Skip to content

Bump html-minifier-next from 5.2.2 to 6.2.1#52

Open
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/npm_and_yarn/html-minifier-next-6.2.1
Open

Bump html-minifier-next from 5.2.2 to 6.2.1#52
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/npm_and_yarn/html-minifier-next-6.2.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 1, 2026

Bumps html-minifier-next from 5.2.2 to 6.2.1.

Changelog

Sourced from html-minifier-next's changelog.

[6.2.1] - 2026-05-01

Fixed

  • Fixed collapseAttributeWhitespace incorrectly collapsing whitespace in attributes where it is semantically significant:
    • pattern (regex literal spaces, e.g., \d \d matching exactly two spaces)
    • value on form-submission elements (input, option, button, data, param) where the value is used verbatim—but not on numeric elements (like li or meter) where the browser normalizes it
    • title (line breaks and spacing render visibly in browser tooltips)
    • placeholder (spaces render visibly in inputs)
    • event handler attributes (spaces inside string literals, e.g., onclick="alert('→     ←')").

[6.2.0] - 2026-04-24

Added

  • Implemented boolean CLI options to support both --option-name (enable) and --no-option-name (disable), making it possible to override any option set by a preset or config file from the command line—e.g., --preset=comprehensive --no-collapse-whitespace (exception: noNewlinesBeforeTagClose already exposes only --no-newlines-before-tag-close, so no additional --no-no-… form is registered)
  • Added the positive CLI form --continue-on-minify-error (the continueOnMinifyError option defaults to true; the flag is useful for overriding a config or preset that disables it)

Fixed

  • Fixed --no-newlines-before-tag-close being silently ignored due to a Commander.js key mismatch: the flag is now correctly applied

[6.1.5] - 2026-04-24

Fixed

  • Fixed continueOnParseError failing to parse elements whose quoted attribute values (e.g., large base64 data URLs in src) exceed the internal 20 KB search window—previously the parser silently dropped the value, broke on the following =, and fell back to treating <img as text, which decodeEntities then encoded as &lt;img

[6.1.4] - 2026-04-24

Fixed

  • Extended continueOnParseError error recovery to also include < in unquoted attribute values (e.g., href=foo<bar), consistent with HTML error-recovery rules and matching the treatment of = and ````` added in 6.1.3

[6.1.3] - 2026-04-23

Fixed

  • Fixed continueOnParseError incorrectly handling unquoted attribute values that contain = (e.g., href=?b=c)—the parser now includes = (as well as `````) in the value per HTML error-recovery rules, preserving tag structure and the closing tag instead of dropping it

[6.1.2] - 2026-04-10

Fixed

  • Fixed mergeScripts to use a scanner instead of a regex for locating </script> boundaries, correctly handling scripts that contain a literal </script> string in their content
  • Fixed CLI config file error messages to show only the relevant error for the detected file type (.json, .cjs, .mjs, .js), rather than reporting all three attempted parse errors at once
  • Fixed LRU cache size validation for user-provided cacheCSS/cacheJS/cacheSVG option values: Non-finite values (NaN, Infinity) now fall back to the default size (500), non-integer values are floored, and values below 1 are clamped to 1 (previously only exactly 0 was coerced to 1)

[6.1.1] - 2026-04-07

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump html-minifier-next from 5.2.2 to 6.2.1
9b73705 
Bumps [html-minifier-next](https://github.com/j9t/html-minifier-next) from 5.2.2 to 6.2.1.
- [Changelog](https://github.com/j9t/html-minifier-next/blob/main/CHANGELOG.md)
- [Commits](https://github.com/j9t/html-minifier-next/commits)

---
updated-dependencies:
- dependency-name: html-minifier-next
  dependency-version: 6.2.1
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants