fix vulnerability with soap and xml-crypto (node-ews > soap > xml-crypto)

nmarus / node-ews

A simple JSON wrapper for the Exchange Web Services (EWS) SOAP API.

MIT License

116 stars 52 forks source link

fix vulnerability with soap and xml-crypto (node-ews > soap > xml-crypto) #136

Closed karlhaworth closed 3 years ago

karlhaworth commented 3 years ago

xml-crypto contains a vulnerability, which is used by the soap module. This appears when running an npm audit

I ran the cmd npm upgrade soap which cleared the vulnerability finding. npm audit returns with 0 vulnerabilities where before it found 1 with soap.

I found no breaking changes in the upgraded modules.

karlhaworth commented 3 years ago

@nmarus is this something that could be reviewed and merged? I am not sure how you accept contributions or if you do. Thanks!