chore(deps): bump the minor-and-patch group with 7 updates by dependabot[bot] · Pull Request #16 · iLevyTate/StratoSortCore

dependabot · 2026-02-16T03:20:44Z

Bumps the minor-and-patch group with 7 updates:

Package	From	To
fast-xml-parser	`5.3.5`	`5.3.6`
lucide-react	`0.563.0`	`0.564.0`
react-window	`2.2.6`	`2.2.7`
electron	`40.4.0`	`40.4.1`
eslint-plugin-jest	`29.14.0`	`29.15.0`
postcss-loader	`8.2.0`	`8.2.1`
rimraf	`6.1.2`	`6.1.3`

Updates fast-xml-parser from 5.3.5 to 5.3.6

Release notes

Sourced from fast-xml-parser's releases.

Entity security and performance

Improve security and performance of entity processing

new options maxEntitySize, maxExpansionDepth, maxTotalExpansions, maxExpandedLength, allowedTags,tagFilter

fast return when no edtity is present

improvement replacement logic to reduce number of calls

Full Changelog: NaturalIntelligence/fast-xml-parser@v5.3.5...v5.3.6

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

5.3.6 / 2026-02-14

Improve security and performance of entity processing

new options maxEntitySize, maxExpansionDepth, maxTotalExpansions, maxExpandedLength, allowedTags,tagFilter

fast return when no edtity is present

improvement replacement logic to reduce number of calls

5.3.5 / 2026-02-08

fix: Escape regex char in entity name

update strnum to 2.1.2

add missing exports in CJS typings

5.3.4 / 2026-01-30

fix: handle HTML numeric and hex entities when out of range

5.3.3 / 2025-12-12

fix #775: transformTagName with allowBooleanAttributes adds an unnecessary attribute

5.3.2 / 2025-11-14

fix for import statement for v6

5.3.1 / 2025-11-03

Performance improvement for stopNodes (By Maciek Lamberski)

5.3.0 / 2025-10-03

Use Uint8Array in place of Buffer in Parser

5.2.5 / 2025-06-08

Inform user to use fxp-cli instead of in-built CLI feature

Export typings for direct use

5.2.4 / 2025-06-06

fix (#747): fix EMPTY and ANY with ELEMENT in DOCTYPE

5.2.3 / 2025-05-11

fix (#747): support EMPTY and ANY with ELEMENT in DOCTYPE

5.2.2 / 2025-05-05

fix (#746): update strnum to fix parsing issues related to enotations

5.2.1 / 2025-04-22

fix: read DOCTYPE entity value correctly

read DOCTYPE NOTATION, ELEMENT exp but not using read values

5.2.0 / 2025-04-03

... (truncated)

Commits

ecb2ca1 update release info
910dae5 fix entities performance & security issues
See full diff in compare view

Updates lucide-react from 0.563.0 to 0.564.0

Release notes

Sourced from lucide-react's releases.

Version 0.564.0

What's Changed

chore(docs): Improve SEO icon detail pages by @ericfennis in lucide-icons/lucide#4040

feat(icons): added database-search icon by @Spleefies in lucide-icons/lucide#4003

fix(icons): changed user-lock icon by @jguddas in lucide-icons/lucide#3971

fix(icons): changed bug-off icon by @jguddas in lucide-icons/lucide#3972

fix(icons): changed bell-dot icon by @jguddas in lucide-icons/lucide#3973

fix(icons): changed bandage icon by @jguddas in lucide-icons/lucide#3967

fix(icons): changed hard-drive icon by @jguddas in lucide-icons/lucide#3622

fix(icons): changed git-branch icon by @jguddas in lucide-icons/lucide#3938

fix(icons): changed file-cog icon by @jguddas in lucide-icons/lucide#3965

fix(icons): changed cloud-alert and cloud-check icon by @jguddas in lucide-icons/lucide#3976

feat(icons): adds user-key and user-round-key, updates other -key icons to match by @karsa-mistmere in lucide-icons/lucide#4044

New Contributors

@Spleefies made their first contribution in lucide-icons/lucide#4003

Full Changelog: lucide-icons/lucide@0.563.1...0.564.0

Hotfix @lucide/svelte hasA11yProp.js import

What's Changed

fix(@lucide/svelte): Fix build in by @ericfennis in lucide-icons/lucide#4026

Full Changelog: lucide-icons/lucide@0.563.0...0.563.1

Commits

See full diff in compare view

Updates react-window from 2.2.6 to 2.2.7

Release notes

Sourced from react-window's releases.

2.2.7

Fixed a problem with project logo not displaying correctly in the README for the Firefox browser.

Changelog

Sourced from react-window's changelog.

2.2.7

Fixed a problem with project logo not displaying correctly in the README for the Firefox browser.

Commits

b7e8457 2.2.6 -> 2.2.7
dc23245 Fixed a problem with project logo not displaying correctly in the README for ...
0138b13 Tweaked how-it-works graphic style
See full diff in compare view

Updates electron from 40.4.0 to 40.4.1

Release notes

Sourced from electron's releases.

electron v40.4.1

Release Notes for v40.4.1

Other Changes

Backported fix for 483569511. #49790

Updated Chromium to 144.0.7559.173. #49766

Commits

201be32 chore: cherry-pick e045399a1ecb from chromium (#49790)
11f60f3 ci: add markdownlint problem matcher (#49764)
530c16a chore: bump chromium to 144.0.7559.173 (40-x-y) (#49766)
e0a61a5 build: generate artifact attestions for released assets (#49767)
See full diff in compare view

Updates eslint-plugin-jest from 29.14.0 to 29.15.0

Release notes

Sourced from eslint-plugin-jest's releases.

v29.15.0

29.15.0 (2026-02-15)

Features

no-conditional-in-test: only report optional chaining when allowOptionalChaining is false (#1934) (3f5751e)

Changelog

Sourced from eslint-plugin-jest's changelog.

