v1.5.6

Update xmldom to 0.7.0 (#236)

v1.5.4

Updated xmldom (06831c5)

v2.1.2

Bump xmldom to 0.6.0 (13c986a)

v2.1.1

Update xpath to latest (44d12ab)

v2.1.0

Bump JUnit, xmldom (#217, #225)
Use existing namespaces while looking up nodes (#218)
Don't pull example into module build (#220)

v2.0.0

Disable HMAC by default

Due to the potential of a key confusion vulnerability in support of HMAC-SHA1,
the HMAC-SHA1 "signing" algorithm has been disabled by default.

Previously, in certain situations it was possible to bypass signing checks
by maliciously changing the algorithm to HMAC-SHA1 and using the
public key as the HMAC secret.

If you need to validate an HMAC signature, you now must first call
SignedXml.enableHMAC().

All users are encouraged to upgrade.

v1.5.3

Round out having callbacks for more methods (#209)

v1.5.2

Lock ejs to 2.6.1 without npm-shrinkwrap (638ab6c)

v1.5.1

Prevent global leak, pass xml object to callback (#207)

v1.5.0

Allow signature signing/verification to take place via callback (#206)