4.3.5

• Add location info to the error that's thrown when an end tag is missing

Full Changelog: 4.3.4...4.3.5

4.3.4

• Add "types" to the "exports" section of package.json by @jkonowitch in #150 (thanks!)
• Update (most) devDependencies to their latest versions

Full Changelog: 4.3.3...4.3.4

4.3.3

• Also guard against entity expansion attacks in attribute values

Full Changelog: 4.3.2...4.3.3

4.3.2

• Fix a few serialization issues introduced in 4.3.1.

Full Changelog: 4.3.1...4.3.2

4.3.1

• This release reworks the way namespace prefixes are determined during serialization. Previous releases used the algorithm from the DOM parsing & serialization spec, which unfortunately contains a number of bugs that produce incorrect or invalid serializations in some edge cases.

Full Changelog: 4.3.0...4.3.1

4.3.0

• Added option to parse CDATA as normal text

Full Changelog: 4.2.0...4.3.0

4.2.0

• Added heuristics to block entity expansion attacks. Parsing is aborted if the output size exceeds a certain limit and the size increase due to entity expansion exceeds a set factor. Both this approach and the default limits are based on how libexpat guards against such attacks. Please file an issue if you have to increase these limits for any real-world document.

Full Changelog: 4.1.1...4.2.0

4.1.1

• Fix parsing of documents and fragments starting with a PI with a target that starts with 'xml'

Full Changelog: 4.1.0...4.1.1

4.1.0

• Use the new parseXmlFragment function to parse fragments of XML, such as input with multiple top-level elements. If the fragment uses namespace prefixes that it doesn't define, use the optional resolveNamespacePrefix function to resolve those.

Full Changelog: 4.0.2...4.1.0

4.0.2

• Fix highlight in error message for an undeclared attribute prefix.

Full Changelog: 4.0.1...4.0.2