From 8f56df078be57598058f9f76c3811f3ac051fb1e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 22 Apr 2026 18:10:43 +0000 Subject: [PATCH 1/2] Bump dompurify from 3.3.3 to 3.4.1 Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.3.3 to 3.4.1. - [Release notes](https://github.com/cure53/DOMPurify/releases) - [Commits](https://github.com/cure53/DOMPurify/compare/3.3.3...3.4.1) --- updated-dependencies: - dependency-name: dompurify dependency-version: 3.4.1 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- package-lock.json | 20 +++++--------------- package.json | 2 +- 2 files changed, 6 insertions(+), 16 deletions(-) diff --git a/package-lock.json b/package-lock.json index eb57449a44..33c208b573 100644 --- a/package-lock.json +++ b/package-lock.json @@ -158,7 +158,7 @@ "decimal.js": "10.4.3", "decompress": "4.2.1", "deepmerge-ts": "7.1.0", - "dompurify": "3.3.3", + "dompurify": "3.4.1", "dotenv": "16.4.5", "embla-carousel-react": "8.1.8", "fast-deep-equal": "3.1.3", @@ -20450,17 +20450,7 @@ ] }, "node_modules/@rollup/rollup-linux-arm-gnueabihf": { - "version": "4.59.0", - "resolved": "https://registry.npmjs.org/@rollup/rollup-linux-arm-gnueabihf/-/rollup-linux-arm-gnueabihf-4.59.0.tgz", - "integrity": "sha512-t4ONHboXi/3E0rT6OZl1pKbl2Vgxf9vJfWgmUoCEVQVxhW6Cw/c8I6hbbu7DAvgp82RKiH7TpLwxnJeKv2pbsw==", - "cpu": [ - "arm" - ], - "license": "MIT", - "optional": true, - "os": [ - "linux" - ] + "optional": true }, "node_modules/@rollup/rollup-linux-arm-musleabihf": { "version": "4.59.0", @@ -34164,9 +34154,9 @@ } }, "node_modules/dompurify": { - "version": "3.3.3", - "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.3.3.tgz", - "integrity": "sha512-Oj6pzI2+RqBfFG+qOaOLbFXLQ90ARpcGG6UePL82bJLtdsa6CYJD7nmiU8MW9nQNOtCHV3lZ/Bzq1X0QYbBZCA==", + "version": "3.4.1", + "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.4.1.tgz", + "integrity": "sha512-JahakDAIg1gyOm7dlgWSDjV4n7Ip2PKR55NIT6jrMfIgLFgWo81vdr1/QGqWtFNRqXP9UV71oVePtjqS2ebnPw==", "license": "(MPL-2.0 OR Apache-2.0)", "optionalDependencies": { "@types/trusted-types": "^2.0.7" diff --git a/package.json b/package.json index 2d3af16acb..cd663346d4 100644 --- a/package.json +++ b/package.json @@ -183,7 +183,7 @@ "decimal.js": "10.4.3", "decompress": "4.2.1", "deepmerge-ts": "7.1.0", - "dompurify": "3.3.3", + "dompurify": "3.4.1", "dotenv": "16.4.5", "embla-carousel-react": "8.1.8", "fast-deep-equal": "3.1.3", From 280a0cde123113a9faa56f1f33a94df3d20592d0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 22 Apr 2026 18:13:14 +0000 Subject: [PATCH 2/2] Update THIRD_PARTY_LICENSES.txt --- THIRD_PARTY_LICENSES.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/THIRD_PARTY_LICENSES.txt b/THIRD_PARTY_LICENSES.txt index 8509cb6603..07d111fbfd 100644 --- a/THIRD_PARTY_LICENSES.txt +++ b/THIRD_PARTY_LICENSES.txt @@ -24388,12 +24388,12 @@ permission of its copyright owner. The following npm package may be included in this product: - - dompurify@3.3.3 + - dompurify@3.4.1 This package contains the following license: DOMPurify -Copyright 2025 Dr.-Ing. Mario Heiderich, Cure53 +Copyright 2025-2026 Dr.-Ing. Mario Heiderich, Cure53 DOMPurify is free software; you can redistribute it and/or modify it under the terms of either: @@ -24591,7 +24591,7 @@ b) the Mozilla Public License Version 2.0 same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright [yyyy] [name of copyright owner] +Copyright 2025-2026 Dr.-Ing. Mario Heiderich, Cure53 Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License.