Skip to content

chore(deps): bump fast-xml-parser from 4.3.4 to 4.4.0#3092

Merged
dependabot[bot] merged 1 commit into
masterfrom
dependabot/npm_and_yarn/fast-xml-parser-4.4.0
May 22, 2024
Merged

chore(deps): bump fast-xml-parser from 4.3.4 to 4.4.0#3092
dependabot[bot] merged 1 commit into
masterfrom
dependabot/npm_and_yarn/fast-xml-parser-4.4.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 20, 2024

Copy link
Copy Markdown
Contributor

Bumps fast-xml-parser from 4.3.4 to 4.4.0.

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

4.4.0 / 2024-05-18

  • fix #654: parse attribute list correctly for self closing stop node.
  • fix: validator bug when closing tag is not opened. (#647) (By Ryosuke Fukatani)
  • fix #581: typings; return type of tagValueProcessor & attributeValueProcessor (#582) (By monholm)

4.3.6 / 2024-03-16

4.3.5 / 2024-02-24

  • code for v5 is added for experimental use

4.3.4 / 2024-01-10

  • fix: Don't escape entities in CDATA sections (#633) (By wackbyte)

4.3.3 / 2024-01-10

  • Remove unnecessary regex

4.3.2 / 2023-10-02

4.3.1 / 2023-09-24

  • revert back "Fix typings for builder and parser to make return type generic" to avoid failure of existing projects. Need to decide a common approach.

4.3.0 / 2023-09-20

4.2.7 / 2023-07-30

  • Fix: builder should set text node correctly when only textnode is present (#589) (By qianqing)
  • Fix: Fix for null and undefined attributes when building xml (#585) (#598). A null or undefined value should be ignored. (By Eugenio Ceschia)

4.2.6 / 2023-07-17

4.2.5 / 2023-06-22

  • change code implementation

4.2.4 / 2023-06-06

  • fix security bug

4.2.3 / 2023-06-05

  • fix security bug

4.2.2 / 2023-04-18

  • fix #562: fix unpaired tag when it comes in last of a nested tag. Also throw error when unpaired tag is used as closing tag

4.2.1 / 2023-04-18

... (truncated)

Commits
  • 96f7501 update package detail
  • 151b8f4 fix #654: parse attribute list correctly for self closing stop node
  • 1a384a5 Run PR tests on node 16
  • 2ae1f62 fix: return type for tagValueProcessor & attributeValueProcessor (#582)
  • 9118736 docs: fix typos in v5 document fast-xml-parse (#650)
  • a96b968 fix: validator bag when closing tag is not opened. (#647)
  • 3ab1b3b update pcakge detail
  • 4c26aaa fix v5 options, add docs
  • 391f24f Add support for parsing HTML numeric entities (#645)
  • 072b2b0 update dev dependencies
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot Bot added dependencies Pull requests that update a dependency (dev or runtime) javascript Pull requests that update Javascript code skip-changelog Do not include in Changelog and Release Notes labels May 20, 2024
@dependabot dependabot Bot requested review from a team, csouchet, oanesini and tbouffard and removed request for a team May 20, 2024 00:26
@dependabot dependabot Bot requested a review from assynour May 20, 2024 00:26
@tbouffard

Copy link
Copy Markdown
Member

Converted to draft.

fast-xml-parser v4 now includes classes of the upcoming v5. As it is a CommonJS package, we have to check the impact on the size of the IIFE bundle
This is because the rollup plugin is generally not able to tree-shake CommonJS code and then include the whole content of the package in the bundle

@tbouffard tbouffard removed the skip-changelog Do not include in Changelog and Release Notes label May 20, 2024
@tbouffard tbouffard marked this pull request as draft May 21, 2024 10:26
@tbouffard

tbouffard commented May 21, 2024

Copy link
Copy Markdown
Member

Comparing the size of bundles in the npm package

bundle master PR diff
bpmn-visualization.js 1677238 1677981 +743
bpmn-visualization.min.js 988403 988814 +411

@tbouffard tbouffard left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✔️ All checks pass
✔️ Changelog and release-notes reviewed. Nothing impactful for us.
✔️ It seems there is no impact of the f-x-p v5 code in the IIFE bundles. The v5 code is not exported in the main entry point (https://github.com/NaturalIntelligence/fast-xml-parser/blob/v4.4.0/src/fxp.js), so the v5 seems not included within the bundles.

@tbouffard tbouffard marked this pull request as ready for review May 22, 2024 04:48
@tbouffard

Copy link
Copy Markdown
Member

@dependabot squash and merge

@dependabot dependabot Bot merged commit 1434848 into master May 22, 2024
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/fast-xml-parser-4.4.0 branch May 22, 2024 04:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency (dev or runtime) javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant