From 51f3e3fce21353fcf7611f8fc74935361ec43a79 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 14 Oct 2022 01:49:05 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-XMLDOMXMLDOM-3042243
---
 package-lock.json | 15 +++++++++++----
 package.json      |  2 +-
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 07cd1618..775ce9e4 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -3905,12 +3905,19 @@
       "dev": true
     },
     "xml-crypto": {
-      "version": "2.1.3",
-      "resolved": "https://registry.npmjs.org/xml-crypto/-/xml-crypto-2.1.3.tgz",
-      "integrity": "sha512-MpXZwnn9JK0mNPZ5mnFIbNnQa+8lMGK4NtnX2FlJMfMWR60sJdFO9X72yO6ji068pxixzk53O7x0/iSKh6IhyQ==",
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/xml-crypto/-/xml-crypto-3.0.0.tgz",
+      "integrity": "sha512-vdmZOsWgjnFxYGY7OwCgxs+HLWzwvLgX2n0NSYWh3gudckQyNOmtJTT6ooOWEvDZSpC9qRjRs2bEXqKFi1oCHw==",
       "requires": {
-        "@xmldom/xmldom": "^0.7.0",
+        "@xmldom/xmldom": "^0.8.3",
         "xpath": "0.0.32"
+      },
+      "dependencies": {
+        "@xmldom/xmldom": {
+          "version": "0.8.3",
+          "resolved": "https://registry.npmjs.org/@xmldom/xmldom/-/xmldom-0.8.3.tgz",
+          "integrity": "sha512-Lv2vySXypg4nfa51LY1nU8yDAGo/5YwF+EY/rUZgIbfvwVARcd67ttCM8SMsTeJy51YhHYavEq+FS6R0hW9PFQ=="
+        }
       }
     },
     "xml-encryption": {
diff --git a/package.json b/package.json
index 6065128e..6c45144e 100644
--- a/package.json
+++ b/package.json
@@ -48,7 +48,7 @@
     "node-jose": "^2.1.1",
     "pem": "^1.14.6",
     "uuid": "^8.0.0",
-    "xml-crypto": "^2.1.3",
+    "xml-crypto": "^3.0.0",
     "xml-encryption": "^2.0.0",
     "xmldom": "^0.6.0",
     "xpath": "0.0.32"