fix(deps): update dependency htmlparser2 to v12

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
htmlparser2	^3.10.0 → ^12.0.0

---

Release Notes

fb55/htmlparser2 (htmlparser2)

v12.0.0

Compare Source

What's Changed

This release aligns HTML parsing with the WHATWG spec Almost all changes are to HTML mode only — XML mode is unaffected unless noted.

Raw-text & RCDATA tags

• <iframe>, <noembed>, <noframes>, and <plaintext> are now raw-text tags, their content is no longer parsed as HTML
• <textarea> now decodes entities like <title> already did
• Self-closing <script/>, <style/>, etc. now enter their raw-text state (the / is ignored per spec) unless recognizeSelfClosing is enabled

SVG & MathML

• Tag names inside <svg> are case-adjusted per spec (foreignObject, clipPath, etc.)
• CDATA sections inside foreign content are treated as text
• Special-tag detection is disabled inside foreign content
• Stray </svg> / </math> no longer corrupt the parser's context tracking

Comments & declarations

• <!-->, <!--->, <!->, <!> now parse as valid comments per spec
• <?…> and non-DOCTYPE <!…> in HTML mode emit bogus comments instead of being silently dropped
• <!DOCTYPEhtml> (no space) is recognized as a DOCTYPE
• Unclosed comments, <!DOCTYPE, <?…, <![CDATA[… at EOF emit the correct token type

Implicit open/close

• <h1>–<h6> implicitly close other headings
• <a> closes a previous <a>
• Nested <form> is ignored when one is already open
• <image> is rewritten to <img> outside foreign content
• </> is silently ignored instead of emitted as text

Other fixes

• Fixed reset() not clearing attribute state, which could leak data across parseComplete() calls

#​2387

Full Changelog: fb55/htmlparser2@v11.0.0...v12.0.0

v11.0.0

Compare Source

Breaking Changes

• The module is now ESM only #​2381
  • CommonJS require() is not supported in legacy environment anymore. Use import instead.
  • The minimum Node.js version is now 20.19.0.
• Dependencies have been bumped to their latest major versions: domhandler v6, domutils v4, domelementtype v3, entities v8.

Features

• Added WebWritableStream for the Web Streams API, enabling direct piping from fetch() response bodies into the parser #​2376

Bug Fixes

• Comments now accept --!> as a closing sequence per the HTML spec, and <!--> is recognized as an empty comment in HTML mode #​2382
• XML processing instructions (<?xml ... ?>) now require the full ?> closing sequence instead of just > #​2382
• Fixed reset() not clearing isSpecial and sequenceIndex state, which could cause incorrect parsing after reuse #​2382
• Fixed XML comment parsing: <!--> is no longer treated as a complete comment in xmlMode #​2383

Other Changes

• Expanded README with full API reference, parser options, events, and practical examples #​2384

New Contributors

• @​vimzh made their first contribution in #​2376

Full Changelog: fb55/htmlparser2@v10.1.0...v11.0.0

v10.1.0

Compare Source

What's Changed

• entities was bumped from 6.0.1 to 7.0.1, bringing size & speed improvements #​2215
• Test files are no longer shipped in the published module 72da671

New Contributors

• @​KTibow made their first contribution, bumping us to eslint 9 in #​2204

Full Changelog: fb55/htmlparser2@v10.0.0...v10.1.0

v10.0.0

Compare Source

• Breaking: Simplify writable stream import path d5882db
• feat: Support xmp tag parsing (#​1790 by @​nati-elmaliach) ecdb071
• Run tests with vitest (#​1845) aa0c781
• Dependency upgrades

v9.1.0

Compare Source

Fixes

• Fixed onattribend's endIndex (#​1540 by @​DimaIT)
• Treat textarea as special tag (#​1719 by @​DimaIT)

Features

• Export QuoteType (#​1543 by @​DimaIT) and Handler interface (#​1690 by @​benkroeger)

v9.0.0

Compare Source

Breaking Changes

• The tokenizer now uses the EntityDecoder from the entities module #​1480
  • Parsing of entities in attributes is now aligned with the HTML spec, and some inputs will produce different results. Eg. in <a href='&amp=boo'> the attribute value won't be modified any more.
  • The ontextentity tokenizer callback now has an endIndex argument; if you use the tokenizer directly, make sure indices are still the same.
• Stacks inside the parser have been reversed. #​1511

Features

• Added a createDocumentStream function, analogous to createDomStream (which is now deprecated) #​1510

Full Changelog: fb55/htmlparser2@v8.0.2...v9.0.0

v8.0.2

Compare Source

Bug Fixes

• Reset tokenizer baseState after closing tag name by @​KillyMXI in #​1460

Other changes

• Dependency version bumps
• GitHub Workflows security hardening by @​sashashura in #​1365
• refactor(lint): Add eslint-plugin-n and -unicorn by @​fb55 in #​1352
• chore(test): Move from JSON tests to specs by @​fb55 in #​1354
• docs(readme): Use GitHub Actions CI badge by @​fb55 in #​1374

New Contributors

• @​sashashura made their first contribution in #​1365
• @​KillyMXI made their first contribution in #​1460

Full Changelog: fb55/htmlparser2@v8.0.1...v8.0.2

v8.0.1

Compare Source

• Added missing WritableStream export in the package.json 6923fca

v8.0.0

Compare Source

Breaking

• The deprecated FeedHandler class has been removed #​1166
  • See #​1166 for how to migrate.
• Typescript >= 4.5 is now required; see #​1242
• The types from domhandler and domutils have changed, the deprecated normalizeWhitespace option was removed #​1164
• The parser was updated to no longer concatenate strings. This led to several changes of internal interfaces. #​1045
  • This reduces the memory overhead when parsing streams, and avoids copying memory.
  • Breaking if you were previously extending internals.

Features

• htmlparser2 is now a dual CommonJS & ESM module #​1165

Other changes

• Updated for entities' updated decoding tree structure #​1146
• Highlight special close-implies-open logic by @​vassudanagunta in #​1047
• Update Events/07 test to clarify interpretation of tag end slashes by @​vassudanagunta in #​1046
• Suggest parse5 for HTML compliance by @​vassudanagunta in #​1147

New Contributors

• @​vassudanagunta made their first contribution in #​1047

Full Changelog: fb55/htmlparser2@v7.2.0...v8.0.0

v7.2.0

Compare Source

What's Changed

Fixes:

• Decode entities after < by @​fb55 in #​1008
• Stringify non-string chunks by @​fb55 in #​1010

Docs

• docs(readme): make parseDocument() example clearer by @​cameronsteele in #​998

Refactors:

• Introduce sequences & fast forwarding by @​fb55 in #​1007
• Emit text before entities once entity is confirmed by @​fb55 in #​1009

The refactors lead to a combined ~5% speed-up.

New Contributors

• @​cameronsteele made their first contribution in #​998

Full Changelog: fb55/htmlparser2@v7.1.2...v7.2.0

v7.1.2

Compare Source

• Fix indices of self-closing tags in XML (#​949, reported in #​941) 3287ef2
• Bump domhandler from 4.2.0 to 4.2.2 (#​935) 45b2cfe

v7.1.1

Compare Source

• Fixed a bug where implied close tags would be misreported (#​933) 903fb43
• Fixed endIndex of text events being off by 1 (#​932) 78ef1b7

v7.1.0

Compare Source

Features:

• Added an isImplied flag to the onopentag/onclosetag events (#​930) f917004
  • This allows consumers to set start/end indices more correctly. Inspired by posthtml/posthtml-parser#80.
• It is now possible to get indices for attributes (#​929) 28c162b

Fixes:

• htmlparser2@​7.0.0 changed how indices were computed. Unfortunately, a lot of edge-cases weren't handled correctly. This version fixes this.
  • refactor: Fix how indices are computed, add attrib indices (#​929) 28c162b
  • fix(parser): Fix indices for end, CDATA, add indices to tests (#​928) 4e25252
  • fix(parser): Don't override position for implied opening tags (#​917) fac221d
  • fix(parser): Index of closing tag was misaligned (#​913) 04c411c
• .pause would lead to data being wrongfully discarded (#​927) 78af88d
• The tokenizer would still emit some data after an error (#​923) 08b2040
• Issue in foreign content: The tag name foreignObject will always be lowercased in HTML e852205

Refactors:

• refactor(feeds): Move getFeed to domutils (#​931) f10dc03
• refactor(tokenizer): Use explicit empty buffer if we have reached the end 9c30fe6
• chore(tests): Add test for error without a listener 0eb0067
• chore(tests): Use proxies to collect events (#​920) a2b0bf3
• chore(tests): Move stream tests into WritableStream.spec (#​916) da67eba
• refactor(tokenizer): Remove unused branches, improve test coverage (#​914) a2eae51
• docs(readme): Update benchmark results d45fc82

v7.0.0

Compare Source

htmlparser2@​7.0.0 changes a lot of internals, resulting in an 20% overall performance improvement in AndreasMadsen's htmlparser-benchmark.

Breaking changes:

• Fixed how start & end index positions are calculated (#​910) 5ab080e
  • Some indices, especially end indices, will now have changed. Most importantly, end indices will now always be greater or equal than start indices (whoops!).

Features:

• Added an isVoidElement method to the parser (#​785) 00ce57a

Refactors:

• Use a trie to decode HTML & XML entities in the tokenizer (#​863) 9a47a55
  • Leads to large speed-ups when dealing with entities.
• Iterate over char codes in the tokenizer (#​894) f5aed75
  • Improved tokenizer performance by ~40%.
• Use Map for openImpliesClose in the parser (#​911) 39a8109
• Moved logic of FeedHandler to a function (#​912) 3a672ff

v6.1.0

Compare Source

Features:

• Export tokenizer callback interface from main module (#​751) ab0b3fc f59473a

Fixes:

• Allow XML tags to start with any character (#​778) 0b94ab5

Upgrades:

• Bump domhandler from 4.0.0 to 4.1.0 e64e8e5
• Bump domelementtype from 2.1.0 to 2.2.0 8bc1719
• Bump domutils from 2.4.4 to 2.5.2 8b91d97 cf77476 7c233de

v6.0.1

Compare Source

• Fix parsing special closing tags (#​746) 214ab08
  • Thanks to @​BenoitZugmeyer for the report (#​745)!

v6.0.0

Compare Source

Breaking:

• Bump domhandler, domutils 4dd4233 0d278fd
  • The new version of domhandler now comes with an actual root element for the document. This might break tests in a few cases. See the domhandler release notes for more details.
• Make some private properties actually private 1c71e60

Features:

• Add a parseDocument method 4653f23
  • This returns the root node of the document, instead of an array of the first nodes. You likely want to use this instead of the now deprecated getDOM method.
• Improve docs df7ea98 1ce1d3b 0437d9c

Minor:

• FeedHandler: Slightly restructure code b6b4382

v5.0.1

Compare Source

• Fix: Parse entities in <title> tags (#​614, #​615 by @​billneff79) 3295a8b
• Fix: Remove @​types/node as a peer dependency 1ace384

Also pulls in a new version of the entities module, which features more compact entity maps.

v5.0.0

Compare Source

Breaking changes:

• Default the decodeEntities option to true 8ac01e0
• Removes underscores in front of many private properties & methods. 6e296d2
• Removes EVENTS, WritableStream and CollectingHandler exports from module import. The latter two are still part of the module, but now have to be imported explicitly. 6e296d2
• The parser no longer extends EventEmitter f30f13c
• HTML <title> tag content is now processed as text (#​483 by @​billneff79) 0189e56

Features:

• Add media content parsing to FeedHandler (#​560 by @​gcandal) a85e4e0
• Expose the quotes that were used in the onattribute event 3c86256
• Add "sideEffects: false" to package.json (#​474 by @​ericjeney) d90dd64
• Explain stream usage in README (#​446 by @​mnmkng) 4c0fba8

Bug Fixes:

• Properly back out of numeric entities, decode entities in attributes (fixes #​276) eaf2872
• Fix broken parsing after self-closing special tags (#​515 by @​warriordog) 4ec596f
• Fix parse bug when tag name is not ASCII alpha (#​497 by @​Zuckjet) bc010de

Diverse:

• Improve Coverage (#​540 by @​brettz9) 6d8a2ff
• Check missing elem with getOneElement (#​543 by @​brettz9) 1cf297e
• Add test for #​125 40d9556

Thanks to everyone that contributed to this release!

Commit Range:

v4.1.0

Compare Source

• Don't fail when parsing <__proto__> (fixes #​387)
• Add types field to package.json
• Update dependencies

v4.0.0

Compare Source

• Port to TypeScript, Jest
• Remove the Stream and ProxyHandler exports
• Order some conditionals in Tokenizer by their likelihood to be hit
• Fix implicit closing of certain tags — @​voithos
• Fix: options.Tokenizer modified outer scope — @​thorn0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.