Skip to content

Commit 06a8b9c

Browse files
tngantngan
committed
Update forked xml-encryption for security fix (#387)
1 parent 56e0a69 commit 06a8b9c

File tree

3 files changed

+12
-17
lines changed

3 files changed

+12
-17
lines changed

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,14 +31,14 @@
3131
},
3232
"license": "MIT",
3333
"dependencies": {
34+
"@authenio/xml-encryption": "^1.2.2",
3435
"camelcase": "^5.3.1",
3536
"node-forge": "^0.10.0",
3637
"node-rsa": "^1.0.5",
3738
"pako": "^1.0.10",
3839
"uuid": "^3.3.2",
3940
"xml": "^1.0.1",
4041
"xml-crypto": "^1.5.3",
41-
"xml-encryption": "^1.1.1",
4242
"xmldom": "^0.1.27",
4343
"xpath": "^0.0.27"
4444
},

src/libsaml.ts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ import { select, SelectedValue } from 'xpath';
1111
import { MetadataInterface } from './metadata';
1212
import * as nrsa from 'node-rsa';
1313
import { SignedXml, FileKeyInfo } from 'xml-crypto';
14-
import * as xmlenc from 'xml-encryption';
14+
import * as xmlenc from '@authenio/xml-encryption';
1515
import { extract } from './extractor';
1616
import camelCase from 'camelcase';
1717
import { getContext } from './api';

yarn.lock

Lines changed: 10 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,16 @@
22
# yarn lockfile v1
33

44

5+
"@authenio/xml-encryption@^1.2.2":
6+
version "1.2.2"
7+
resolved "https://registry.yarnpkg.com/@authenio/xml-encryption/-/xml-encryption-1.2.2.tgz#87cbfe7a9efa9e283ba4c743f9ba5b4f6e06d36c"
8+
integrity sha512-DARJx+HwQ/jgVF+rOFwYFDWqFIZGueIKmwSRsTBPlEw9tkCFWWv53MdwScKfVX0tiZFNJshRR99fdKnzXnxyvg==
9+
dependencies:
10+
escape-html "^1.0.3"
11+
node-forge "^0.10.0"
12+
xmldom "~0.1.15"
13+
xpath "0.0.27"
14+
515
"@ava/typescript@^1.1.1":
616
version "1.1.1"
717
resolved "https://registry.yarnpkg.com/@ava/typescript/-/typescript-1.1.1.tgz#3dcaba3aced8026fdb584d927d809752854dc6e6"
@@ -1886,11 +1896,6 @@ node-forge@^0.10.0:
18861896
resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.10.0.tgz#32dea2afb3e9926f02ee5ce8794902691a676bf3"
18871897
integrity sha512-PPmu8eEeG9saEUvI97fm4OYxXVB6bFvyNTyiUOBichBpFG8A1Ljw3bY62+5oOjDEMHRnd0Y7HQ+x7uzxOzC6JA==
18881898

1889-
node-forge@^0.7.0:
1890-
version "0.7.6"
1891-
resolved "https://registry.yarnpkg.com/node-forge/-/node-forge-0.7.6.tgz#fdf3b418aee1f94f0ef642cd63486c77ca9724ac"
1892-
integrity sha512-sol30LUpz1jQFBjOKwbjxijiE3b6pjd74YwfD0fJOKPjF+fONKb2Yg8rYgS6+bK6VDl+/wfr4IYpC7jDzLUIfw==
1893-
18941899
node-preload@^0.2.1:
18951900
version "0.2.1"
18961901
resolved "https://registry.yarnpkg.com/node-preload/-/node-preload-0.2.1.tgz#c03043bb327f417a18fee7ab7ee57b408a144301"
@@ -2844,16 +2849,6 @@ xml-crypto@^1.5.3:
28442849
xmldom "0.1.27"
28452850
xpath "0.0.27"
28462851

2847-
xml-encryption@^1.1.1:
2848-
version "1.2.0"
2849-
resolved "https://registry.yarnpkg.com/xml-encryption/-/xml-encryption-1.2.0.tgz#37c8b470beae88b4625ea8cad82f108ea0f9c364"
2850-
integrity sha512-J3NjGMY8jf6bTo15jURTYBLtsisbnyCeM+MuxtfiAkZEZBnSZpNKjUUORhiOScKvSi6tMOAaZ3r7bZOXOni+Ew==
2851-
dependencies:
2852-
escape-html "^1.0.3"
2853-
node-forge "^0.7.0"
2854-
xmldom "~0.1.15"
2855-
xpath "0.0.27"
2856-
28572852
xml@^1.0.1:
28582853
version "1.0.1"
28592854
resolved "https://registry.yarnpkg.com/xml/-/xml-1.0.1.tgz#78ba72020029c5bc87b8a81a3cfcd74b4a2fc1e5"

0 commit comments

Comments
 (0)