v3.0.1

What's Changed

• Bump minimist and tap by @dependabot in #264
• Bump yargs-parser and tap by @dependabot in #257
• Bump ajv and har-validator by @dependabot in #266
• Bump @xmldom/xmldom to 0.8.5

Full Changelog: v3.0.0...v3.0.1

v3.0.0

Contains the following dependency updates:

• #244
• #245
• #246
• #247
• #248
• #261

BREAKING CHANGE: updates xmldom to 0.8.3, which alters how whitespace is handled

v2.1.4

Contains the following changes:

• #242

v2.1.3

Update xmldom to 0.7.0 (#236)

v1.5.6

Update xmldom to 0.7.0 (#236)

v1.5.4

Updated xmldom (06831c5)

v2.1.2

Bump xmldom to 0.6.0 (13c986a)

v2.1.1

Update xpath to latest (44d12ab)

v2.1.0

Bump JUnit, xmldom (#217, #225)
Use existing namespaces while looking up nodes (#218)
Don't pull example into module build (#220)

v2.0.0

Disable HMAC by default

Due to the potential of a key confusion vulnerability in support of HMAC-SHA1,
the HMAC-SHA1 "signing" algorithm has been disabled by default.

Previously, in certain situations it was possible to bypass signing checks
by maliciously changing the algorithm to HMAC-SHA1 and using the
public key as the HMAC secret.

If you need to validate an HMAC signature, you now must first call
SignedXml.enableHMAC().

All users are encouraged to upgrade.