[Snyk] Security upgrade xss from 0.3.7 to 1.0.10

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	661/1000 Why? Recently disclosed, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-XSS-1584355	Yes	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: xss

The new version differs by 108 commits.

380a4ba publish: v1.0.10
699acde fix: #239 stripCommentTag DoS attack
9cbe2f1 Create SECURITY.md
bdd1b03 chore: fix nodejs.yml remove node-version 8.x
3be6a07 chore: update devDependencies to latest version
948dfb1 docs: update CI badge
831a6a2 chore: github action nodejs.yml run test-cov instead of test
0ba3cdb chore: remove .travis.yml
cdee88e chore: fix github action nodejs.yml
624aba9 chore: add github action nodejs.yml
901b771 style: reformat all source code by prettier
0b15109 docs: update changelog
3e153f5 fix: typings `onTag` options
82cb63f docs: update changelog
a1d9b44 fix: typings IWhiteList allow any tag name
005098b feat: Add `<strike>` to default whitelist
dcf1486 feat: Add `<audio crossorigin muted>`, `<video crossorigin muted playsinline poster>` to default whitelist
f4c0b29 Merge pull request #220 from daraz999/patch-1
2f5dd55 fix: recover `<summary>` on the default whitelist
d94ac2a publish: v1.0.9
4452638 chore: add package-lock.json to .ignore
cff16d9 chore: build dist
730a0b5 Merge pull request #218 from TomAnthony/fix-whitespace-bypass
6586f49 Merge pull request #216 from spacegaier/patch-1

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

apavlidi / IT_API