.4 / 2026-03-13

declare Matcher & Expression as unknown so user is not forced to install path-expression-matcher

5.5.3 / 2026-03-11

upgrade builder

5.5.2 / 2026-03-11

update dependency to fix typings

5.5.1 / 2026-03-10

fix dependency

5.5.0 / 2026-03-10

support path-expression-matcher

fix: stopNode should not be parsed

performance improvement for stopNode checking

5.4.2 / 2026-03-03

support maxEntityCount option

5.4.1 / 2026-02-25

fix (#785) unpairedTag node should not have tag content

5.4.0 / 2026-02-25

migrate to fast-xml-builder

5.3.9 / 2026-02-25

support strictReservedNames

5.3.8 / 2026-02-25

support maxNestedTags

... (truncated)

Commits

a21c441 update package detail
239b64a check for min value for entity exapantion options
61cb666 restrict more properties to be unsafe
41abd66 performance improvement of reading DOCTYPE
3dfcd20 refactor: performance improvement
870043e update release info
6df401e update builder dependency
bd26122 check for entitiy expansion for lastEntities and html entities too
7e70dd8 fix incorrect regex to replace . in entity name
e54155f update package info
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

Imported from GitHub pull request. Original GitHub pull request: #3058 Original author: @dependabot[bot] Original URL: https://github.com/carverauto/serviceradar/pull/3058 Original created: 2026-03-20T00:56:57Z Original updated: 2026-03-26T00:34:53Z Original head: carverauto/serviceradar:dependabot/npm_and_yarn/docs/fast-xml-parser-5.5.7 Original base: staging Original merged: 2026-03-26T00:34:52Z by @mfreeman451 --- Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 5.4.1 to 5.5.7. <details> <summary>Release notes</summary> Sourced from <a href="https://github.com/NaturalIntelligence/fast-xml-parser/releases">fast-xml-parser's releases</a>. <blockquote> <h2>fix entity expansion and incorrect replacement and performance</h2> Full Changelog: <a href="https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6">https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.5...v5.5.6</a> <h2>support onDangerousProperty</h2> Full Changelog: <a href="https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5">https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.3...v5.5.5</a> <h2>update dependecies to fix typings</h2> Full Changelog: <a href="https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2">https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.5.1...v5.5.2</a> <h2>integrate path-expression-matcher</h2> <ul> <li>support path-expression-matcher</li> <li>fix: stopNode should not be parsed</li> <li>performance improvement for stopNode checking</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> Sourced from <a href="https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md">fast-xml-parser's changelog</a>. <blockquote> Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library. Note: Due to some last quick changes on v4, detail of v4.5.3 & v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion 5.5.7 / 2026-03-19 <ul> <li>fix: entity expansion limits</li> <li>update strnum package to 2.2.0</li> </ul> 5.5.6 / 2026-03-16 <ul> <li>update builder dependency</li> <li>fix incorrect regex to replace . in entity name</li> <li>fix check for entitiy expansion for lastEntities and html entities too</li> </ul> 5.5.5 / 2026-03-13 <ul> <li>sanitize dangerous tag or attribute name</li> <li>error on critical property name</li> <li>support onDangerousProperty option</li> </ul> 5.5.4 / 2026-03-13 <ul> <li>declare Matcher & Expression as unknown so user is not forced to install path-expression-matcher</li> </ul> 5.5.3 / 2026-03-11 <ul> <li>upgrade builder</li> </ul> 5.5.2 / 2026-03-11 <ul> <li>update dependency to fix typings</li> </ul> 5.5.1 / 2026-03-10 <ul> <li>fix dependency</li> </ul> 5.5.0 / 2026-03-10 <ul> <li>support path-expression-matcher</li> <li>fix: stopNode should not be parsed</li> <li>performance improvement for stopNode checking</li> </ul> 5.4.2 / 2026-03-03 <ul> <li>support maxEntityCount option</li> </ul> 5.4.1 / 2026-02-25 <ul> <li>fix (<a href="https://redirect.github.com/NaturalIntelligence/fast-xml-parser/issues/785">#785</a>) unpairedTag node should not have tag content</li> </ul> 5.4.0 / 2026-02-25 <ul> <li>migrate to fast-xml-builder</li> </ul> 5.3.9 / 2026-02-25 <ul> <li>support strictReservedNames</li> </ul> 5.3.8 / 2026-02-25 <ul> <li>support maxNestedTags</li> </ul>  </blockquote> ... (truncated) </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/a21c44123cdf0f8fb5b56d33386ed3be4e180953"><code>a21c441</code></a> update package detail</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/239b64aa1fc5c5455ddebbbb54a187eb68c9fdb7"><code>239b64a</code></a> check for min value for entity exapantion options</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/61cb666d13044b483aa495a6c020789f22e670b4"><code>61cb666</code></a> restrict more properties to be unsafe</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/41abd66adc54cbc6ebea615a9f5396d8582afdb1"><code>41abd66</code></a> performance improvement of reading DOCTYPE</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/3dfcd20c8cffc310335510ff72a211be0672a8dd"><code>3dfcd20</code></a> refactor: performance improvement</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/870043e75e78545192bc70950c6286d36c7cdf23"><code>870043e</code></a> update release info</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/6df401ef2bb1d152313276add24cdfa860819751"><code>6df401e</code></a> update builder dependency</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01"><code>bd26122</code></a> check for entitiy expansion for lastEntities and html entities too</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/7e70dd8f758f3f494c4e14a281cea35b7d8d0d13"><code>7e70dd8</code></a> fix incorrect regex to replace . in entity name</li> <li><a href="https://github.com/NaturalIntelligence/fast-xml-parser/commit/e54155f53048e9d58e27f170d3ccff15176b6671"><code>e54155f</code></a> update package info</li> <li>Additional commits viewable in <a href="https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.4.1...v5.5.7">compare view</a></li> </ul> </details> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=fast-xml-parser&package-manager=npm_and_yarn&previous-version=5.4.1&new-version=5.5.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/carverauto/serviceradar/network/alerts). </details>