Bump fast-xml-parser and @sap-cloud-sdk/generator in /src/api

[dependabot]

Bumps fast-xml-parser to 5.9.0 and updates ancestor dependency @sap-cloud-sdk/generator. These dependencies need to be updated together.

Updates fast-xml-parser from 4.2.5 to 5.9.0

Release notes

Sourced from fast-xml-parser's releases.

update strnum, FXB. Use xml-naming for DOCTYPE

• integrate xml-naming to validate DOCTYPE entity name and notation name (using qname because of backward compatibility)
  • This will consider xml-version as well. '1.0' is default
• update strnum to 2.3.0
  • You can set octal and binary parsing which is by deault off
• update fast-xml-builder to 1.2.0
  • can sanitize tag names if found invalid
  • fix format output

fix minor old bugs and update builder

• fix: alwaysCreateTextNode should create text node when attributes are present for self closing node
• fix stop node expression when ns prefix is removed (found by iruizsalinas)
• update XML Builder to 1.1.7
• mark addEntity deprecated

backward compatibility for numerical external entity, fix #705, #817

• allow numerical external entity for backward compatibility
• fix #705: attributesGroupName working with preserveOrder
• fix #817: stackoverflow when tag expression is very long

upgrade @​nodable/entities and FXB

• Use @nodable/entities v2.1.0
  • breaking changes
    • single entity scan. You're not allowed to use entity value to form another entity name.
    • you cant add numeric external entity
    • entity error message when expantion limit is crossed might change
  • typings are updated for new options related to process entity
  • please follow documentation of @nodable/entities for more detail.
  • performance
    • if processEntities is false, then there should not be impact on performance.
    • if processEntities is true, but you dont pass entity decoder separately then performance may degrade by approx 8-10%
    • if processEntities is true, and you pass entity decoder separately
      • if no entity then performance should be same as before
      • if there are entities then performance should be increased from past versions
  • ignoreAttributes is not required to be set to set xml version for NCR entity value
• update 'fast-xml-builder' to sanitize malicious CDATA and comment's content

use @​nodable/entities to replace entities

• No API change
• No change in performance for basic usage
• No typing change
• No config change
• new dependency
• breaking: error messages for entities might have been changed.

Full Changelog: NaturalIntelligence/fast-xml-parser@v5.5.12...v5.6.0

performance improvment, increase entity expansion default limit

• increase default entity explansion limit as many projects demand for that

</tr></table> 

... (truncated)

Changelog

Sourced from fast-xml-parser's changelog.

Note: If you find missing information about particular minor version, that version must have been changed without any functional change in this library.

Note: Due to some last quick changes on v4, detail of v4.5.3 & v4.5.4 are not updated here. v4.5.4x is the last tag of v4 in github repository. I'm extremely sorry for the confusion

*5.9.0 / 2026-06-15 (not released yet)

• update strnum to 2.3.0
  • you can set hex, binary, enotation, infinity, unicode
• validate unsafe HTML or XML data in doctype entities unsing 'is-unsafe' library. User can override rules by overriding EntityDecoder.

*5.8.0 / 2026-05-12

• integrate xml-naming to validate DOCTYPE entity name and notation name (using qname becaue of backward compatibility)
  • This will consider xml-version as well. '1.0' is default
• update strnum to 2.3.0
  • You can set octal and binary parsing which is bydeault off
• update fast-xml-builder to 1.2.0
  • can sanitize tag names if found invalid
  • fix format output

5.7.3 / 2006-05-05

• fix: alwaysCreateTextNode should create text node when attributes are present for self closing node
• fix stop node expression when ns prefix is removed (found by iruizsalinas)
• update XML Builder to 1.1.7
• mark addEntity deprecated

5.7.2 / 2026-04-25

• allow numerical external entity for backward compatibility
• fix #705: attributesGroupName working with preserveOrder
• fix #817: stackoverflow when tag expression is very long

5.7.1 / 2026-04-20

• fix typo in CJS typing file

5.7.0 / 2026-04-17

• Use @nodable/entities v2.1.0
  • breaking changes
    • single entity scan. You're not allowed to user entity value to form another entity name.
    • you cant add numeric external entity
    • entity error message when expantion limit is crossed might change
  • typings are updated for new options related to process entity
  • please follow documentation of @nodable/entities for more detail.
  • performance
    • if processEntities is false, then there should not be impact on performance.
    • if processEntities is true, but you dont pass entity decoder separately then performance may degrade by approx 8-10%
    • if processEntities is true, and you pass entity decoder separately
      • if no entity then performance should be same as before
      • if there are entities then performance should be increased from past versions
  • ignoreAttributes is not required to be set to set xml version for NCR entity value
• update 'fast-xml-builder' to sanitize malicious CDATA and comment's content

... (truncated)

Commits

• d429d70 update for release
• a8b3564 update docs
• ca273dc update strnum to support unicode, discard unsafe doctype entities
• f589251 add security warning to docs
• ce1001c Update Node.js CI workflow to use latest actions
• be6e9d9 remove prolog from demo page (#776)
• 2d46cc2 fix demo XML declaration parsing option (#836)
• 4bcee44 for release
• 8a287bf release info
• 50b01dc Use "@​byspec/xml" for testing
• Additional commits viewable in compare view

Updates @sap-cloud-sdk/generator from 3.0.1 to 3.26.4

Release notes

Sourced from @​sap-cloud-sdk/generator's releases.

v3.26.4

Fixed Issues

• [connectivity] Remove destination cache in getDestinationFromServiceBinding() function to let cached destinations retrieved in getDestinationFromDestinationService() function be added with the proxyConfiguration property.
  • @​sap-cloud-sdk/resilience@​3.26.4
  • @​sap-cloud-sdk/util@​3.26.4 (51cab2a)

v3.26.3

Fixed Issues

• [eslint-config] Downgrade @stylistic/eslint-plugin to v3 as v4 is EMS-only. (f1ec5b7)

v3.26.2

Fixed Issues

• [connectivity] Add proxyConfiguration on the fly to avoid expired proxy authorization token in cached destination if it lives shorter than the token for destination service. (438ebd8)
• [util] Stringify Axios response data object in the error stack of ErrorWithCause class. (782b3fd)

v3.26.1

Fixed Issues

• [connectivity] Reintroduce option to pass iss property to getClientCredentialsToken function.
  • @​sap-cloud-sdk/resilience@​3.26.1
  • @​sap-cloud-sdk/util@​3.26.1 (06230c3)

v3.26.0

New Functionalities

• [openapi-generator] Add resolveExternal option to determine whether external $ref pointers will be resolved. (6cc07bc)

v3.25.0

New Functionalities

• [openapi] Introduce setBasePath() method on the OpenAPI request builder, allowing a custom base path URL to be set for a single request. This base path is prepended to the API path parameter for that single request. (2943cd5)
• [openapi, openapi-generator, util] Add basePath option in the options-per-service.json file in the OpenAPI generator. This option prepends the base URL path to the API path parameter for every request. (2943cd5)

v3.24.0

New Functionalities

• [connectivity] Add transform function to create OAuth2ClientCredentials destinations from service bindings. (7ccc9a3)

v3.23.0

Fixed Issues

• [generator-common] Fix ESM client code compilation by allowing the module option to be set to nodenext or node16 in a custom tsconfig.json file. (745766e)
• [mail-client] Fix mail client issue for port 465 with on-premise setup. (ea9b6b5)
• [mail-client] Fix email sending functionality to ensure that emails are sent to all valid addresses. Previously, if an email failed, all subsequent emails were not sent.
  • @​sap-cloud-sdk/connectivity@​3.23.0
  • @​sap-cloud-sdk/util@​3.23.0 (62eaed5)

... (truncated)

Changelog

Sourced from @​sap-cloud-sdk/generator's changelog.

3.26.4

Patch Changes

• @​sap-cloud-sdk/generator-common@​3.26.4
• @​sap-cloud-sdk/odata-common@​3.26.4
• @​sap-cloud-sdk/odata-v2@​3.26.4
• @​sap-cloud-sdk/odata-v4@​3.26.4
• @​sap-cloud-sdk/util@​3.26.4

3.26.3

Patch Changes

• @​sap-cloud-sdk/generator-common@​3.26.3
• @​sap-cloud-sdk/odata-common@​3.26.3
• @​sap-cloud-sdk/odata-v2@​3.26.3
• @​sap-cloud-sdk/odata-v4@​3.26.3
• @​sap-cloud-sdk/util@​3.26.3

3.26.2

Patch Changes

• Updated dependencies [782b3fd]
  • @​sap-cloud-sdk/util@​3.26.2
  • @​sap-cloud-sdk/generator-common@​3.26.2
  • @​sap-cloud-sdk/odata-common@​3.26.2
  • @​sap-cloud-sdk/odata-v2@​3.26.2
  • @​sap-cloud-sdk/odata-v4@​3.26.2

3.26.1

Patch Changes

• @​sap-cloud-sdk/generator-common@​3.26.1
• @​sap-cloud-sdk/odata-common@​3.26.1
• @​sap-cloud-sdk/odata-v2@​3.26.1
• @​sap-cloud-sdk/odata-v4@​3.26.1
• @​sap-cloud-sdk/util@​3.26.1

3.26.0

Patch Changes

• @​sap-cloud-sdk/generator-common@​3.26.0
• @​sap-cloud-sdk/odata-common@​3.26.0
• @​sap-cloud-sdk/odata-v2@​3.26.0
• @​sap-cloud-sdk/odata-v4@​3.26.0
• @​sap-cloud-sdk/util@​3.26.0

... (truncated)

Commits

• ce2d16e v3.26.4
• 3dc1b5a v3.26.3
• 7f96c98 v3.26.2
• 3fb0fa6 chore(deps): bump prettier from 3.5.2 to 3.5.3 (#5593)
• 6994468 chore(deps): bump fast-xml-parser from 4.5.1 to 5.0.8 (#5574)
• 3b0ab43 chore(deps): bump prettier from 3.5.1 to 3.5.2 (#5551)
• 529fe65 v3.26.1
• 24ca59e chore(deps): bump prettier from 3.5.0 to 3.5.1 (#5486)
• 439ba57 chore(deps): bump mock-fs from 5.3.0 to 5.5.0 (#5455)
• c2e8863 chore(deps): bump prettier from 3.4.2 to 3.5.0 (#5460)
• Additional commits viewable in compare view

[MartinPankraz]

@copilot resolve the merge conflicts in this pull request

[dependabot]

Looks like these dependencies are up-to-date now, so this is no longer needed.