From 290bda23ff26c10c55e8c1b34d82bba2e2e8426d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 15 Jan 2022 15:35:27 +0000 Subject: [PATCH] fix: upgrade xml-encryption from 1.2.4 to 1.3.0 Snyk has created this PR to upgrade xml-encryption from 1.2.4 to 1.3.0. See this package in npm: https://www.npmjs.com/package/xml-encryption See this project in Snyk: https://app.snyk.io/org/notarise-gov-sg/project/6c8ae889-ecab-4099-9384-b0497f7ef155?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 31 ++++++++++++++++++++++--------- package.json | 2 +- 2 files changed, 23 insertions(+), 10 deletions(-) diff --git a/package-lock.json b/package-lock.json index 6410226..1297f3e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -23,7 +23,7 @@ "node-jose": "^2.0.0", "uuid": "^8.0.0", "xml-crypto": "^2.1.2", - "xml-encryption": "^1.2.4", + "xml-encryption": "^1.3.0", "xmldom": "^0.6.0", "xpath": "0.0.32" }, @@ -488,6 +488,14 @@ "integrity": "sha512-//oorEZjL6sbPcKUaCdIGlIUeH26mgzimjBB77G6XRgnDl/L5wOnpyBGRe/Mmf5CVW3PwEBE1NjiMZ/ssFh4wA==", "dev": true }, + "node_modules/@xmldom/xmldom": { + "version": "0.7.5", + "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.7.5.tgz", + "integrity": "sha512-V3BIhmY36fXZ1OtVcI9W+FxQqxVLsPKcNjWigIaa81dLC9IolJl5Mt4Cvhmr0flUnjSpTdrbMTSbXqYqV5dT6A==", + "engines": { + "node": ">=10.0.0" + } + }, "node_modules/abbrev": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz", @@ -5773,13 +5781,13 @@ } }, "node_modules/xml-encryption": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/xml-encryption/-/xml-encryption-1.2.4.tgz", - "integrity": "sha512-+4aSBIv/lwmv5PntfYsZyelOnCcyDmCt/MNxXUukRGlcWW8DObJ26obbVX3iXYRdqkLqbv3AKk8ntNCGKIq/UQ==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/xml-encryption/-/xml-encryption-1.3.0.tgz", + "integrity": "sha512-3P8C4egMMxSR1BmsRM+fG16a3WzOuUEQKS2U4c3AZ5v7OseIfdUeVkD8dwxIhuLryFZSRWUL5OP6oqkgU7hguA==", "dependencies": { + "@xmldom/xmldom": "^0.7.0", "escape-html": "^1.0.3", "node-forge": "^0.10.0", - "xmldom": "~0.6.0", "xpath": "0.0.32" }, "engines": { @@ -6220,6 +6228,11 @@ "integrity": "sha512-//oorEZjL6sbPcKUaCdIGlIUeH26mgzimjBB77G6XRgnDl/L5wOnpyBGRe/Mmf5CVW3PwEBE1NjiMZ/ssFh4wA==", "dev": true }, + "@xmldom/xmldom": { + "version": "0.7.5", + "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.7.5.tgz", + "integrity": "sha512-V3BIhmY36fXZ1OtVcI9W+FxQqxVLsPKcNjWigIaa81dLC9IolJl5Mt4Cvhmr0flUnjSpTdrbMTSbXqYqV5dT6A==" + }, "abbrev": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.1.1.tgz", @@ -10336,13 +10349,13 @@ } }, "xml-encryption": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/xml-encryption/-/xml-encryption-1.2.4.tgz", - "integrity": "sha512-+4aSBIv/lwmv5PntfYsZyelOnCcyDmCt/MNxXUukRGlcWW8DObJ26obbVX3iXYRdqkLqbv3AKk8ntNCGKIq/UQ==", + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/xml-encryption/-/xml-encryption-1.3.0.tgz", + "integrity": "sha512-3P8C4egMMxSR1BmsRM+fG16a3WzOuUEQKS2U4c3AZ5v7OseIfdUeVkD8dwxIhuLryFZSRWUL5OP6oqkgU7hguA==", "requires": { + "@xmldom/xmldom": "^0.7.0", "escape-html": "^1.0.3", "node-forge": "^0.10.0", - "xmldom": "~0.6.0", "xpath": "0.0.32" } }, diff --git a/package.json b/package.json index b96eb74..7d21c4a 100644 --- a/package.json +++ b/package.json @@ -49,7 +49,7 @@ "node-jose": "^2.0.0", "uuid": "^8.0.0", "xml-crypto": "^2.1.2", - "xml-encryption": "^1.2.4", + "xml-encryption": "^1.3.0", "xmldom": "^0.6.0", "xpath": "0.0.32" },