Bump fast-xml-parser and @aws-sdk/credential-providers

[dependabot]

Bumps fast-xml-parser and @aws-sdk/credential-providers. These dependencies needed to be updated together.
Updates fast-xml-parser from 4.4.1 to 5.3.4

Release notes

Sourced from fast-xml-parser's releases.

fix: handle HTML numeric and hex entities when out of range

No release notes provided.

bug fix and performance improvements

• fix #775: transformTagName with allowBooleanAttributes adds an unnecessary attribute
• Performance improvement for stopNodes (By Maciek Lamberski)

Replace Buffer with Uint8Array

• Launched Separate CLI module
• Replace Buffer with Uint8Array

Support EMPTY and ANY with ELEMENT in DOCTYPE

Full Changelog: NaturalIntelligence/fast-xml-parser@v5.2.4...v5.2.4

upgrade to ESM module and fixing value parsing issues

• Support ESM modules
• fix value parsing issues
• a feature to access tag location is added (metadata)
• fix to read DOCTYPE correctly

Full Changelog: https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md

Summary update on all the previous releases from v4.2.4

• Multiple minor fixes provided in the validator and parser
• v6 is added for experimental use.
• ignoreAttributes support function, and array of string or regex
• Add support for parsing HTML numeric entities
• v5 of the application is ESM module now. However, JS is also supported

Note: Release section in not updated frequently. Please check CHANGELOG or Tags for latest release information.

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

5.3.4 / 2026-01-30

• fix: handle HTML numeric and hex entities when out of range

5.3.3 / 2025-12-12

• fix #775: transformTagName with allowBooleanAttributes adds an unnecessary attribute

5.3.2 / 2025-11-14

• fix for import statement for v6

5.3.1 / 2025-11-03

• Performance improvement for stopNodes (By Maciek Lamberski)

5.3.0 / 2025-10-03

• Use Uint8Array in place of Buffer in Parser

5.2.5 / 2025-06-08

• Inform user to use fxp-cli instead of in-built CLI feature
• Export typings for direct use

5.2.4 / 2025-06-06

• fix (#747): fix EMPTY and ANY with ELEMENT in DOCTYPE

5.2.3 / 2025-05-11

• fix (#747): support EMPTY and ANY with ELEMENT in DOCTYPE

5.2.2 / 2025-05-05

• fix (#746): update strnum to fix parsing issues related to enotations

5.2.1 / 2025-04-22

• fix: read DOCTYPE entity value correctly
• read DOCTYPE NOTATION, ELEMENT exp but not using read values

5.2.0 / 2025-04-03

• feat: support metadata on nodes (#593) (By Steven R. Loomis)

5.1.0 / 2025-04-02

• feat: declare package as side-effect free (#738) (By Thomas Bouffard)
• fix cjs build mode
• fix builder return type to string

5.0.9 / 2025-03-14

• fix: support numeric entities with values over 0xFFFF (#726) (By Marc Durdin)
• fix: update strnum to fix parsing 0 if skiplike option is used

5.0.8 / 2025-02-27

... (truncated)

Commits

• 753e770 update release details
• 4e387f6 handle html entities when out of range
• 088b47a correct typo (#780)
• f335cbf update publish detail
• fcedd31 fix #775: transformTagName with allowBooleanAttributes adds an unnecessary at...
• 54d2262 Fix captureMetaData casing (#773)
• e0769f2 update publish detail
• 1a810ad fix import for v6
• ab148ab update pcakge detail to publish
• 81513d5 perf: Use Set for stopNodes lookup (O(1)) instead of array iteration (O(n)) (...
• Additional commits viewable in compare view

Updates @aws-sdk/credential-providers from 3.803.0 to 3.983.0

Release notes

Sourced from @​aws-sdk/credential-providers's releases.

v3.983.0

3.983.0(2026-02-04)

Chores

• dynamodb-codec: remove peer dependency on client (#7711) (3116b7d1)

Documentation Changes

• client-eks: Update delete cluster description (f92e1d60)
• client-redshift: We have increased the maximum duration for a deferred maintenance window from 45 days to 60 days for Amazon Redshift provisioned clusters. This enhancement provides customers with greater flexibility in scheduling patching and maintenance activities while also maintaining security compliance. (78cd18f3)

New Features

• client-workspaces-web: Support for configuring and managing custom domain names for WorkSpaces Secure Browser portals. (afd41b46)
• client-connectcases: Amazon Connect Cases now supports larger, multi-line text fields with up to 4,100 characters. Administrators can use the Admin UI to select the appropriate configuration (single-line or multi-line) on a per-field basis, improving case documentation capabilities. (69bec694)
• client-medialive: AWS Elemental MediaLive now supports SRT listener mode for inputs and outputs, in addition to the existing SRT caller mode. (25287d4b)
• client-bedrock-runtime: Added support for structured outputs to Converse and ConverseStream APIs. (ff529d7e)

---

For list of updated packages, view updated-packages.md in assets-3.983.0.zip

v3.982.0

3.982.0(2026-02-03)

Chores

• test new model generation in ci (#7689) (c449f590)
• scripts: update release script (#7707) (6c7353eb)

Documentation Changes

• client-organizations: Updated the CloseAccount description. (fadedac3)

New Features

• client-dynamodb: This change supports the creation of multi-account global tables. It adds two new arguments to CreateTable, GlobalTableSourceArn and GlobalTableSettingsReplicationMode. DescribeTable is also updated to include information about GlobalTableSettingsReplicationMode. (4bef08d4)
• client-marketplace-catalog: Adds support for Catalog API us-east-1 dualstack endpoint catalog-marketplace.us-east-1.api.aws (2c5c715a)
• client-sso-admin: Added new Region management APIs to support multi-Region replication in IAM Identity Center. (c16a6f46)
• client-batch: AWS Batch Array Job Visibility feature support. Includes new statusSummaryLastUpdatedAt for array job parent DescribeJobs responses for the last time the statusSummary was updated. Includes both statusSummary and statusSummaryLastUpdatedAt in ListJobs responses for array job parents. (08db9ebe)
• client-kinesis: Adds StreamId parameter to AWS Kinesis Data Streams APIs that is reserved for future use. (96d7f32b)
• client-geo-maps: Added support for optional style parameters in maps, including 3D terrain and 3D Buildings (59d8232a)

Bug Fixes

• eventstream-handler-node: fix uncatchable error in stream pipeline (#7703) (eb4e2dd4)
• middleware-websocket: establish stream pipeline prior to continuing with request (#7704) (52b25e84)

... (truncated)

Changelog

Sourced from @​aws-sdk/credential-providers's changelog.

3.983.0 (2026-02-04)

Note: Version bump only for package @​aws-sdk/credential-providers

3.982.0 (2026-02-03)

Note: Version bump only for package @​aws-sdk/credential-providers

3.981.0 (2026-02-02)

Note: Version bump only for package @​aws-sdk/credential-providers

3.980.0 (2026-01-30)

Note: Version bump only for package @​aws-sdk/credential-providers

3.978.0 (2026-01-28)

Note: Version bump only for package @​aws-sdk/credential-providers

3.975.0 (2026-01-23)

Note: Version bump only for package @​aws-sdk/credential-providers

3.974.0 (2026-01-22)

... (truncated)

Commits

• 66d159c Publish v3.983.0
• 179b42c Publish v3.982.0
• 15514da Publish v3.981.0
• 0306270 Publish v3.980.0
• b951130 chore: use yarn workspace versioning for monorepo packages (#7693)
• a1794f7 Publish v3.978.0
• 024c073 chore(codegen): update for aggregated paginators and waiters (#7685)
• 557a738 Publish v3.975.0
• 784b9f3 chore(codegen): upgrade smithy to 1.66.0 (#7678)
• 2f2a874 Publish v3.974.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.