Skip to content

Bump fast-xml-parser and @wp-playground/cli#1190

Closed
dependabot[bot] wants to merge 1 commit intotrunkfrom
dependabot/npm_and_yarn/multi-318b1acb5a
Closed

Bump fast-xml-parser and @wp-playground/cli#1190
dependabot[bot] wants to merge 1 commit intotrunkfrom
dependabot/npm_and_yarn/multi-318b1acb5a

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 24, 2026

Bumps fast-xml-parser and @wp-playground/cli. These dependencies needed to be updated together.
Updates fast-xml-parser from 5.3.0 to 5.3.7

Release notes

Sourced from fast-xml-parser's releases.

CJS typing fix

What's Changed

New Contributors

Full Changelog: NaturalIntelligence/fast-xml-parser@v5.3.6...v5.3.7

Entity security and performance

  • Improve security and performance of entity processing
    • new options maxEntitySize, maxExpansionDepth, maxTotalExpansions, maxExpandedLength, allowedTags,tagFilter
    • fast return when no edtity is present
    • improvement replacement logic to reduce number of calls

Full Changelog: NaturalIntelligence/fast-xml-parser@v5.3.5...v5.3.6

v5.3.5

What's Changed

New Contributors

Full Changelog: NaturalIntelligence/fast-xml-parser@v5.3.4...v5.3.5

fix: handle HTML numeric and hex entities when out of range

No release notes provided.

bug fix and performance improvements

  • fix #775: transformTagName with allowBooleanAttributes adds an unnecessary attribute
  • Performance improvement for stopNodes (By Maciek Lamberski)
Changelog

Sourced from fast-xml-parser's changelog.

5.3.7 5.3.7 / 2026-02-20

5.3.6 / 2026-02-14

  • Improve security and performance of entity processing
    • new options maxEntitySize, maxExpansionDepth, maxTotalExpansions, maxExpandedLength, allowedTags,tagFilter
    • fast return when no edtity is present
    • improvement replacement logic to reduce number of calls

5.3.5 / 2026-02-08

  • fix: Escape regex char in entity name
  • update strnum to 2.1.2
  • add missing exports in CJS typings

5.3.4 / 2026-01-30

  • fix: handle HTML numeric and hex entities when out of range

5.3.3 / 2025-12-12

  • fix #775: transformTagName with allowBooleanAttributes adds an unnecessary attribute

5.3.2 / 2025-11-14

  • fix for import statement for v6

5.3.1 / 2025-11-03

5.3.0 / 2025-10-03

  • Use Uint8Array in place of Buffer in Parser

5.2.5 / 2025-06-08

  • Inform user to use fxp-cli instead of in-built CLI feature
  • Export typings for direct use

5.2.4 / 2025-06-06

  • fix (#747): fix EMPTY and ANY with ELEMENT in DOCTYPE

5.2.3 / 2025-05-11

  • fix (#747): support EMPTY and ANY with ELEMENT in DOCTYPE

5.2.2 / 2025-05-05

  • fix (#746): update strnum to fix parsing issues related to enotations

5.2.1 / 2025-04-22

  • fix: read DOCTYPE entity value correctly

... (truncated)

Commits

Updates @wp-playground/cli from 3.0.46 to 3.1.2

Changelog

Sourced from @​wp-playground/cli's changelog.

[v3.1.2] (2026-02-23)

Tools

  • [AI] Add Playground website debugging skill. (#3278)
  • [AI] Improve AGENTS.md configuration. (#3275)

Bug Fixes

  • Fix Node.js version for WP rebuilds which require JSPI. (#3294)

Various

  • Add streaming support for large file downloads (>2GB). (#3222)
  • Introduce token-based WP configuration transformer. (#3264)
  • Suppress Vite warning in dev env. (#3292)
  • [AI] Add Nx MCP plugin and workspace guidelines to AGENTS.md. (#3286)
  • [AI] Add path manipulation guidance to AGENTS.md. (#3291)

Contributors

The following contributors merged PRs in this release:

@​ashfame @​bgrgicak @​brandonpayton @​epeicher @​JanJakes

[v3.1.1] (2026-02-18)

Bug Fixes

  • [CLI] Eliminate duplicate Playground CLI Ready message. (#3288)

Contributors

The following contributors merged PRs in this release:

@​brandonpayton

[v3.1.0] (2026-02-18)

Bug Fixes

  • [CLI] Fix native file locking for Windows within same multi-threaded architecture. (#3150)

Contributors

The following contributors merged PRs in this release:

@​brandonpayton

... (truncated)

Commits
  • 4a2f890 v3.1.2
  • 5c1afa1 [AI] Add Nx MCP plugin and workspace guidelines to AGENTS.md (#3286)
  • d9cd846 Recompile WordPress major and beta versions
  • b896820 Fix Node.js version for WP rebuilds which require JSPI (#3294)
  • 9dd28b3 [AI] Add Playground website debugging skill (#3278)
  • 3ad0faa [AI] Add path manipulation guidance to AGENTS.md (#3291)
  • 61ac388 Suppress Vite warning in dev env (#3292)
  • 65fac16 Add streaming support for large file downloads (>2GB) (#3222)
  • 9bda928 Introduce token-based WP config transformer (#3264)
  • 5015ef9 [AI] Improve AGENTS.md configuration (#3275)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump fast-xml-parser and @wp-playground/cli
6d04774 
Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) and [@wp-playground/cli](https://github.com/WordPress/wordpress-playground). These dependencies needed to be updated together.

Updates `fast-xml-parser` from 5.3.0 to 5.3.7
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](NaturalIntelligence/fast-xml-parser@v5.3.0...v5.3.7)

Updates `@wp-playground/cli` from 3.0.46 to 3.1.2
- [Release notes](https://github.com/WordPress/wordpress-playground/releases)
- [Changelog](https://github.com/WordPress/wordpress-playground/blob/trunk/CHANGELOG.md)
- [Commits](WordPress/wordpress-playground@v3.0.46...v3.1.2)

---
updated-dependencies:
- dependency-name: fast-xml-parser
  dependency-version: 5.3.7
  dependency-type: indirect
- dependency-name: "@wp-playground/cli"
  dependency-version: 3.1.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 24, 2026
@dependabot dependabot bot mentioned this pull request Feb 24, 2026
Closed
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Feb 28, 2026

Superseded by #1194.

@dependabot dependabot bot closed this Feb 28, 2026
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/multi-318b1acb5a branch February 28, 2026 23:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants