chore: Upgrade dependency xmldom

[karfau]

Switching from package xmldom to @xmldom/xmldom, which resolves the security issue present in latest xmldom version 0.6.0: https://github.com/xmldom/xmldom/security/advisories/GHSA-5fg8-2547-mr8q

The reason is that the maintainers were forced to switch to a scoped package since 0.7.0: https://github.com/xmldom/xmldom/issues/271

• The reference to @types/xmldom can be dropped, since xmldom now comes with types as part of the package.
• I used node 16 to run npm install
• I did run npm run build:all on my machine after that, no error was reported.
• Some changes in the package-lock.json indicate that it was not in sync with the package.json, but I left them in place

I'm one of the xmldom maintainers. Don't hesitate to ask me questions.

I'mable to provide similar PRs for the following repos, but only after this one was landed (or we agreed which other repo should be taken care of first):

• https://github.com/readium/r2-opds-js
• https://github.com/readium/r2-streamer-js
• https://github.com/readium/r2-navigator-js

Changes in xmldom since 0.6.0

## [0.8.0](https://github.com/xmldom/xmldom/compare/0.7.5...0.8.0) ### Fixed - Normalize all line endings according to XML specs [1.0](https://w3.org/TR/xml/#sec-line-ends) and [1.1](https://www.w3.org/TR/xml11/#sec-line-ends) \ BREAKING CHANGE: Certain combination of line break characters are normalized to a single `\n` before parsing takes place and will no longer be preserved. - [`#303`](https://github.com/xmldom/xmldom/issues/303) / [`#307`](https://github.com/xmldom/xmldom/pull/307) - [`#49`](https://github.com/xmldom/xmldom/issues/49), [`#97`](https://github.com/xmldom/xmldom/issues/97), [`#324`](https://github.com/xmldom/xmldom/issues/324) / [`#314`](https://github.com/xmldom/xmldom/pull/314) - XMLSerializer: Preserve whitespace character references [`#284`](https://github.com/xmldom/xmldom/issues/284) / [`#310`](https://github.com/xmldom/xmldom/pull/310) \ BREAKING CHANGE: If you relied on the not spec compliant preservation of literal `\t`, `\n` or `\r` in **attribute values**. To preserve those you will have to create XML that instead contains the correct numerical (or hexadecimal) equivalent (e.g. ` `, ` `, ` `). - Drop deprecated exports `DOMImplementation` and `XMLSerializer` from `lib/dom-parser.js` [#53](https://github.com/xmldom/xmldom/issues/53) / [`#309`](https://github.com/xmldom/xmldom/pull/309) BREAKING CHANGE: Use the one provided by the main package export. - dom: Remove all links as part of `removeChild` [`#343`](https://github.com/xmldom/xmldom/issues/343) / [`#355`](https://github.com/xmldom/xmldom/pull/355) ### Chore - ci: Restore latest tested node version to 16.x [`#325`](https://github.com/xmldom/xmldom/pull/325) - ci: Split test and lint steps into jobs [`#111`](https://github.com/xmldom/xmldom/issues/111) / [`#304`](https://github.com/xmldom/xmldom/pull/304) - Pinned and updated devDependencies Thank you [@marrus-sh](https://github.com/marrus-sh), [@victorandree](https://github.com/victorandree), [@mdierolf](https://github.com/mdierolf), [@tsabbay](https://github.com/tsabbay), [@fatihpense](https://github.com/fatihpense) for your contributions ## 0.7.5 [Commits](https://github.com/xmldom/xmldom/compare/0.7.4...0.7.5) ### Fixes: - Preserve default namespace when serializing [`#319`](https://github.com/xmldom/xmldom/issues/319) / [`#321`](https://github.com/xmldom/xmldom/pull/321) Thank you [@lupestro](https://github.com/lupestro) ## 0.7.4 [Commits](https://github.com/xmldom/xmldom/compare/0.7.3...0.7.4) ### Fixes: - Restore ability to parse `__prototype__` attributes [`#315`](https://github.com/xmldom/xmldom/pull/315) Thank you [@dsimsonOMF](https://github.com/dsimsonOMF) ## 0.7.3 [Commits](https://github.com/xmldom/xmldom/compare/0.7.2...0.7.3) ### Fixes: - Add doctype when parsing from string [`#277`](https://github.com/xmldom/xmldom/issues/277) / [`#301`](https://github.com/xmldom/xmldom/pull/301) - Correct typo in error message [`#294`](https://github.com/xmldom/xmldom/pull/294) Thank you [@rrthomas](https://github.com/rrthomas) ### Refactor: - Improve exports & require statements, new main package entry [`#233`](https://github.com/xmldom/xmldom/pull/233) ### Docs: - Fix Stryker badge [`#298`](https://github.com/xmldom/xmldom/pull/298) - Fix link to help-wanted issues [`#299`](https://github.com/xmldom/xmldom/pull/299) ### Chore: - Execute stryker:dry-run on branches [`#302`](https://github.com/xmldom/xmldom/pull/302) - Fix stryker config [`#300`](https://github.com/xmldom/xmldom/pull/300) - Split test and lint scripts [`#297`](https://github.com/xmldom/xmldom/pull/297) - Switch to stryker dashboard owned by org [`#292`](https://github.com/xmldom/xmldom/pull/292) ## 0.7.2 [Commits](https://github.com/xmldom/xmldom/compare/0.7.1...0.7.2) ### Fixes: - Types: Add index.d.ts to packaged files [`#288`](https://github.com/xmldom/xmldom/pull/288) Thank you [@forty](https://github.com/forty) ## 0.7.1 [Commits](https://github.com/xmldom/xmldom/compare/0.7.0...0.7.1) ### Fixes: - Types: Copy types from DefinitelyTyped [`#283`](https://github.com/xmldom/xmldom/pull/283) Thank you [@kachkaev](https://github.com/kachkaev) ### Chore: - package.json: remove author, maintainers, etc. [`#279`](https://github.com/xmldom/xmldom/pull/279) ## 0.7.0 [Commits](https://github.com/xmldom/xmldom/compare/0.6.0...0.7.0) Due to [`#271`](https://github.com/xmldom/xmldom/issue/271) this version was published as - unscoped `xmldom` package to github (git tags [`0.7.0`](https://github.com/xmldom/xmldom/tree/0.7.0) and [`0.7.0+unscoped`](https://github.com/xmldom/xmldom/tree/0.7.0%2Bunscoped)) - scoped `@xmldom/xmldom` package to npm (git tag `0.7.0+scoped`) For more details look at [`#278`](https://github.com/xmldom/xmldom/pull/278#issuecomment-902172483) ### Fixes: - Security: Misinterpretation of malicious XML input [`CVE-2021-32796`](https://github.com/xmldom/xmldom/security/advisories/GHSA-5fg8-2547-mr8q) - Implement `Document.getElementsByClassName` as specified [`#213`](https://github.com/xmldom/xmldom/pull/213), thank you [@ChALkeR](https://github.com/ChALkeR) - Inherit namespace prefix from parent when required [`#268`](https://github.com/xmldom/xmldom/pull/268) - Handle whitespace in closing tags [`#267`](https://github.com/xmldom/xmldom/pull/267) - Update `DOMImplementation` according to recent specs [`#210`](https://github.com/xmldom/xmldom/pull/210) BREAKING CHANGE: Only if you "passed features to be marked as available as a constructor arguments" and expected it to "magically work". - No longer serializes any namespaces with an empty URI [`#244`](https://github.com/xmldom/xmldom/pull/244) (related to [`#168`](https://github.com/xmldom/xmldom/pull/168) released in 0.6.0) BREAKING CHANGE: Only if you rely on ["unsetting" a namespace prefix](https://github.com/xmldom/xmldom/pull/168#issuecomment-886984994) by setting it to an empty string - Set `localName` as part of `Document.createElement` [`#229`](https://github.com/xmldom/xmldom/pull/229), thank you [@rrthomas](https://github.com/rrthomas) ### CI - We are now additionally running tests against node v16 - Stryker tests on the master branch now run against node v14 ### Docs - Describe relations with and between specs: [`#211`](https://github.com/xmldom/xmldom/pull/211), [`#247`](https://github.com/xmldom/xmldom/pull/247)

[karfau]

@danielweck any chance we can talk about this topic?

[danielweck]

Thank you for the heads-up and for the PR :) I applied the change across the board in our dependency chain. Commit for this particular package: https://github.com/readium/r2-shared-js/commit/0f58f68f92416c2c00f22d4f3142333358ae3857