Skip to content

Commit 39873ba

Browse files
antonisclaude
andauthored
chore(deps): bump fast-xml-parser to ^5.5.7 (#5854)
Fixes Dependabot alerts for entity expansion bypass vulnerabilities. https://github.com/getsentry/sentry-react-native/security/dependabot/454 https://github.com/getsentry/sentry-react-native/security/dependabot/456 Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
1 parent 2745f26 commit 39873ba

File tree

2 files changed

+25
-15
lines changed

2 files changed

+25
-15
lines changed

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -122,7 +122,7 @@
122122
"@sentry-internal/eslint-config-sdk@npm:10.45.0/@typescript-eslint/parser": "^8.0.0",
123123
"eslint-plugin-ft-flow": "^3.0.0",
124124
"axios": "^1.13.5",
125-
"fast-xml-parser": "^5.3.6",
125+
"fast-xml-parser": "^5.5.7",
126126
"form-data": "4.0.5",
127127
"qs": "^6.14.2",
128128
"lodash": "^4.17.23",

yarn.lock

Lines changed: 24 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -20292,22 +20292,25 @@ __metadata:
2029220292
languageName: node
2029320293
linkType: hard
2029420294

20295-
"fast-xml-builder@npm:^1.0.0":
20296-
version: 1.0.0
20297-
resolution: "fast-xml-builder@npm:1.0.0"
20298-
checksum: d6fb6d860ebb67c0dbec4c91a5cde3bf3e4cc40407db249539fe0d4e98e5c1bc09b3d45e5cbc412aaee8dd16605467f8c054c104fbccba23cf78ec15ff8767ab
20295+
"fast-xml-builder@npm:^1.1.4":
20296+
version: 1.1.4
20297+
resolution: "fast-xml-builder@npm:1.1.4"
20298+
dependencies:
20299+
path-expression-matcher: ^1.1.3
20300+
checksum: 90b019ed6f52cb30342a58d4bf8726a7723b4110cb9c0fd3fa2031e87506e8b18740fd349472926c9e2925d22ca6637b6d46a20eda537473cf63366970db4d7b
2029920301
languageName: node
2030020302
linkType: hard
2030120303

20302-
"fast-xml-parser@npm:^5.3.6":
20303-
version: 5.4.1
20304-
resolution: "fast-xml-parser@npm:5.4.1"
20304+
"fast-xml-parser@npm:^5.5.7":
20305+
version: 5.5.8
20306+
resolution: "fast-xml-parser@npm:5.5.8"
2030520307
dependencies:
20306-
fast-xml-builder: ^1.0.0
20307-
strnum: ^2.1.2
20308+
fast-xml-builder: ^1.1.4
20309+
path-expression-matcher: ^1.2.0
20310+
strnum: ^2.2.0
2030820311
bin:
2030920312
fxparser: src/cli/cli.js
20310-
checksum: 98b8d2f208dea6be10740509e4ef59dc175584cfb29cb3f82849f0a79645ccaf40916589533029c30b4b47a78e744e8fc08ff468f214a231f450e51f0d8d32c6
20313+
checksum: 58261aaaeb355a325dc1b27ae28e6f8da55e9f8e0560dd752c8a39a4adbaebe560cbbfe924efb44ebf991dbdff76ae6f80a4900d1d03fd720509cb323263bf13
2031120314
languageName: node
2031220315
linkType: hard
2031320316

@@ -28660,6 +28663,13 @@ __metadata:
2866028663
languageName: node
2866128664
linkType: hard
2866228665

28666+
"path-expression-matcher@npm:^1.1.3, path-expression-matcher@npm:^1.2.0":
28667+
version: 1.2.0
28668+
resolution: "path-expression-matcher@npm:1.2.0"
28669+
checksum: 2811aab3269c288893aef09e5127124d3c434bfc7e1352fea6b7dd81ed20260001b072ff60bdcaaa393d50a4333725290dbad47bb612d95f5448e499b4ac887f
28670+
languageName: node
28671+
linkType: hard
28672+
2866328673
"path-is-absolute@npm:^1.0.0":
2866428674
version: 1.0.1
2866528675
resolution: "path-is-absolute@npm:1.0.1"
@@ -33000,10 +33010,10 @@ __metadata:
3300033010
languageName: node
3300133011
linkType: hard
3300233012

33003-
"strnum@npm:^2.1.2":
33004-
version: 2.1.2
33005-
resolution: "strnum@npm:2.1.2"
33006-
checksum: 755e8327ee68201d700169ceee097ea52da7b675f4521442a8dbd1517021f89a91399213c446d1bf3d1123ca1896a76f0ff076d04c88ffe6056e78828ce6f60a
33013+
"strnum@npm:^2.2.0":
33014+
version: 2.2.1
33015+
resolution: "strnum@npm:2.2.1"
33016+
checksum: 23173b1b849859b9aca0288dde36d16095b07d81995de2e2fe29ae070f2e7b4933049f2e211ba03e48152a9281108ba7d4db826a3878f099bff52a3b81f5e273
3300733017
languageName: node
3300833018
linkType: hard
3300933019

0 commit comments

Comments
 (0)