Skip to content

Commit

Permalink
Bump xmldom to 0.8.0 (#181)
Browse files Browse the repository at this point in the history 
Switching from package `xmldom` to `@xmldom/xmldom`, which resolves the security issue present in latest xmldom version 0.6.0:
GHSA-5fg8-2547-mr8q

The reason is that the maintainers were forced to switch to a scoped package since 0.7.0:
 xmldom/xmldom#271

- I used node 12 to run `npm install`.
- I executed `npm run test` on my machine without failure
  • Loading branch information
@karfau
karfau committed Sep 12, 2022
1 parent 8240409 commit 4d4c6a3
Show file tree
Hide file tree
Showing 5 changed files with 12 additions and 12 deletions.
10 changes: 5 additions & 5 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions package.json
View file
Expand Up @@ -29,6 +29,7 @@
"homepage": "https://monaca.io",
"preferGlobal": true,
"dependencies": {
"@xmldom/xmldom": "^0.8.0",
"colors": "^0.6.2",
"compare-versions": "3.0.1",
"inquirer": "^6.2.2",
Expand All @@ -40,8 +41,7 @@
"portfinder": "^1.0.7",
"q": "^1.1.2",
"shelljs": "^0.8.4",
"tar": "^5.0.5",
"xmldom": "^0.6.0"
"tar": "^5.0.5"
},
"devDependencies": {
"jest": "^24.9.0"
Expand Down
4 changes: 2 additions & 2 deletions src/cordova-cli-overrides/get-plugin-name-from-xml.js
View file
@@ -1,8 +1,8 @@
const XMLDom = require('xmldom').DOMParser;
const XMLDom = require('@xmldom/xmldom').DOMParser;

const getPluginNameFromXml = xml => {
const doc = new XMLDom().parseFromString(xml, 'application/xml');
return doc.getElementsByTagName('plugin')[0].getAttribute('id');
}

module.exports = getPluginNameFromXml;
module.exports = getPluginNameFromXml;
2 changes: 1 addition & 1 deletion src/cordova-cli-overrides/npm-utils.js
View file
@@ -1,7 +1,7 @@
const exec = require('child_process').exec;
const request = require('request');
const tar = require('tar');
const XMLDom = require('xmldom').DOMParser;
const XMLDom = require('@xmldom/xmldom').DOMParser;


const getPluginId = async (pkgname) => {
Expand Down
4 changes: 2 additions & 2 deletions src/create.js
View file
Expand Up @@ -7,8 +7,8 @@ var fs = require('fs'),
Q = require('q'),
inquirer = null,
argv = require('optimist').argv,
XMLDom = require('xmldom').DOMParser,
XMLSerializer = require('xmldom').XMLSerializer,
XMLDom = require('@xmldom/xmldom').DOMParser,
XMLSerializer = require('@xmldom/xmldom').XMLSerializer,
serializer = new XMLSerializer(),
Monaca = require('monaca-lib').Monaca,
util = require(path.join(__dirname, 'util')),
Expand Down

0 comments on commit 4d4c6a3

Please sign in to comment.