Skip to content

Bump fast-xml-parser from 5.5.6 to 5.5.11#114

Open
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/npm_and_yarn/fast-xml-parser-5.5.11
Open

Bump fast-xml-parser from 5.5.6 to 5.5.11#114
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/npm_and_yarn/fast-xml-parser-5.5.11

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 9, 2026
edited
Loading

Bumps fast-xml-parser from 5.5.6 to 5.5.11.

Release notes

Sourced from fast-xml-parser's releases.

performance improvment, increase entity expansion default limit

  • increase default entity explansion limit as many projects demand for that
maxEntitySize: 10000,
maxExpansionDepth: 10000,
maxTotalExpansions: Infinity,
maxExpandedLength: 100000,
maxEntityCount: 1000,
  • performance improvement
    • reduce calls to toString
    • early return when entities are not present
    • prepare rawAttrsForMatcher only if user sets jPath: false

Full Changelog: NaturalIntelligence/fast-xml-parser@v5.5.9...v5.5.10

fix typins and matcher instance in callbacks

combine typings file to avoid configuration changes pass readonly instance of matcher to the call backs to avoid accidental push/pop call

fix bugs of entity parsing and value parsing

fix: entity expansion limits update strnum package to 2.2.0

Commits

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update JavaScript code labels Apr 9, 2026
@dependabot dependabot bot requested a review from dav3r as a code owner April 9, 2026 02:18
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 9, 2026
@dependabot dependabot bot requested review from felddy and jsf9k as code owners April 9, 2026 02:18
@dependabot dependabot bot added the javascript Pull requests that update JavaScript code label Apr 9, 2026
@dependabot dependabot bot requested a review from mcdonnnj as a code owner April 9, 2026 02:18
@mcdonnnj
Copy link
Copy Markdown
Member

mcdonnnj commented Apr 9, 2026

@dependabot rebase

@dependabot
Bump fast-xml-parser from 5.5.6 to 5.5.11
d647246 
Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 5.5.6 to 5.5.11.
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NaturalIntelligence/fast-xml-parser/commits)

---
updated-dependencies:
- dependency-name: fast-xml-parser
  dependency-version: 5.5.11
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/fast-xml-parser-5.5.11 branch from 49d33b9 to d647246 Compare April 9, 2026 16:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jsf9k jsf9k jsf9k approved these changes

@dav3r dav3r dav3r approved these changes

@felddy felddy Awaiting requested review from felddy felddy is a code owner

@mcdonnnj mcdonnnj Awaiting requested review from mcdonnnj mcdonnnj is a code owner

Assignees

@mcdonnnj mcdonnnj

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update JavaScript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mcdonnnj @jsf9k @dav3r