chore: Update dependency xmldom in hexo-butterfly-douban

[karfau]

Switching from package xmldom to @xmldom/xmldom, which resolves the security issue present in latest xmldom version 0.6.0:
GHSA-5fg8-2547-mr8q

The reason is that the maintainers were forced to switch to a scoped package since 0.7.0:
xmldom/xmldom#271

• I used node 16 to run npm install inside hexo-butterfly-douban.
• I executed npm run test on my machine without failure

I'm one of the xmldom maintainers. Don't hesitate to ask me questions.

Changes in xmldom since 0.6.0

0.8.0

Fixed

• Normalize all line endings according to XML specs 1.0 and 1.1
  BREAKING CHANGE: Certain combination of line break characters are normalized to a single \n before parsing takes place and will no longer be preserved.
  • #303 / #307
  • #49, #97, #324 / #314
• XMLSerializer: Preserve whitespace character references #284 / #310
  BREAKING CHANGE: If you relied on the not spec compliant preservation of literal \t, \n or \r in attribute values.
  To preserve those you will have to create XML that instead contains the correct numerical (or hexadecimal) equivalent (e.g. 	, 
, 
).
• Drop deprecated exports DOMImplementation and XMLSerializer from lib/dom-parser.js #53 / #309
  BREAKING CHANGE: Use the one provided by the main package export.
• dom: Remove all links as part of removeChild #343 / #355

Chore

• ci: Restore latest tested node version to 16.x #325
• ci: Split test and lint steps into jobs #111 / #304
• Pinned and updated devDependencies

Thank you @marrus-sh, @victorandree, @mdierolf, @tsabbay, @fatihpense for your contributions

0.7.5

Commits

Fixes:

• Preserve default namespace when serializing #319 / #321
  Thank you @lupestro

0.7.4

Commits

Fixes:

• Restore ability to parse __prototype__ attributes #315
  Thank you @dsimsonOMF

0.7.3

Commits

Fixes:

• Add doctype when parsing from string #277 / #301
• Correct typo in error message #294
  Thank you @rrthomas

Refactor:

• Improve exports & require statements, new main package entry #233

Docs:

• Fix Stryker badge #298
• Fix link to help-wanted issues #299

Chore:

• Execute stryker:dry-run on branches #302
• Fix stryker config #300
• Split test and lint scripts #297
• Switch to stryker dashboard owned by org #292

0.7.2

Commits

Fixes:

• Types: Add index.d.ts to packaged files #288
  Thank you @forty

0.7.1

Commits

Fixes:

• Types: Copy types from DefinitelyTyped #283
  Thank you @kachkaev

Chore:

• package.json: remove author, maintainers, etc. #279

0.7.0

Commits

Due to #271 this version was published as

• unscoped xmldom package to github (git tags 0.7.0 and 0.7.0+unscoped)
• scoped @xmldom/xmldom package to npm (git tag 0.7.0+scoped)
  For more details look at #278

Fixes:

• Security: Misinterpretation of malicious XML input CVE-2021-32796
• Implement Document.getElementsByClassName as specified #213, thank you @ChALkeR
• Inherit namespace prefix from parent when required #268
• Handle whitespace in closing tags #267
• Update DOMImplementation according to recent specs #210
  BREAKING CHANGE: Only if you "passed features to be marked as available as a constructor arguments" and expected it to "magically work".
• No longer serializes any namespaces with an empty URI #244
  (related to #168 released in 0.6.0)
  BREAKING CHANGE: Only if you rely on "unsetting" a namespace prefix by setting it to an empty string
• Set localName as part of Document.createElement #229, thank you @rrthomas

CI

• We are now additionally running tests against node v16
• Stryker tests on the master branch now run against node v14

Docs

• Describe relations with and between specs: #211, #247

[jerryc127]

thx