build(deps): bump the npm-dependencies group across 1 directory with 4 updates by dependabot[bot] · Pull Request #560 · guacsec/trustify-da-javascript-client

dependabot · 2026-06-17T06:44:06Z

Bumps the npm-dependencies group with 4 updates in the / directory: @babel/core, fast-xml-parser, @types/node and eslint.

Updates @babel/core from 7.29.7 to 8.0.0

Release notes

Sourced from @babel/core's releases.

v8.0.0 (2026-06-16)

NOTE: The changelog below is relative to v8.0.0-rc.6. You can find a summary of all the breaking changes shipped in the Babel 8 release line in the migration guide for users and migration guide for plugin developers.

Read the release blog post at http://babeljs.io/blog/2026/06/16/8.0.0!

👓 Spec Compliance

babel-core

#18039 perf: Only extract source map comments at the end of the file (@liuxingbaoyu)

💥 Breaking Change

babel-cli, babel-node, babel-plugin-proposal-decorators, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-modules-commonjs, babel-plugin-transform-object-rest-spread, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-regenerator, babel-preset-env, babel-register

#18069 Fallback to assuming ESM support with modules: auto (@nicolo-ribaudo)

babel-plugin-transform-runtime, babel-runtime-corejs3, babel-runtime

#18036 Remove corejs exports for @babe/runtime-corejs3 (@liuxingbaoyu)

babel-parser

#18034 Remove locations: "packed" (@liuxingbaoyu)

🐛 Bug Fix

babel-generator

#18046 fix(generator): improve new callee parens check (@JLHwung)

babel-plugin-transform-modules-systemjs

#18032 fix(systemjs): support proto as an export name (@JLHwung)

📝 Documentation

#18070 Add EOL date for Babel 7 (end of June 2027) to SECURITY.md (@nicolo-ribaudo)

🏠 Internal

#18018 ci: enforce yarn integrity (@JLHwung)

🏃‍♀️ Performance

babel-core

#18039 perf: Only extract source map comments at the end of the file (@liuxingbaoyu)

Committers: 6

Babel Bot (@babel-bot)

Huáng Jùnliàng (@JLHwung)

James Garbutt (@43081j)

Nicolò Ribaudo (@nicolo-ribaudo)

Sandy Chen (@sandy2008)

@liuxingbaoyu

v8.0.0-rc.6 (2026-05-25)

Re-release all packages with npm provenance attestations

🐛 Bug Fix

babel-generator

#18011 Catchup source map position in preserveFormat (@nicolo-ribaudo)

babel-core

... (truncated)

Changelog

Sourced from @babel/core's changelog.

v8.0.0 (2026-06-16)

👓 Spec Compliance

babel-core

#18039 perf: Only extract source map comments at the end of the file (@liuxingbaoyu)

💥 Breaking Change

babel-cli, babel-node, babel-plugin-proposal-decorators, babel-plugin-transform-classes, babel-plugin-transform-function-name, babel-plugin-transform-modules-commonjs, babel-plugin-transform-object-rest-spread, babel-plugin-transform-parameters, babel-plugin-transform-react-constant-elements, babel-plugin-transform-regenerator, babel-preset-env, babel-register

#18069 Fallback to assuming ESM support with modules: auto (@nicolo-ribaudo)

babel-plugin-transform-runtime, babel-runtime-corejs3, babel-runtime

#18036 Remove corejs exports for @babe/runtime-corejs3 (@liuxingbaoyu)

babel-parser

#18034 Remove locations: "packed" (@liuxingbaoyu)

🐛 Bug Fix

babel-generator

#18046 fix(generator): improve new callee parens check (@JLHwung)

babel-plugin-transform-modules-systemjs

#18032 fix(systemjs): support proto as an export name (@JLHwung)

📝 Documentation

#18070 Add EOL date for Babel 7 (end of June 2027) to SECURITY.md (@nicolo-ribaudo)

🏠 Internal

#18018 ci: enforce yarn integrity (@JLHwung)

🏃‍♀️ Performance

babel-core

#18039 perf: Only extract source map comments at the end of the file (@liuxingbaoyu)

v8.0.0-rc.6 (2026-05-25)

🐛 Bug Fix

babel-generator

#18011 Catchup source map position in preserveFormat (@nicolo-ribaudo)

babel-core

#17999 fix: improve inputSourceMap URL handling (@JLHwung)

babel-core, babel-generator

#17992 Preserve original identifier names from input sourcemaps (@Andarist)

🏠 Internal

babel-core

#17970 Always use native Node.js TS support for config files (@nicolo-ribaudo)

babel-compat-data, babel-register

#17993 chore: use bundled dts for register and eslint-* (@JLHwung)

babel-helper-transform-fixture-test-runner, babel-node

#17989 Test Node.js 26 on CI (@nicolo-ribaudo)

babel-build-external-helpers, babel-cli, babel-generator, babel-helper-fixtures, babel-helper-plugin-test-runner, babel-helper-transform-fixture-test-runner, babel-node, babel-parser, babel-plugin-transform-modules-systemjs, babel-types

#18002 Add file URL support for test runners (@JLHwung)

🔬 Output optimization

... (truncated)

Commits

7dc825a v8.0.0
b71c35a perf: Only extract source map comments at the end of the file (#18039)
e74b70d chore: Remove unused file (#18033)
ae57969 chore: consolidate upwards traversal to empathic (#18030)
827d003 Change jest snapshotFormat (#18029)
34cf24e Update deps (#18023)
73bceef v8.0.0-rc.6
4493983 Always use native Node.js TS support for config files (#17970)
448aef3 Show source maps mappings as point-to-point (#18008)
c6d71f3 Enable strictFunctionTypes (#17946)
Additional commits viewable in compare view

Updates fast-xml-parser from 5.8.0 to 5.9.1

Release notes

Sourced from fast-xml-parser's releases.

v5.9.1

Full Changelog: NaturalIntelligence/fast-xml-parser@v5.9.0...v5.9.1

update strnum, use is-unsafe

update strnum to 2.3.0

you can set hex, binary, enotation, infinity, unicode

validate unsafe HTML or XML data in doctype entities unsing 'is-unsafe' library. User can override rules by overriding EntityDecoder.

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

Note: Due to some last quick changes on v4, detail of v4.5.3 & v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion

*5.9.1 / 2026-06-17

dummy release to test release from github action

*5.9.0 / 2026-06-15

update strnum to 2.3.0

you can set hex, binary, enotation, infinity, unicode

validate unsafe HTML or XML data in doctype entities unsing 'is-unsafe' library. User can override rules by overriding EntityDecoder.

*5.8.0 / 2026-05-12

integrate xml-naming to validate DOCTYPE entity name and notation name (using qname becaue of backward compatibility)

This will consider xml-version as well. '1.0' is default

update strnum to 2.3.0

You can set octal and binary parsing which is bydeault off

update fast-xml-builder to 1.2.0

can sanitize tag names if found invalid

fix format output

5.7.3 / 2006-05-05

fix: alwaysCreateTextNode should create text node when attributes are present for self closing node

fix stop node expression when ns prefix is removed (found by iruizsalinas)

update XML Builder to 1.1.7

mark addEntity deprecated

5.7.2 / 2026-04-25

allow numerical external entity for backward compatibility

fix #705: attributesGroupName working with preserveOrder

fix #817: stackoverflow when tag expression is very long

5.7.1 / 2026-04-20

fix typo in CJS typing file

5.7.0 / 2026-04-17

Use @nodable/entities v2.1.0

breaking changes

single entity scan. You're not allowed to user entity value to form another entity name.

you cant add numeric external entity

entity error message when expantion limit is crossed might change

typings are updated for new options related to process entity

please follow documentation of @nodable/entities for more detail.

performance

if processEntities is false, then there should not be impact on performance.

if processEntities is true, but you dont pass entity decoder separately then performance may degrade by approx 8-10%

if processEntities is true, and you pass entity decoder separately

if no entity then performance should be same as before

... (truncated)

Commits

d57e33b 5.9.1
3be603a testing release from Github
b6c41ea Add GitHub Actions workflow for npm publishing
43cc56d Revise CHANGELOG for upcoming version 5.9.0
d429d70 update for release
a8b3564 update docs
ca273dc update strnum to support unicode, discard unsafe doctype entities
f589251 add security warning to docs
ce1001c Update Node.js CI workflow to use latest actions
be6e9d9 remove prolog from demo page (#776)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for fast-xml-parser since your current version.

