From 813a67c0ee4b35a19371914a17f9c5a702e31d50 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 10 Feb 2021 06:33:42 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-EJS-1049328
---
 package-lock.json | 30 ++++++++----------------------
 package.json      |  2 +-
 2 files changed, 9 insertions(+), 23 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 5faf5a9..a3520aa 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -121,14 +121,6 @@
             "integrity": "sha512-jgsaNduz+ndvGyFt3uSuWqvy4lCnIJiovtouQN5JZHOKCS2QuhEdbcQHFhVksz2N2U9hXJo8odG7ETyWlEeuDw==",
             "dev": true
         },
-        "async": {
-            "version": "2.6.2",
-            "resolved": "https://registry.npmjs.org/async/-/async-2.6.2.tgz",
-            "integrity": "sha512-H1qVYh1MYhEEFLsP97cVKqCGo7KfCyTt6uEWqsTBr9SO84oK9Uwbyd/yCW+6rKJLHksBNUVWZDAjfS+Ccx0Bbg==",
-            "requires": {
-                "lodash": "^4.17.11"
-            }
-        },
         "balanced-match": {
             "version": "1.0.0",
             "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz",
@@ -282,10 +274,10 @@
             "integrity": "sha512-A46qtFgd+g7pDZinpnwiRJtxbC1hpgf0uzP3iG89scHk0AUC7A1TGxf5OiiOUv/JMZR8GOt8hL900hV0bOy5xA==",
             "dev": true
         },
-        "ejs": {
-            "version": "2.6.2",
-            "resolved": "https://registry.npmjs.org/ejs/-/ejs-2.6.2.tgz",
-            "integrity": "sha512-PcW2a0tyTuPHz3tWyYqtK6r1fZ3gp+3Sop8Ph+ZYN81Ob5rwmbHEzaqs10N3BEsaGTkh/ooniXK+WwszGlc2+Q=="
+        "escape-html": {
+            "version": "1.0.3",
+            "resolved": "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz",
+            "integrity": "sha1-Aljq5NPQwJdN4cFpGI7wBR0dGYg="
         },
         "escape-string-regexp": {
             "version": "1.0.5",
@@ -450,11 +442,6 @@
                 "node-pre-gyp": "~0.11.0"
             }
         },
-        "lodash": {
-            "version": "4.17.11",
-            "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz",
-            "integrity": "sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg=="
-        },
         "minimatch": {
             "version": "3.0.4",
             "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz",
@@ -931,12 +918,11 @@
             }
         },
         "xml-encryption": {
-            "version": "0.11.2",
-            "resolved": "https://registry.npmjs.org/xml-encryption/-/xml-encryption-0.11.2.tgz",
-            "integrity": "sha512-jVvES7i5ovdO7N+NjgncA326xYKjhqeAnnvIgRnY7ROLCfFqEDLwP0Sxp/30SHG0AXQV1048T5yinOFyvwGFzg==",
+            "version": "1.0.0",
+            "resolved": "https://registry.npmjs.org/xml-encryption/-/xml-encryption-1.0.0.tgz",
+            "integrity": "sha512-xTqcgKPN3XOswvDPXrhtyvWZ96IFcO9Azv3vS060kOpBsK5T7OxbQDxb59bPLl4b4c2IgmSZC3kJB0n5WPr2Mw==",
             "requires": {
-                "async": "^2.1.5",
-                "ejs": "^2.5.6",
+                "escape-html": "^1.0.3",
                 "node-forge": "^0.7.0",
                 "xmldom": "~0.1.15",
                 "xpath": "0.0.27"
diff --git a/package.json b/package.json
index ba489ea..1dfdd6d 100644
--- a/package.json
+++ b/package.json
@@ -39,7 +39,7 @@
     "dependencies": {
         "libxmljs": "0.19.7",
         "xml-crypto": "0.10.1",
-        "xml-encryption": "0.11.2",
+        "xml-encryption": "1.0.0",
         "xml2js": "0.4.19",
         "xmldom": "0.1.27",
         "xpath": "0.0.27"