Skip to content

fix(lambda): bump fast-xml-builder from 1.1.4 to 1.2.0 in /lambdas#5117

Merged
npalm merged 1 commit into
mainfrom
dependabot/npm_and_yarn/lambdas/fast-xml-builder-1.2.0
Jun 10, 2026
Merged

fix(lambda): bump fast-xml-builder from 1.1.4 to 1.2.0 in /lambdas#5117
npalm merged 1 commit into
mainfrom
dependabot/npm_and_yarn/lambdas/fast-xml-builder-1.2.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 8, 2026

Copy link
Copy Markdown
Contributor

Bumps fast-xml-builder from 1.1.4 to 1.2.0.

Changelog

Sourced from fast-xml-builder's changelog.

1.2.0 (2026-05-08)

  • Add support for sanitizeName option
  • Support xml-naming for validating and sanitizing tag and attribute names

1.1.9 (2026-05-06)

  • fix: format output for preserve order when indent by is set to empty string

1.1.8 (2026-05-05)

  • fix: skip text property for PI tags
  • improve typings

1.1.7 (2026--05-04)

  • fix security issues when attribute value contains quotes

1.1.6 (2026--05-04)

  • fix security issues related to comment
  • skip comment with null value

1.1.5 (2026-04-17)

  • fix security issues related to comment and cdata

1.1.4 (2026-03-16)

  • support maxNestedTags option

1.1.3 (2026-03-13)

  • declare Matcher & Expression as unknown so user is not forced to install path-expression-matcher

1.1.2 (2026-03-11)

  • fix typings

1.1.1 (2026-03-11)

  • upgrade path-expression-matcher to 1.1.3

1.1.0 (2026-03-10)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [fast-xml-builder](https://github.com/NaturalIntelligence/fast-xml-builder) from 1.1.4 to 1.2.0.
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-builder/blob/main/CHANGELOG.md)
- [Commits](NaturalIntelligence/fast-xml-builder@v1.1.4...v1.2.0)

---
updated-dependencies:
- dependency-name: fast-xml-builder
  dependency-version: 1.2.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 8, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 8, 2026 20:48
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 8, 2026
@github-actions

github-actions Bot commented May 8, 2026

Copy link
Copy Markdown
Contributor

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 2 package(s) with unknown licenses.
See the Details below.

License Issues

lambdas/yarn.lock

PackageVersionLicenseIssue Type
fast-xml-builder1.2.0NullUnknown License
xml-naming0.1.0NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
npm/fast-xml-builder 1.2.0 UnknownUnknown
npm/path-expression-matcher 1.5.0 UnknownUnknown
npm/xml-naming 0.1.0 UnknownUnknown

Scanned Files

  • lambdas/yarn.lock

@npalm npalm merged commit ab5eda4 into main Jun 10, 2026
8 checks passed
@npalm npalm deleted the dependabot/npm_and_yarn/lambdas/fast-xml-builder-1.2.0 branch June 10, 2026 05:54
npalm pushed a commit that referenced this pull request Jun 10, 2026
🤖 I have created a release *beep* *boop*
---


##
[7.6.1](v7.6.0...v7.6.1)
(2026-06-10)


### Bug Fixes

* **lambda:** bump @babel/plugin-transform-modules-systemjs from 7.23.9
to 7.29.4 in /lambdas
([#5119](#5119))
([b57166a](b57166a))
* **lambda:** bump axios from 1.12.2 to 1.17.0 in /lambdas
([#5149](#5149))
([e9e888e](e9e888e))
* **lambda:** bump axios from 1.13.5 to 1.16.0 in /lambdas
([#5144](#5144))
([8b3002a](8b3002a))
* **lambda:** bump fast-uri from 3.0.6 to 3.1.2 in /lambdas
([#5118](#5118))
([6111418](6111418))
* **lambda:** bump fast-xml-builder from 1.1.4 to 1.2.0 in /lambdas
([#5117](#5117))
([ab5eda4](ab5eda4))
* **lambda:** bump lodash-es from 4.17.23 to 4.18.1 in /lambdas
([#5090](#5090))
([b47bd2a](b47bd2a))
* **lambda:** bump postcss from 8.5.6 to 8.5.15 in /lambdas
([#5147](#5147))
([cb099e5](cb099e5))
* **lambda:** bump qs from 6.14.2 to 6.15.2 in /lambdas
([#5127](#5127))
([753f7fb](753f7fb))
* **lambda:** bump tmp from 0.2.4 to 0.2.7 in /lambdas
([#5138](#5138))
([3507ca9](3507ca9))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: runners-releaser[bot] <194412594+runners-releaser[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant