[Snyk] Upgrade dompurify from 3.0.5 to 3.1.5

[X-oss-byte]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade dompurify from 3.0.5 to 3.1.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 12 versions ahead of your current version.

• The recommended version was released on 22 days ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Template Injection SNYK-JS-DOMPURIFY-6474511	586	Proof of Concept

Release notes

Package name: dompurify

• 3.1.5 - 2024-05-31
  
  • Fixed a minor issue with the dist paths in bower.js, thanks @ HakumenNC
  • Fixed a minor issue with sanitizing HTML coming from copy&paste Word content, thanks @ kakao-bishop-cho
• 3.1.4 - 2024-05-20
  
  • Fixed an issue with the recently implemented isNaN checks, thanks @ tulach
  • Added several new popover attributes to allow-list, thanks @ Gigabyte5671
  • Fixed the tests and adjusted the test runner to cover all branches
• 3.1.3 - 2024-05-11
  
  • Fixed several mXSS variations found by and thanks to @ kevin-mizu & @ Ry0taK
  • Added better configurability for comment scrubbing default behavior
  • Added better hardening against Prototype Pollution attacks, thanks @ kevin-mizu
  • Added better handling and readability of the nodeType property, thanks @ ssi02014
  • Fixed some smaller issues in README and other documentation
• 3.1.2 - 2024-04-30
  
  • Addressed and fixed a mXSS variation found by @ kevin-mizu
  • Addressed and fixed a mXSS variation found by Adam Kues of Assetnote
  • Updated tests for older Safari and Chrome versions
• 3.1.1 - 2024-04-26
  
  • Fixed an mXSS sanitiser bypass reported by @ icesfont
  • Added new code to track element nesting depth
  • Added new code to enforce a maximum nesting depth of 255
  • Added coverage tests and necessary clobbering protections

  Note that this is a security release and should be upgraded to immediately. Please also note that further releases may follow as the underlying vulnerability is apparently new and further variations may be discovered.

• 3.1.0 - 2024-04-07
• 3.0.11 - 2024-03-21
• 3.0.10 - 2024-03-19
• 3.0.9 - 2024-02-20
• 3.0.8 - 2024-01-05
• 3.0.7 - 2024-01-04
• 3.0.6 - 2023-09-28
• 3.0.5 - 2023-07-11

from dompurify GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[changeset-bot]

⚠️ No Changeset found

Latest commit: 6c616e4

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[sourcery-ai]

We have skipped reviewing this pull request. Here's why:

• It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!
• We don't review packaging changes - Let us know if you'd like us to change this.

[stackblitz]

Run & review this pull request in StackBlitz Codeflow.