chore(deps): bump xml2js and favicons

[dependabot[bot]]

Bumps xml2js to 0.5.0 and updates ancestor dependency favicons. These dependencies need to be updated together.

Updates xml2js from 0.4.23 to 0.5.0

Commits

• See full diff in compare view

Updates favicons from 6.2.1 to 7.1.2

Release notes

Sourced from favicons's releases.

v7.1.2

• Update xml2js to 0.5.0
• Update sharp to 0.32.0
• Update Typescript to 5

v7.1.1

No release notes provided.

v7.1.0

• A new cache busting option cacheBustingQueryParam is added

v7.0.2

• Allow to specify which icons to generate and their options simultaneously #407
• Opt-in support of SVG icons #401
• Throw an error if background is not specified and Windows icon is generated #408
• Update dependencies to their latest versions

v7.0.1

• Change minimal supported version of NodeJS to 14.x #402
• re-export FaviconOptions #404

v7.0.0

Notable changes

• Maskable icons #336
• Remove dependency on to-ico
• Replace Jimp by Sharp #338
• [BREAKING] Predictable picking of source image #350
• New option output to control which files are generated. This may be useful for those who want to generate different versions of manifest (e.g. per-locale) and reuse icons
• Proper escaping of application name and short name https://github.com/itgalaxy/favicons/commit/7ac5abf0e08a43730608771a2776b9d752733a5b
• Add support for related_applications (#352)
• [BREAKING] Drop support of Firefox OS and Opera Coast.
• New option manifestFileName. It may be used if you want to rename a manifest file: { files: { windows: { manifestFileName: "file.xml" } } }.
• [BREAKING] Rename manifest.json to manifest.webmanifest
• [BREAKING] Remove support of Gulp
• Add webmanifest's shortcuts support #378
• Fix scaling of SVG #380
• [BREAKING] Drop support of NodeJS 12.x
• remove non standard rel=shortcut #384
• [BREAKING] Drop support of callbacks in favor of promises. A code like this favicons(source, options, (error, result) => { ... }) should be changed to favicons(source, options).then(result => { ... }, error => { ... }).

Operational changes

• Migrate CI from Travis CI and AppVeyor to GitHub Actions #339
• Migrate test suite from AVA to Jest
• Convert source code to Typescript
• Refactor internals so that each platform is a separated class which may encapsulate that platform's features https://github.com/itgalaxy/favicons/commit/6ea0e18ee6a3ace0cda678a48fdaa25dc187d86f
• Remove logging feature. We do not log anything anymore.

... (truncated)

Commits

• 736ad0b Version 7.1.2
• cbb641f Update Typescript and other dependencies
• bf3b9bb Update sharp to 0.32.0
• 03741dd Update xml2js to 0.5.0
• ed8404a Version 7.1.1
• f7b4958 Update dependencies
• 80927ff Relax some input types
• 3d200b6 Version 7.1.0
• 8300a6d Prettify code
• 8d1797e readme.md: example to generate the output
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by andy128k, a new releaser for favicons since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/josh-hemphill/vite-plugin-favicon/network/alerts).

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.