Skip to content

fix(deps): bump fast-xml-builder from 1.2.1 to 1.3.0#633

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot-npm_and_yarn-fast-xml-builder-1.3.0
Open

fix(deps): bump fast-xml-builder from 1.2.1 to 1.3.0#633
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot-npm_and_yarn-fast-xml-builder-1.3.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 18, 2026

Copy link
Copy Markdown
Contributor

Bumps fast-xml-builder from 1.2.1 to 1.3.0.

Changelog

Sourced from fast-xml-builder's changelog.

1.3.0 (2026-07-11)

  • upgrade:
    • xml-naming v0.3.0: cache support
    • PEM v1.6.2: sibling bug fix

1.2.1 (2026-07-03)

  • fix: escape quotes in stopNode attribute values (By greymoth)
  • fix: neutralize double hyphen in multi-key comment object (By spokodev)

1.2.0 (2026-05-08)

  • Add support for sanitizeName option
  • Support xml-naming for validating and sanitizing tag and attribute names

1.1.9 (2026-05-06)

  • fix: format output for preserve order when indent by is set to empty string

1.1.8 (2026-05-05)

  • fix: skip text property for PI tags
  • improve typings

1.1.7 (2026--05-04)

  • fix security issues when attribute value contains quotes

1.1.6 (2026--05-04)

  • fix security issues related to comment
  • skip comment with null value

1.1.5 (2026-04-17)

  • fix security issues related to comment and cdata

1.1.4 (2026-03-16)

  • support maxNestedTags option

1.1.3 (2026-03-13)

  • declare Matcher & Expression as unknown so user is not forced to install path-expression-matcher

1.1.2 (2026-03-11)

  • fix typings

1.1.1 (2026-03-11)

  • upgrade path-expression-matcher to 1.1.3

1.1.0 (2026-03-10)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [fast-xml-builder](https://github.com/NaturalIntelligence/fast-xml-builder) from 1.2.1 to 1.3.0.
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-builder/blob/main/CHANGELOG.md)
- [Commits](NaturalIntelligence/fast-xml-builder@v1.2.1...v1.3.0)

---
updated-dependencies:
- dependency-name: fast-xml-builder
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 18, 2026
@dependabot
dependabot Bot requested a review from larryrider as a code owner July 18, 2026 04:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants