[Snyk] Upgrade xml2js from 0.5.0 to 0.6.2 #1340

New Issue

MrUnknownDE · 2026-04-05T16:27:01+02:00

MrUnknownDE commented

2026-04-05 16:27:01 +02:00

Originally created by @simlarsen on 12/5/2023

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade xml2js from 0.5.0 to 0.6.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 3 versions ahead of your current version.
The recommended version was released 4 months ago, on 2023-07-26.

Release notes

Package name: xml2js

0.6.2 - 2023-07-26
New release, 0.6.2
0.6.1 - 2023-07-25
Update version number for release 0.6.1
0.6.0 - 2023-05-25
Release new version
0.5.0 - 2023-04-09
Update package.json with latest PR

from xml2js GitHub release notes

Commit messages

Package name: xml2js

cf3e061 New release, 0.6.2
cb2f77e Fix read-only constraint via mistyped key name
8e9a120 Update version number for release 0.6.1
30f9d61 Replace filtering of names with `defineProperty`
ba46e54 Update package lock
0e29f0e Release new version
a25035c Remove old unused files
1de4688 Merge pull request #680 from Leonidas-from-XIV/zap-dependency-fix
3b97ae5 Merge pull request #681 from Leonidas-from-XIV/cve-compat-fix
167a385 Fix zap to be the original dependency
5f6620f Compile changed coffeescript code
044cfe5 Undo API changes from #603
7292aa9 fix: include missed key check
4c8ec89 fix: revert incorrectly adapted code
ad3a297 refactor: extract function for key check
d486007 fix: explicitly ignore vulnerable properties
246252a chore: revert previous CVE fix
b856cb8 Add upper bound for coffeescript (for now)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

*Originally created by @simlarsen on 12/5/2023* This PR was automatically created by Snyk using the credentials of a real user. <h3>Snyk has created this PR to upgrade xml2js from 0.5.0 to 0.6.2.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/> - The recommended version is **3 versions** ahead of your current version. - The recommended version was released **4 months ago**, on 2023-07-26. <details> <summary>Release notes</summary> <details> <summary>Package name: xml2js</summary> <ul> <li> 0.6.2 - <a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/releases/tag/0.6.2">2023-07-26</a>New release, 0.6.2 </li> <li> 0.6.1 - <a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/releases/tag/0.6.1">2023-07-25</a>Update version number for release 0.6.1 </li> <li> 0.6.0 - <a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/releases/tag/0.6.0">2023-05-25</a>Release new version </li> <li> 0.5.0 - <a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/releases/tag/0.5.0">2023-04-09</a>Update package.json with latest PR </li> </ul> from <a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/releases">xml2js GitHub release notes</a> </details> </details> <details> <summary>Commit messages</summary> <details> <summary>Package name: xml2js</summary> <ul> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/cf3e061e22e98152b88068c2345bc02581f4d6c7">cf3e061</a> New release, 0.6.2</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/cb2f77e25c1999fdce952e127d9bed6d87786bb8">cb2f77e</a> Fix read-only constraint via mistyped key name</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/8e9a1209235406fe10cf96f4d458ce46c94bf412">8e9a120</a> Update version number for release 0.6.1</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/30f9d61d6fcf42a4361539a81037a3b5bbf2373c">30f9d61</a> Replace filtering of names with `defineProperty`</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/ba46e543a494eb72eabc8161db135467c4f5394f">ba46e54</a> Update package lock</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/0e29f0eb0dfc8307e83b1f41e32bb63940fdaf4e">0e29f0e</a> Release new version</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/a25035c87dfe3ffe5214cefa33e69ebb15b601b3">a25035c</a> Remove old unused files</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/1de4688e762061cdbd5b3e108819aea5c1aaf560">1de4688</a> Merge pull request #680 from Leonidas-from-XIV/zap-dependency-fix</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/3b97ae5494dbfb7bb62486582f0f9ca4b94e3b7f">3b97ae5</a> Merge pull request #681 from Leonidas-from-XIV/cve-compat-fix</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/167a38582024d38ab4794698645b45ede43eb79f">167a385</a> Fix zap to be the original dependency</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/5f6620fe211261ffaace9883c210148ecb4821f7">5f6620f</a> Compile changed coffeescript code</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/044cfe5d2a988845d01579dab33081c8aad7ac3e">044cfe5</a> Undo API changes from #603</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/7292aa92d901fc18468cb04100f8e2b1c49c412e">7292aa9</a> fix: include missed key check</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/4c8ec89859ac14a6c5d31adccfb4747ba074112b">4c8ec89</a> fix: revert incorrectly adapted code</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/ad3a29729658528b14c6dc42c260b52b8c76d990">ad3a297</a> refactor: extract function for key check</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/d486007a688bf10fa5a2ae72eed1e29b4b01a76a">d486007</a> fix: explicitly ignore vulnerable properties</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/246252ae01e2261098873723beeab88afc02bb29">246252a</a> chore: revert previous CVE fix</li> <li><a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/commit/b856cb8e419f6e2f569331d6192834be16410833">b856cb8</a> Add upper bound for coffeescript (for now)</li> </ul> <a href="https://snyk.io/redirect/github/Leonidas-from-XIV/node-xml2js/compare/bd0f7809a2a5d5e7ff7f8088154f25782857a46d...cf3e061e22e98152b88068c2345bc02581f4d6c7">Compare</a> </details> </details> <hr/> **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJkNWNhODFjNC03MzkxLTQxNzAtODM1My01MDJlYzFhODMxMzciLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImQ1Y2E4MWM0LTczOTEtNDE3MC04MzUzLTUwMmVjMWE4MzEzNyJ9fQ==" width="0" height="0"/> 🧐 [View latest project report](https://app.snyk.io/org/oneuptime-RsC2nshvQ2Vnr35jHvMnMP/project/274dd1b5-2589-4279-bb73-2a2367ad9639?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/oneuptime-RsC2nshvQ2Vnr35jHvMnMP/project/274dd1b5-2589-4279-bb73-2a2367ad9639/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/oneuptime-RsC2nshvQ2Vnr35jHvMnMP/project/274dd1b5-2589-4279-bb73-2a2367ad9639/settings/integration?pkg=xml2js&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)

MrUnknownDE closed this issue

2026-04-05 16:27:01 +02:00

Sign in to join this conversation.

Branches Tags

master

release

snyk-fix-0aa85871afc5c8eee83a20407bd9e063

new-dash

probe-runner

better-logs

merge-ui

api-ref-refactor

safe-vm

tf-demo

dash-chunk

mult-slack

episode-resolve

feat/homepage-seo-v2

seo/compare-pages-homepage-optimize

tf-sets

vite-build

alert-grouping-product

oneuptime-fix-exception-5f43cb12

deprecate-telemetry-service

oneuptime-fix-exception-b77cfaf1

workflow-ui-update

chore/bump-version-9.2.5-1764859493

chore/bump-version-9.2.5-1764857051

state-change

postmortem

chore/bump-version-9.1.3-1764685359

pricing-compare

use-cases

dashboard-logs

incident-declared-at

agent-lib

scim-patch-fix

files-notes

dropdown-labels

revoke-token

refresh-sessions

oneuptime-ssl

telemetry-attr

nativewind

oneuptime-mobile-app

timepkr

cert-kube

new-log-ui

ms-temas-bot

span-improve

teams-integration

cert-manager

final-ms-teams

new-markdown

scim-update

probe-proxy-impl

probe-proxy-url

fb-whatsapp

whatsapp-integration

ms-teams-conn

copilot-plus

vs-code-copilot

ms-teams

server-bucket-size

sp-scim

scim

probe-queue

queue-work

keda-autoscaler

otel-keda

telemetry-queue

otel-queue

mobile-responsive

add-state-to-title

file-tf

snyk-fix-21d325191a83f6e495f02680309be6df

new-terraform-provider

tf-provider

msp-server

announcement-templates

optmize-esbuild

ms-teams-workspace-integration

run-as-non-root

fix/team-member-service-test-error

feature/msteams-integration-backend

optmize-dash

split-dashboard

feature/responsive-navbar

feat/mobile-responsive-sidemenu

mobile-navbar

mobile-ui

fix-recurring-events

fix-monitor-test

snyk-fix-6d5b446d98eb30ad7cc48664f26e8dd3

snyk-fix-5f2a25c13d925a6df331a8db1b4b6bc3

snyk-fix-82cf608c1e34aadeec1e40be2dd7692c

snyk-fix-28fb72b74f8e210b21994c9d4a749db4

snyk-fix-9dd32ce4170d36a0032a14eca7bcc974

snyk-fix-33cfbfb6119028a909c55ae0b6f42134

snyk-fix-0d6c626395070c0bf0647893fd4ad82c

telemetry-decorator

snyk-fix-9dcd00f3db77cda7a8a956ad4c744638

snyk-fix-39e89b36dc9e401d2beb27cf134cb8f8

manual-workflow

sp-api

snyk-fix-476babcac00c78674ae2231bc91de4f0

snyk-fix-aba76b601f35a212295c529b373457fa

slack-app

otel-collector-queue-size

scheduled-maintenance-feed

add-proxy-to-server-monitor

snyk-fix-129563dbc737d32bc6bb8e3311b8bb86

metrics-monitor

snyk-fix-b3faaf7e1b0131c254a19d461fdfa12f

snyk-fix-49a541156a8e299f9158ecc2e1ce3e4e

snyk-fix-6fed1c2110e88e596893df3351740515

snyk-fix-7f3c8e70773dfe11ea8caed8e34b2573

snyk-fix-2643b617b033d0cbf19291b6ad7776a4

snyk-fix-1219e1241120fcf13feb7bc0b54e18e3

merge-monitor-metrics

dashboarding

oneuptime-copilot-oneuptime-copilot-improve-comments-ZlPvy

oneuptime-copilot-oneuptime-copilot-improve-comments-vThJD

oneuptime-copilot-oneuptime-copilot-improve-comments-veTFM

snyk-fix-1230088cdc5e6714c07c4043881095db

sp-custom-cert

realtime

snyk-fix-2267fc7afa5dd1aadc03bda66d835a26

snyk-fix-82eb97bf3553f75fcdec629b2375d091

snyk-fix-0ff1eeedd26324c34c4b6446c78d93ab

snyk-fix-7a5cb77d5e30b278d6086cc6ec7563dd

snyk-fix-80a68103cb676782e141f18725deae71

oneuptime-copilot-oneuptime-copilot-add-spans-Dcefh

oneuptime-copilot-oneuptime-copilot-improve-comments-YRJKG

oneuptime-copilot-oneuptime-copilot-improve-comments-PBqVE

snyk-fix-6390d5be9d2dcbe507da6d19b87bb581

oneuptime-copilot-oneuptime-copilot-improve-comments-dnfTZ

copilot-main

error-tracking

snyk-fix-616369b0f1423d8113422a2b0ea1798a

snyk-fix-ecde2433ac879fc83fcb7fbaef849ca2

snyk-fix-1436684cb4b974b4b38ec0de7c27678b

snyk-fix-929b1416ccb03655ff400075fc126a5d

merge-dir

snyk-upgrade-bc55cc4a3bed3c919d5253c5ccb89569

oneuptime-copilot-oneuptime-copilot-improve-comments-NXaNT

oneuptime-copilot-oneuptime-copilot-improve-comments-MhFUX

oneuptime-copilot-oneuptime-copilot-improve-comments-eHoNt

oneuptime-copilot-oneuptime-copilot-improve-comments-BWpyo

landing-page

clickhouse-optimization

attributes-cache

snyk-upgrade-b1d7fc785c4b347f9540423872d4f7eb

snyk-upgrade-b12f9d5ede2ce54b392c16e1398efc0d

snyk-upgrade-90863abe750274199042129d216ec458

snyk-upgrade-24742a40cc66c0ff20127c49b31c5b92

status-page-reports

monitor-reports

oneuptime-app-oneuptime-app-improve-comments-wPkHZ

oneuptime-app-oneuptime-app-improve-comments-zheFq

oneuptime-app-oneuptime-app-improve-comments-yGblU

oneuptime-app-oneuptime-app-improve-comments-XvJyI

oneuptime-app-oneuptime-app-improve-comments-Iigpp

oneuptime-app-oneuptime-app-improve-comments-BLqEd

oneuptime-app-oneuptime-app-improve-comments-BSWXD

oneuptime-app-oneuptime-app-improve-comments-iDNIR

oneuptime-app-oneuptime-app-improve-comments-FPiCN

oneuptime-app-oneuptime-app-improve-comments-hfdRa

oneuptime-app-oneuptime-app-improve-comments-yEhKY

oneuptime-app-oneuptime-app-improve-comments-iOjcB

oneuptime-app-oneuptime-app-improve-comments-tFtyx

oneuptime-app-oneuptime-app-improve-comments-sBvxI

oneuptime-app-oneuptime-app-improve-comments-IXAhB

oneuptime-app-oneuptime-app-improve-comments-YtccK

oneuptime-app-oneuptime-app-improve-comments-QCnqA

oneuptime-app-oneuptime-app-improve-comments-NMjBi

oneuptime-app-oneuptime-app-improve-comments-lDSQP

oneuptime-app-oneuptime-app-improve-comments-YdAAE

oneuptime-app-oneuptime-app-improve-comments-JVpQw

oneuptime-app-oneuptime-app-improve-comments-DncIm

oneuptime-app-oneuptime-app-improve-comments-iBzpC

oneuptime-app-oneuptime-app-improve-comments-GkOnn

telemetry-backend

snyk-upgrade-818024a85e0cd5b743112ffb7f513123

snyk-upgrade-2f9ef5e24aa83032721fce51c3a0b0ca

oneuptime-app-oneuptime-app-refactor-code-nDOMw

