From 70ded6bdaf6730d41a29e0dc7b31c7a43e366d85 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 4 Mar 2026 21:48:35 +0000 Subject: [PATCH] Bump dompurify and @types/dompurify Bumps [dompurify](https://github.com/cure53/DOMPurify) and [@types/dompurify](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/dompurify). These dependencies needed to be updated together. Updates `dompurify` from 3.2.4 to 3.3.1 - [Release notes](https://github.com/cure53/DOMPurify/releases) - [Commits](https://github.com/cure53/DOMPurify/compare/3.2.4...3.3.1) Updates `@types/dompurify` from 3.0.2 to 3.2.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/dompurify) --- updated-dependencies: - dependency-name: dompurify dependency-version: 3.3.1 dependency-type: direct:production - dependency-name: "@types/dompurify" dependency-version: 3.2.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- dotcom-rendering/package.json | 4 ++-- pnpm-lock.yaml | 23 ++++++++++++----------- 2 files changed, 14 insertions(+), 13 deletions(-) diff --git a/dotcom-rendering/package.json b/dotcom-rendering/package.json index 513c7fb3897..b2f25389b76 100644 --- a/dotcom-rendering/package.json +++ b/dotcom-rendering/package.json @@ -63,7 +63,7 @@ "@types/clean-css": "4.2.11", "@types/compression": "1.7.5", "@types/connect": "3.4.38", - "@types/dompurify": "3.0.2", + "@types/dompurify": "3.2.0", "@types/express": "5.0.6", "@types/he": "1.2.0", "@types/html-minifier-terser": "7.0.2", @@ -101,7 +101,7 @@ "constructs": "10.5.1", "cpy": "11.0.0", "css-loader": "7.1.2", - "dompurify": "3.2.4", + "dompurify": "3.3.1", "dynamic-import-polyfill": "0.1.1", "eslint": "8.57.1", "eslint-plugin-custom-elements": "0.0.8", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 2b28ca418d9..78cc1b06bc2 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -401,8 +401,8 @@ importers: specifier: 3.4.38 version: 3.4.38 '@types/dompurify': - specifier: 3.0.2 - version: 3.0.2 + specifier: 3.2.0 + version: 3.2.0 '@types/express': specifier: 5.0.6 version: 5.0.6 @@ -515,8 +515,8 @@ importers: specifier: 7.1.2 version: 7.1.2(webpack@5.104.1) dompurify: - specifier: 3.2.4 - version: 3.2.4 + specifier: 3.3.1 + version: 3.3.1 dynamic-import-polyfill: specifier: 0.1.1 version: 0.1.1 @@ -3979,8 +3979,9 @@ packages: '@types/doctrine@0.0.9': resolution: {integrity: sha512-eOIHzCUSH7SMfonMG1LsC2f8vxBFtho6NGBznK41R84YzPuvSBzrhEps33IsQiOW9+VL6NQ9DbjQJznk/S4uRA==} - '@types/dompurify@3.0.2': - resolution: {integrity: sha512-YBL4ziFebbbfQfH5mlC+QTJsvh0oJUrWbmxKMyEdL7emlHJqGR2Qb34TEFKj+VCayBvjKy3xczMFNhugThUsfQ==} + '@types/dompurify@3.2.0': + resolution: {integrity: sha512-Fgg31wv9QbLDA0SpTOXO3MaxySc4DKGLi8sna4/Utjo4r3ZRPdCt4UQee8BWr+Q5z21yifghREPJGYaEOEIACg==} + deprecated: This is a stub types definition. dompurify provides its own type definitions, so you do not need this installed. '@types/eslint-scope@3.7.7': resolution: {integrity: sha512-MzMFlSLBqNF2gcHWO0G1vP/YQyfvrxZ0bF+u7mzUdZ1/xK4A4sru+nraZz5i3iEIk1l1uyicaDVTB4QbbEkAYg==} @@ -5631,8 +5632,8 @@ packages: resolution: {integrity: sha512-cgwlv/1iFQiFnU96XXgROh8xTeetsnJiDsTc7TYCLFd9+/WNkIqPTxiM/8pSd8VIrhXGTf1Ny1q1hquVqDJB5w==} engines: {node: '>= 4'} - dompurify@3.2.4: - resolution: {integrity: sha512-ysFSFEDVduQpyhzAob/kkuJjf5zWkZD8/A9ywSp1byueyuCfHamrCBa14/Oc2iiB0e51B+NpxSl5gmzn+Ms/mg==} + dompurify@3.3.1: + resolution: {integrity: sha512-qkdCKzLNtrgPFP1Vo+98FRzJnBRGe4ffyCea9IwHB1fyxPOeNTHpLKYGd4Uk9xvNoH0ZoOjwZxNptyMwqrId1Q==} domutils@2.8.0: resolution: {integrity: sha512-w96Cjofp72M5IIhpjgobBimYEfoPjx1Vx0BSX9P30WBdZW2WIKU0T1Bd0kz2eNZ9ikjKgHbEyKx8BB6H1L3h3A==} @@ -14342,9 +14343,9 @@ snapshots: '@types/doctrine@0.0.9': {} - '@types/dompurify@3.0.2': + '@types/dompurify@3.2.0': dependencies: - '@types/trusted-types': 2.0.7 + dompurify: 3.3.1 '@types/eslint-scope@3.7.7': dependencies: @@ -16187,7 +16188,7 @@ snapshots: dependencies: domelementtype: 2.3.0 - dompurify@3.2.4: + dompurify@3.3.1: optionalDependencies: '@types/trusted-types': 2.0.7