Bump fast-xml-parser and mcdev

[dependabot]

Bumps fast-xml-parser and mcdev. These dependencies needed to be updated together.
Updates fast-xml-parser from 5.4.2 to 5.5.9

Release notes

Sourced from fast-xml-parser's releases.

fix entity expansion and incorrect replacement and performance

Full Changelog: NaturalIntelligence/fast-xml-parser@v5.5.5...v5.5.6

support onDangerousProperty

Full Changelog: NaturalIntelligence/fast-xml-parser@v5.5.3...v5.5.5

update dependecies to fix typings

Full Changelog: NaturalIntelligence/fast-xml-parser@v5.5.1...v5.5.2

integrate path-expression-matcher

• support path-expression-matcher
• fix: stopNode should not be parsed
• performance improvement for stopNode checking

Commits

• See full diff in compare view

Updates mcdev from 9.0.2 to 9.0.3

Release notes

Sourced from mcdev's releases.

v9.0.3

Bugfixes

• #1838 fix shared dataExtensions not resolved if linking type is retrieved together with dataExtensions in Accenture/sfmc-devtools#2545
• #2544 fix shared dataExtension fields not resolved in journey UPDATECONTACTDATA activity in Accenture/sfmc-devtools#2546
• #2568 fix type filter referencing dataFilter with wrong name breaking build --dependencies by @​JoernBerkefeld in Accenture/sfmc-devtools#2569
• #1834 fix build not finding shared dataExtensions when run on child BU in Accenture/sfmc-devtools#2552

Chores

• #2145 Warn about dataExtension fields needing manual deletion after deploy in Accenture/sfmc-devtools#2548
• #2549 create copilot-instructions.md and update branch/hook support for copilot agents in Accenture/sfmc-devtools#2550

Dependencies

• Bump sfmc-sdk from 3.0.1 to 3.0.2 by @​dependabot[bot] in Accenture/sfmc-devtools#2561
• Bump sfmc-sdk from 3.0.2 to 3.0.3 by @​dependabot[bot] in Accenture/sfmc-devtools#2576
• Bump fast-xml-parser from 5.4.2 to 5.5.6 by @​dependabot[bot] in Accenture/sfmc-devtools#2554
• Bump fast-xml-parser from 5.5.7 to 5.5.9 by @​dependabot[bot] in Accenture/sfmc-devtools#2571
• Bump prettier-plugin-sql from 0.19.2 to 0.20.0 by @​dependabot[bot] in Accenture/sfmc-devtools#2564
• Bump @​types/node from 25.3.5 to 25.5.0 by @​dependabot[bot] in Accenture/sfmc-devtools#2559
• Bump eslint-plugin-jsdoc from 62.7.1 to 62.8.0 by @​dependabot[bot] in Accenture/sfmc-devtools#2558
• Bump lint-staged from 16.3.2 to 16.4.0 by @​dependabot[bot] in Accenture/sfmc-devtools#2557
• Bump simple-git from 3.32.3 to 3.33.0 by @​dependabot[bot] in Accenture/sfmc-devtools#2555
• Bump inquirer from 13.3.0 to 13.3.2 by @​dependabot[bot] in Accenture/sfmc-devtools#2553
• Bump eslint from 10.0.3 to 10.1.0 by @​dependabot[bot] in Accenture/sfmc-devtools#2572
• Bump dawidd6/action-download-artifact from 16 to 19 by @​dependabot[bot] in Accenture/sfmc-devtools#2573

Full Changelog: Accenture/sfmc-devtools@v9.0.2...v9.0.3

Commits

• 7697057 Merge pull request #2576 from Accenture/dependabot/npm_and_yarn/develop/sfmc-...
• 9be5a3f Bump sfmc-sdk from 3.0.2 to 3.0.3
• de20768 9.0.3
• f4085b7 prep 9.0.3
• 71106ef Merge pull request #2573 from Accenture/dependabot/github_actions/main/dawidd...
• 517d84c Bump dawidd6/action-download-artifact from 16 to 19
• c647ce7 Merge pull request #2575 from Accenture/develop
• 09f8a79 Merge branch 'main' into develop
• 9771a36 prepare-release changes
• b427643 #0: fix missing skipInteration option for postFixKeysReretrieve
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.