29.15.0 (2026-02-15)

Features

no-conditional-in-test: only report optional chaining when allowOptionalChaining is false (#1934) (3f5751e)

Commits

258b560 chore(release): 29.15.0 [skip ci]
3f5751e feat(no-conditional-in-test): only report optional chaining when `allowOption...
See full diff in compare view

Updates postcss-loader from 8.2.0 to 8.2.1

Release notes

Sourced from postcss-loader's releases.

v8.2.1

8.2.1 (2026-02-15)

Bug Fixes

update peer dependency for @rspack/core v2 (#717) (a3ed7e2)

Changelog

Sourced from postcss-loader's changelog.

8.2.1 (2026-02-15)

Bug Fixes

update peer dependency for @rspack/core v2 (#717) (a3ed7e2)

Commits

583677e chore(release): 8.2.1
a3ed7e2 fix: update peer dependency for @rspack/core v2 (#717)
c984ff4 test: fix (#715)
cc01d2b ci: fix
d4faa34 docs: update contributing
b1e4fa5 chore: correct link (#713)
d990168 chore: migration to main org and branch (#712)
See full diff in compare view

Updates rimraf from 6.1.2 to 6.1.3

Commits

f738c78 6.1.3
a164a85 update deps
4635ba7 update deps
509c53f limit ci workflow permissions
68ce04f formatting
37680c5 add warning to not pass untrusted input to this method ever
786563d remove contributing doc, already covered by .github repo
dbeef73 contributing
84d27af update workflows and standard project junk
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the minor-and-patch group with 7 updates: | Package | From | To | | --- | --- | --- | | [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) | `5.3.5` | `5.3.6` | | [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.563.0` | `0.564.0` | | [react-window](https://github.com/bvaughn/react-window) | `2.2.6` | `2.2.7` | | [electron](https://github.com/electron/electron) | `40.4.0` | `40.4.1` | | [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) | `29.14.0` | `29.15.0` | | [postcss-loader](https://github.com/webpack/postcss-loader) | `8.2.0` | `8.2.1` | | [rimraf](https://github.com/isaacs/rimraf) | `6.1.2` | `6.1.3` | Updates `fast-xml-parser` from 5.3.5 to 5.3.6 - [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases) - [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md) - [Commits](NaturalIntelligence/fast-xml-parser@v5.3.5...v5.3.6) Updates `lucide-react` from 0.563.0 to 0.564.0 - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/0.564.0/packages/lucide-react) Updates `react-window` from 2.2.6 to 2.2.7 - [Release notes](https://github.com/bvaughn/react-window/releases) - [Changelog](https://github.com/bvaughn/react-window/blob/main/CHANGELOG.md) - [Commits](bvaughn/react-window@2.2.6...2.2.7) Updates `electron` from 40.4.0 to 40.4.1 - [Release notes](https://github.com/electron/electron/releases) - [Commits](electron/electron@v40.4.0...v40.4.1) Updates `eslint-plugin-jest` from 29.14.0 to 29.15.0 - [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases) - [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md) - [Commits](jest-community/eslint-plugin-jest@v29.14.0...v29.15.0) Updates `postcss-loader` from 8.2.0 to 8.2.1 - [Release notes](https://github.com/webpack/postcss-loader/releases) - [Changelog](https://github.com/webpack/postcss-loader/blob/main/CHANGELOG.md) - [Commits](webpack/postcss-loader@v8.2.0...v8.2.1) Updates `rimraf` from 6.1.2 to 6.1.3 - [Changelog](https://github.com/isaacs/rimraf/blob/main/CHANGELOG.md) - [Commits](isaacs/rimraf@v6.1.2...v6.1.3) --- updated-dependencies: - dependency-name: fast-xml-parser dependency-version: 5.3.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: lucide-react dependency-version: 0.564.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: react-window dependency-version: 2.2.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: electron dependency-version: 40.4.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: eslint-plugin-jest dependency-version: 29.15.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: postcss-loader dependency-version: 8.2.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: rimraf dependency-version: 6.1.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: minor-and-patch ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-02-16T03:20:44Z

Labels

The following labels could not be found: automerge, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

github-actions bot merged commit ea077b8 into main Feb 16, 2026
2 checks passed

dependabot bot deleted the dependabot/npm_and_yarn/minor-and-patch-da5fe7b24c branch February 16, 2026 03:21

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the minor-and-patch group with 7 updates#16

chore(deps): bump the minor-and-patch group with 7 updates#16
github-actions[bot] merged 1 commit intomainfrom
dependabot/npm_and_yarn/minor-and-patch-da5fe7b24c

dependabot bot commented on behalf of github Feb 16, 2026

Uh oh!

dependabot bot commented on behalf of github Feb 16, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Feb 16, 2026

Entity security and performance

Version 0.564.0

What's Changed

New Contributors

Hotfix @lucide/svelte hasA11yProp.js import

What's Changed

2.2.7

2.2.7

electron v40.4.1

Release Notes for v40.4.1

Other Changes

v29.15.0

29.15.0 (2026-02-15)

Features

29.15.0 (2026-02-15)

Features

v8.2.1

8.2.1 (2026-02-15)

Bug Fixes

8.2.1 (2026-02-15)

Bug Fixes

Uh oh!

dependabot bot commented on behalf of github Feb 16, 2026

Labels

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Hotfix `@lucide/svelte` hasA11yProp.js import