Upgrade xml2js Dependency due to vulnerability

[Kadajett]

Can we upgrade the package aws-sdk, which depends on xml2js, which has a vulnerability?

The aws-sdk update has been pushed here aws/aws-sdk-js#4389

[andrejstas]

Since the version of aws-sdk in fastify-secrets-aws repo is defined with caret (^), the latest version (2.1363.0) of aws-sdk is automatically used when running npm i.

This version of aws-sdk depends on the fixed version of xml2js - 5.0.0.

"dependencies": {
    "aws-sdk": "^2.799.0",
    "fastify-secrets-core": "^2.0.0"
  }