chore(SEC-11596): security upgrades for stripe-react-native

[phantom-autopilot]

Summary

Resolves SEC-11596.

Bumps fast-xml-parser from 4.5.3 → 4.5.6 in example/yarn.lock to resolve GHSA-m7jm-9gc2-mpf2 (CRITICAL; advisory fix 4.5.4). fast-xml-parser is a transitive dependency of the @react-native-community/cli-* packages and react-native-test-app used by the example app, so the bump is lockfile-only and example/package.json is unchanged.

Advisory	Severity	Package	Installed → Resolved
GHSA-m7jm-9gc2-mpf2	CRITICAL	fast-xml-parser	4.5.3 → 4.5.6

Test plan

• yarn typescript passes at the repo root
• yarn lint passes at the repo root
• yarn test (Jest) passes at the repo root
• yarn install re-resolves example/yarn.lock cleanly

🤖 Generated with Claude Code

[coderabbitai]

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (1)

• example/yarn.lock is excluded by !**/yarn.lock, !**/*.lock

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 8991294b-e52c-4cac-8b92-69a637080241

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch autopilot2/sec-11596_critical-upgrade-fast-xml-parser-in-phantom-stripe-react-nat

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[phantom-autopilot]

PR opened by agent

Execution log

#10