From 755321d8d3a2faee068b79190eb5d1af13efe775 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 6 Mar 2026 15:36:15 +0000 Subject: [PATCH] fix: src/frontend/package.json & src/frontend/package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DOMPURIFY-15371376 --- src/frontend/package-lock.json | 12 ++++++++---- src/frontend/package.json | 2 +- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/src/frontend/package-lock.json b/src/frontend/package-lock.json index fb4aae4e8cf1..6ea0c44f2865 100644 --- a/src/frontend/package-lock.json +++ b/src/frontend/package-lock.json @@ -46,7 +46,7 @@ "class-variance-authority": "^0.7.0", "clsx": "^2.1.1", "cmdk": "^1.0.0", - "dompurify": "^3.1.5", + "dompurify": "^3.3.2", "dotenv": "^16.4.5", "elkjs": "^0.9.3", "emoji-regex": "^10.3.0", @@ -7348,9 +7348,13 @@ } }, "node_modules/dompurify": { - "version": "3.2.3", - "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.2.3.tgz", - "integrity": "sha512-U1U5Hzc2MO0oW3DF+G9qYN0aT7atAou4AgI0XjWz061nyBPbdxkfdhfy5uMgGn6+oLFCfn44ZGbdDqCzVmlOWA==", + "version": "3.3.2", + "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.3.2.tgz", + "integrity": "sha512-6obghkliLdmKa56xdbLOpUZ43pAR6xFy1uOrxBaIDjT+yaRuuybLjGS9eVBoSR/UPU5fq3OXClEHLJNGvbxKpQ==", + "license": "(MPL-2.0 OR Apache-2.0)", + "engines": { + "node": ">=20" + }, "optionalDependencies": { "@types/trusted-types": "^2.0.7" } diff --git a/src/frontend/package.json b/src/frontend/package.json index f4a987691b25..53a3d38e8691 100644 --- a/src/frontend/package.json +++ b/src/frontend/package.json @@ -41,7 +41,7 @@ "class-variance-authority": "^0.7.0", "clsx": "^2.1.1", "cmdk": "^1.0.0", - "dompurify": "^3.1.5", + "dompurify": "^3.3.2", "dotenv": "^16.4.5", "elkjs": "^0.9.3", "emoji-regex": "^10.3.0",