From 3fe35b87bea520445b5fed7379cc8e3c6bada7c9 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 7 Apr 2022 16:12:02 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ASYNC-2441827
---
 package-lock.json | 26 ++++++--------------------
 package.json      |  2 +-
 2 files changed, 7 insertions(+), 21 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 5faf5a9..ec10f2a 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -121,14 +121,6 @@
             "integrity": "sha512-jgsaNduz+ndvGyFt3uSuWqvy4lCnIJiovtouQN5JZHOKCS2QuhEdbcQHFhVksz2N2U9hXJo8odG7ETyWlEeuDw==",
             "dev": true
         },
-        "async": {
-            "version": "2.6.2",
-            "resolved": "https://registry.npmjs.org/async/-/async-2.6.2.tgz",
-            "integrity": "sha512-H1qVYh1MYhEEFLsP97cVKqCGo7KfCyTt6uEWqsTBr9SO84oK9Uwbyd/yCW+6rKJLHksBNUVWZDAjfS+Ccx0Bbg==",
-            "requires": {
-                "lodash": "^4.17.11"
-            }
-        },
         "balanced-match": {
             "version": "1.0.0",
             "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz",
@@ -283,9 +275,9 @@
             "dev": true
         },
         "ejs": {
-            "version": "2.6.2",
-            "resolved": "https://registry.npmjs.org/ejs/-/ejs-2.6.2.tgz",
-            "integrity": "sha512-PcW2a0tyTuPHz3tWyYqtK6r1fZ3gp+3Sop8Ph+ZYN81Ob5rwmbHEzaqs10N3BEsaGTkh/ooniXK+WwszGlc2+Q=="
+            "version": "2.7.4",
+            "resolved": "https://registry.npmjs.org/ejs/-/ejs-2.7.4.tgz",
+            "integrity": "sha512-7vmuyh5+kuUyJKePhQfRQBhXV5Ce+RnaeeQArKu1EAMpL3WbgMt5WG6uQZpEVvYSSsxMXRKOewtDk9RaTKXRlA=="
         },
         "escape-string-regexp": {
             "version": "1.0.5",
@@ -450,11 +442,6 @@
                 "node-pre-gyp": "~0.11.0"
             }
         },
-        "lodash": {
-            "version": "4.17.11",
-            "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz",
-            "integrity": "sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg=="
-        },
         "minimatch": {
             "version": "3.0.4",
             "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz",
@@ -931,11 +918,10 @@
             }
         },
         "xml-encryption": {
-            "version": "0.11.2",
-            "resolved": "https://registry.npmjs.org/xml-encryption/-/xml-encryption-0.11.2.tgz",
-            "integrity": "sha512-jVvES7i5ovdO7N+NjgncA326xYKjhqeAnnvIgRnY7ROLCfFqEDLwP0Sxp/30SHG0AXQV1048T5yinOFyvwGFzg==",
+            "version": "0.12.0",
+            "resolved": "https://registry.npmjs.org/xml-encryption/-/xml-encryption-0.12.0.tgz",
+            "integrity": "sha512-9BEOc/k9UjCRd4rwPTSJq888ddAQCCH0uu4kt/BV2Dwox5RO/hBIlh0n0ipIUf6E3Pnfonr9oiyGkEEi+trhEQ==",
             "requires": {
-                "async": "^2.1.5",
                 "ejs": "^2.5.6",
                 "node-forge": "^0.7.0",
                 "xmldom": "~0.1.15",
diff --git a/package.json b/package.json
index ba489ea..bdfcec4 100644
--- a/package.json
+++ b/package.json
@@ -39,7 +39,7 @@
     "dependencies": {
         "libxmljs": "0.19.7",
         "xml-crypto": "0.10.1",
-        "xml-encryption": "0.11.2",
+        "xml-encryption": "0.12.0",
         "xml2js": "0.4.19",
         "xmldom": "0.1.27",
         "xpath": "0.0.27"