fix: bump xml2js to 0.6.2

intacct / intacct-sdk-js

Official repository of the Sage Intacct SDK for JavaScript in Node.js

https://developer.intacct.com/tools/sdk-node-js/

Apache License 2.0

22 stars 31 forks source link

fix: bump xml2js to 0.6.2 #129

Open blimmer opened 3 months ago

blimmer commented 3 months ago

Fixes #120

Resolves https://nvd.nist.gov/vuln/detail/CVE-2023-0842

0.6.2 is backward compatible with 0.4.x (0.5.x introduced a non-backward-compatible fix for the CVE listed above). Therefore, this should be safe to treat as a bugfix version (e.g., 2.2.2).