Bump dompurify and @types/dompurify

[dependabot]

Bumps dompurify and @types/dompurify. These dependencies needed to be updated together.
Updates dompurify from 3.1.7 to 3.2.3

Release notes

Sourced from dompurify's releases.

DOMPurify 3.2.3

• Fixed two conditional sanitizer bypasses discovered by @​parrot409 and @​Slonser
• Updated the attribute clobbering checks to prevent future bypasses, thanks @​parrot409

DOMPurify 3.2.2

• Fixed a possible bypass in case a rather specific config for custom elements is set, thanks @​yaniv-git
• Fixed several minor issues with the type definitions, thanks again @​reduckted
• Fixed a minor issue with the types reference for trusted types, thanks @​reduckted
• Fixed a minor problem with the template detection regex on some systems, thanks @​svdb99

DOMPurify 3.2.1

• Fixed several minor issues with the type definitions, thanks @​reduckted @​ghiscoding @​asamuzaK @​MiniDigger
• Fixed an issue with non-minified dist files and order of imports, thanks @​reduckted

DOMPurify 3.2.0

• Added type declarations, thanks @​reduckted , @​philmayfield, @​aloisklink, @​ssi02014 and others
• Fixed a minor issue with the handling of hooks, thanks @​kevin-mizu

Commits

• f1106aa chore: Preparing 3.2.3 release
• 9c71e04 fix: Added clobbering check for sanitizeAttribute to prevent an error
• c183cd6 fix: Fixed a config-dependent bypass caused by skipped attribute checks, than...
• 6e76ece fix: Fixed a config-dependent bypass relating to data-attributes, thanks @​Slo...
• c3879a5 Merge pull request #1041 from CoryHrycko/patch-1
• 0e1c724 Update tags.ts
• 8513afd Update README.md
• b883b9e Update README.md
• 3b4b5e9 Merge pull request #1037 from svdb99/main
• b9e9087 Fix #1033
• Additional commits viewable in compare view

Updates @types/dompurify from 3.0.5 to 3.2.0

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Use docker or podman to test this pull request locally.

Run test server using develop.opencast.org as backend:

podman run --rm -it -p 127.0.0.1:3000:3000 ghcr.io/opencast/opencast-admin-interface:pr-1027

Specify a different backend like stable.opencast.org:

podman run --rm -it -p 127.0.0.1:3000:3000 -e PROXY_TARGET=https://stable.opencast.org ghcr.io/opencast/opencast-admin-interface:pr-1027

It may take a few seconds for the interface to spin up.
It will then be available at http://127.0.0.1:3000.
For more options you can pass on to the proxy, take a look at the README.md.

[github-actions]

This pull request is deployed at test.admin-interface.opencast.org/1027/2025-01-03_15-54-08/ .
It might take a few minutes for it to become available.