oneuptime-app-oneuptime-app-refactor-code-nzaSs

oneuptime-app-oneuptime-app-refactor-code-TIxRv

oneuptime-app-oneuptime-app-refactor-code-Llyxi

oneuptime-app-oneuptime-app-refactor-code-lfIez

oneuptime-app-oneuptime-app-improve-comments-FLlpf

oneuptime-app-oneuptime-app-improve-comments-DaGfY

oneuptime-app-oneuptime-app-improve-comments-XaYkK

oneuptime-app-oneuptime-app-fix-grammar-and-spelling-CDFoR

ai-copilot-main

oneuptime-app-oneuptime-app-fix-grammar-and-spelling-hueYU

oneuptime-app-oneuptime-app-fix-grammar-and-spelling-HQfro

oneuptime-app-oneuptime-app-fix-grammar-and-spelling-JVpKF

oneuptime-app-oneuptime-app-fix-grammar-and-spelling-mSRcD

oneuptime-app-oneuptime-app-fix-grammar-and-spelling-NXSdG

oneuptime-app-oneuptime-app-fix-grammar-and-spelling-CYFVx

oneuptime-app-oneuptime-app-improve-comments-UsHIA

oneuptime-app-oneuptime-app-improve-comments-ZBFjb

oneuptime-app-oneuptime-app-improve-comments-ggYpS

oneuptime-app-oneuptime-app-improve-comments-YUFeh

eval-over-time

oneuptime-app-oneuptime-app-improve-comments-LkJYk

ai-main-70b

eslint

oneuptime-app-test-branch-11

oneuptime-app-test-branch-10

oneuptime-app-test-branch-7

oneuptime-app-test-branch-6

test-branch

nz/metric-detail

ext-postgres

perms-refactor

filter-refactor

group-by

greenlock-refactor

attributes

react-app

otel

snyk-upgrade-3677f1da0f20b9341d779856ea606cce

snyk-upgrade-324862099bddfa90e5e0e06eb934c162

renovate/node-16.x-lockfile

snyk-upgrade-ac717665d10b7db0ddb20de9bdaf435b

snyk-upgrade-7b7ea7a1c722d2b7f48e290063771f7b

snyk-upgrade-520b5a017b5e7985121ef90b57317068

renovate/stripe-react-stripe-js-1.x-lockfile

renovate/heroicons-react-2.x-lockfile

renovate/headlessui-react-1.x-lockfile

renovate/clickhouse-clickhouse-server-23.x

snyk-upgrade-8a1c1f353568dcbc7b2c3e4beec4a6b7

snyk-upgrade-affb0a1678b57ae5a6f3183f5e8d302d

renovate/vm2-3.x-lockfile

renovate/start-server-and-test-1.x-lockfile

renovate/chrome-launcher-0.x-lockfile

renovate/mikepenz-release-changelog-builder-action-3.x

renovate/npm-xmldom-vulnerability

monitor-groups

feature-flags

logging

admin-dashboard

update-deps

metered-plan

fix-status-page-refresh

owner-emails

owners-in-form

monitoring

fix-small-issues

single-docker-container

workflow-fix

staus-page-fix

slack_workflow

emails

fix/ping-monitor-ipv6

fix-typescript-errors

issue/160-add-setup-alert

143-fix-github-actions-jobs-dont-run-on-prs-from-forked-repo

142-github-actions-build-job-to-run-home-tests

147-form-containers

131-add-styling-for-account-in-topbar

chore/setup-sonar-cloud-#21

96-css-for-login-page

97-css-login-page

35-write-docker-build-job-for-helmchart

ts-migrate

monitor-box

feature-github-actions-3

feature-github-actions

feature-github-actions-2

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/oneuptime#1340