From beb054e25c1f54f9ab88fcf9a2ec94c6df2338c2 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 4 Nov 2025 22:45:51 +0000
Subject: [PATCH] fix: package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-XMLDOM-3092935
- https://snyk.io/vuln/SNYK-JS-EJS-2803307
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-598677
- https://snyk.io/vuln/SNYK-JS-XMLDOM-3042242
- https://snyk.io/vuln/npm:ejs:20161128
- https://snyk.io/vuln/SNYK-JS-EJS-6689533
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2330875
- https://snyk.io/vuln/npm:node-forge:20180226
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430339
- https://snyk.io/vuln/SNYK-JS-XMLDOM-1534562
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2331908
- https://snyk.io/vuln/SNYK-JS-EJS-1049328
- https://snyk.io/vuln/npm:ejs:20161130
- https://snyk.io/vuln/npm:ejs:20161130-1
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430337
- https://snyk.io/vuln/SNYK-JS-NODEFORGE-2430341
- https://snyk.io/vuln/SNYK-JS-XMLDOM-1084960
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 338e992..13bf8bf 100644
--- a/package.json
+++ b/package.json
@@ -32,7 +32,7 @@
     "debug": "^1.0.4",
     "underscore": "~1.6.0",
     "xml-crypto": "^0.8.1",
-    "xml-encryption": "^0.9.0",
+    "xml-encryption": "^2.0.0",
     "xml2js": "~0.4.1",
     "xmlbuilder": "~2.1.0",
     "xmldom": "~0.1.19"