libxmljs2 has critical, unresolved security issues, (CVE-2024-34393, CVE-2024-34394), but is no longer maintained. libxmljs2-noop is a "no-op" package without any implementation. It can be used to replace libxmljs2 to silence security alerts in projects where libxmljs2 is included by npm as an optional, transitive dependency, but not actually used.
To replace libxmljs2 with @ttskp/libxmljs2-noop, decleare the following override in your package.json:
{
"overrides": {
"libxmljs2": "https://registry.npmjs.org/@ttskp/libxmljs2-noop/-/libxmljs2-noop-1.0.0.tgz"
}
}