Update dependency xmldom

Switching from package `xmldom` to `@xmldom/xmldom`, which resolves the security issue present in latest xmldom version 0.6.0: GHSA-5fg8-2547-mr8q The reason is that the maintainers were forced to switch to a scoped package since 0.7.0: xmldom/xmldom#271 - I only changed all occurences of `xmldom`, I didn't execute `npm install` or any other scripts. - Since there is no package-lock.json, I have no idea what version of xmldom people were actually using (depends on the time of running `npm install`), so I'm just assuming everybody was using 0.6.0 - fixes #41 I'm one of the xmldom maintainers. Don't hesitate to ask me questions about it.
kewisch · Jun 10, 2022 · b490158 · b490158
1 parent bef4191
commit b490158
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 4 deletions.
diff --git a/lib/sepa.js b/lib/sepa.js
@@ -759,7 +759,7 @@
     if (typeof document !== 'undefined' && typeof document.implementation !== 'undefined') {
       return document.implementation.createDocument(nsURI, qname);
     } else {
-      var DOMImplementation = require('xmldom').DOMImplementation;
+      var DOMImplementation = require('@xmldom/xmldom').DOMImplementation;
       return new DOMImplementation().createDocument(nsURI, qname);
     }
   }
@@ -774,7 +774,7 @@
   function serializeToString(doc) {
     var s;
     if (typeof window === 'undefined') {
-      var XMLSerializer = require('xmldom').XMLSerializer;
+      var XMLSerializer = require('@xmldom/xmldom').XMLSerializer;
       s = new XMLSerializer();
     } else {
       s = new window.XMLSerializer();