From 1770e404637b47515aeb045f7a7098b402d936c0 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 1 Dec 2023 14:25:14 +0000 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-XMLDOM-1534562 - https://snyk.io/vuln/SNYK-JS-XMLDOM-3042242 - https://snyk.io/vuln/SNYK-JS-XMLDOM-3092935 --- package-lock.json | 47 ++++++++++++++++++++++++++++++----------------- package.json | 2 +- 2 files changed, 31 insertions(+), 18 deletions(-) diff --git a/package-lock.json b/package-lock.json index d32e808..26a8bfe 100644 --- a/package-lock.json +++ b/package-lock.json @@ -21,7 +21,7 @@ "temp": "^0.9.4", "tslib": "^2.1.0", "xadesjs": "^2.1.1", - "xml-core": "^1.1.2", + "xml-core": "^1.1.4", "xmldom": "^0.5.0", "xmldom-alpha": "^0.1.28", "xmldsigjs": "^2.1.3" @@ -595,6 +595,14 @@ "integrity": "sha512-sL/cEvJWAnClXw0wHk85/2L0G6Sj8UB0Ctc1TEMbKSsmpRosqhwj9gWgFRZSrBr2f9tiXISwNhCPmlfqUqyb9Q==", "dev": true }, + "node_modules/@xmldom/xmldom": { + "version": "0.8.10", + "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.10.tgz", + "integrity": "sha512-2WALfTl4xo2SkGCYRt6rDTFfk9R1czmBvUQy12gK2KuRKIpWEhcbbzy8EZXtz/jkRqHX8bFEc6FC1HjX4TUWYw==", + "engines": { + "node": ">=10.0.0" + } + }, "node_modules/aggregate-error": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz", @@ -3034,9 +3042,9 @@ } }, "node_modules/tslib": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.1.0.tgz", - "integrity": "sha512-hcVC3wYEziELGGmEEXue7D75zbwIIVUMWAVbHItGPx0ziyXxrOMQx4rQEVEV45Ut/1IotuEvwqPopzIOkDMf0A==" + "version": "2.6.2", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.2.tgz", + "integrity": "sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q==" }, "node_modules/type-fest": { "version": "0.8.1", @@ -3232,12 +3240,12 @@ } }, "node_modules/xml-core": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/xml-core/-/xml-core-1.1.2.tgz", - "integrity": "sha512-+AKWq+5srt1Kolz20UVVmmBNTZAQioE0DOjBrgybXpzVdtuF00l4lqlGy6YllDe/kwIW/ew0mvfJ/LiLZbAR8A==", + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/xml-core/-/xml-core-1.1.4.tgz", + "integrity": "sha512-wDY09jDvE1r03KoNye3puzLCWQMrHBL5LduGDX9mDja7iQY3+vPFJrHxZDEcc9cs8s0DDKqY/jBTACO1mB/hrw==", "dependencies": { - "tslib": "^2.1.0", - "xmldom": "^0.5.0", + "@xmldom/xmldom": "^0.8.0", + "tslib": "^2.3.1", "xpath.js": "^1.1.0" } }, @@ -3921,6 +3929,11 @@ "integrity": "sha512-sL/cEvJWAnClXw0wHk85/2L0G6Sj8UB0Ctc1TEMbKSsmpRosqhwj9gWgFRZSrBr2f9tiXISwNhCPmlfqUqyb9Q==", "dev": true }, + "@xmldom/xmldom": { + "version": "0.8.10", + "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.10.tgz", + "integrity": "sha512-2WALfTl4xo2SkGCYRt6rDTFfk9R1czmBvUQy12gK2KuRKIpWEhcbbzy8EZXtz/jkRqHX8bFEc6FC1HjX4TUWYw==" + }, "aggregate-error": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/aggregate-error/-/aggregate-error-3.1.0.tgz", @@ -5806,9 +5819,9 @@ } }, "tslib": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.1.0.tgz", - "integrity": "sha512-hcVC3wYEziELGGmEEXue7D75zbwIIVUMWAVbHItGPx0ziyXxrOMQx4rQEVEV45Ut/1IotuEvwqPopzIOkDMf0A==" + "version": "2.6.2", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.6.2.tgz", + "integrity": "sha512-AEYxH93jGFPn/a2iVAwW87VuUIkR1FVUKB77NwMF7nBTDkDrrT/Hpt/IrCJ0QXhW27jTBDcf5ZY7w6RiqTMw2Q==" }, "type-fest": { "version": "0.8.1", @@ -5966,12 +5979,12 @@ } }, "xml-core": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/xml-core/-/xml-core-1.1.2.tgz", - "integrity": "sha512-+AKWq+5srt1Kolz20UVVmmBNTZAQioE0DOjBrgybXpzVdtuF00l4lqlGy6YllDe/kwIW/ew0mvfJ/LiLZbAR8A==", + "version": "1.1.4", + "resolved": "https://registry.npmjs.org/xml-core/-/xml-core-1.1.4.tgz", + "integrity": "sha512-wDY09jDvE1r03KoNye3puzLCWQMrHBL5LduGDX9mDja7iQY3+vPFJrHxZDEcc9cs8s0DDKqY/jBTACO1mB/hrw==", "requires": { - "tslib": "^2.1.0", - "xmldom": "^0.5.0", + "@xmldom/xmldom": "^0.8.0", + "tslib": "^2.3.1", "xpath.js": "^1.1.0" } }, diff --git a/package.json b/package.json index 717ee92..968ef2d 100644 --- a/package.json +++ b/package.json @@ -41,7 +41,7 @@ "temp": "^0.9.4", "tslib": "^2.1.0", "xadesjs": "^2.1.1", - "xml-core": "^1.1.2", + "xml-core": "^1.1.4", "xmldom": "^0.5.0", "xmldom-alpha": "^0.1.28", "xmldsigjs": "^2.1.3"