Updates @types/node from 25.9.2 to 25.9.3

Commits

See full diff in compare view

Updates eslint from 10.4.1 to 10.5.0

Release notes

Sourced from eslint's releases.

v10.5.0

Features

5ca8c52 feat: correct stack tracking in max-nested-callbacks (#20973) (Pixel998)

b565783 feat: report no-with violations at the with keyword (#20971) (Pixel998)

2ce032f feat: report max-lines-per-function violations at function head (#20966) (Pixel998)

732cb3e feat: report max-nested-callbacks violations at function head (#20967) (Pixel998)

f9c138a feat: report max-depth violations on keywords (#20943) (Pixel998)

bdb496c feat: correct max-depth handling for else-if chains (#20944) (Pixel998)

c296873 feat: update error loc in max-statements to function header (#20907) (Taejin Kim)

Documentation

8ae1b5b docs: Update README (GitHub Actions Bot)

ca7eb90 docs: update Node.js prerequisites to include ICU support (#20962) (Francesco Trotta)

f99b47a docs: Update README (GitHub Actions Bot)

acf03d4 docs: clarify precedence of parserOptions over languageOptions (#20926) (sethamus)

Chores

b18bf58 chore: update ecosystem plugins (#20959) (ESLint Bot)

c2d1444 refactor: replace areAllSegmentsUnreachable with !isAnySegmentReachable (#20951) (Taejin Kim)

243b8c5 chore: enhance config-rule to support oneOf, anyOf, and nested schemas (#20788) (kuldeep kumar)

217b2a9 test: add unit tests for ParserService (#20949) (Taejin Kim)

72003e7 test: add location information to error messages in max-statements (#20945) (lumir)

7797c26 refactor: deduplicate isAnySegmentReachable across rules (#20890) (Taejin Kim)

67c46fa chore: update ecosystem plugins (#20938) (ESLint Bot)

95d8c7a chore: update dependency @eslint/json to v2 (#20934) (renovate[bot])

cf9e496 chore: update @arethetypeswrong/cli to 0.18.3 (#20933) (Pixel998)

fb6d396 test: run type tests with TypeScript 7 (#20868) (sethamus)

Commits

de3b672 10.5.0
362a518 Build: changelog update for 10.5.0
5ca8c52 feat: correct stack tracking in max-nested-callbacks (#20973)
b565783 feat: report no-with violations at the with keyword (#20971)
2ce032f feat: report max-lines-per-function violations at function head (#20966)
732cb3e feat: report max-nested-callbacks violations at function head (#20967)
f9c138a feat: report max-depth violations on keywords (#20943)
8ae1b5b docs: Update README
ca7eb90 docs: update Node.js prerequisites to include ICU support (#20962)
b18bf58 chore: update ecosystem plugins (#20959)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…4 updates Bumps the npm-dependencies group with 4 updates in the / directory: [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core), [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser), [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) and [eslint](https://github.com/eslint/eslint). Updates `@babel/core` from 7.29.7 to 8.0.0 - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v8.0.0/packages/babel-core) Updates `fast-xml-parser` from 5.8.0 to 5.9.1 - [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases) - [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md) - [Commits](NaturalIntelligence/fast-xml-parser@v5.8.0...v5.9.1) Updates `@types/node` from 25.9.2 to 25.9.3 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `eslint` from 10.4.1 to 10.5.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v10.4.1...v10.5.0) --- updated-dependencies: - dependency-name: "@babel/core" dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: npm-dependencies - dependency-name: fast-xml-parser dependency-version: 5.9.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: npm-dependencies - dependency-name: "@types/node" dependency-version: 25.9.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm-dependencies - dependency-name: eslint dependency-version: 10.5.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: npm-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 17, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the npm-dependencies group across 1 directory with 4 updates#560

build(deps): bump the npm-dependencies group across 1 directory with 4 updates#560
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/npm-dependencies-64e852e6f2

dependabot Bot commented on behalf of github Jun 17, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Jun 17, 2026

v8.0.0 (2026-06-16)

👓 Spec Compliance

💥 Breaking Change

🐛 Bug Fix

📝 Documentation

🏠 Internal

🏃‍♀️ Performance

Committers: 6

v8.0.0-rc.6 (2026-05-25)

🐛 Bug Fix

v8.0.0 (2026-06-16)

👓 Spec Compliance

💥 Breaking Change

🐛 Bug Fix

📝 Documentation

🏠 Internal

🏃‍♀️ Performance

v8.0.0-rc.6 (2026-05-25)

🐛 Bug Fix

🏠 Internal

🔬 Output optimization

v5.9.1

update strnum, use is-unsafe

v10.5.0

Features

Documentation

Chores

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants