From 8c175365750af2957c7b6fbf8954c06274b3cf9f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 20 Apr 2026 11:27:08 +0000
Subject: [PATCH] Bump dompurify from 2.4.5 to 3.4.0

Bumps [dompurify](https://github.com/cure53/DOMPurify) from 2.4.5 to 3.4.0.
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](https://github.com/cure53/DOMPurify/compare/2.4.5...3.4.0)

---
updated-dependencies:
- dependency-name: dompurify
  dependency-version: 3.4.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 package-lock.json | 23 +++++++++++++++++------
 package.json      |  2 +-
 2 files changed, 18 insertions(+), 7 deletions(-)
 mode change 100755 => 100644 package.json

diff --git a/package-lock.json b/package-lock.json
index bc8a6c9cd..83363e89f 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,19 +1,19 @@
 {
 	"name": "app",
-	"version": "5.7.4",
+	"version": "5.7.7",
 	"lockfileVersion": 3,
 	"requires": true,
 	"packages": {
 		"": {
 			"name": "app",
-			"version": "5.7.4",
+			"version": "5.7.7",
 			"hasInstallScript": true,
 			"license": "MIT",
 			"dependencies": {
 				"@juggle/resize-observer": "^3.3.0",
 				"@sentry/react": "^6.0.0",
 				"date-fns": "^2.28.0",
-				"dompurify": "^2.2.0",
+				"dompurify": "^3.4.0",
 				"downshift": "^6.1.0",
 				"form-request-submit-polyfill": "^2.0.0",
 				"intersection-observer": "^0.12.0",
@@ -3301,6 +3301,13 @@
 			"integrity": "sha512-g/JwBNToh6oCTAwNS8UGVmjO7NLDKsejVhvE4x1eWiPTC3uCuNsa/TD4ssvX3du+MLiM+SHPNDuijp8y76JzLQ==",
 			"peer": true
 		},
+		"node_modules/@types/trusted-types": {
+			"version": "2.0.7",
+			"resolved": "https://registry.npmjs.org/@types/trusted-types/-/trusted-types-2.0.7.tgz",
+			"integrity": "sha512-ScaPdn1dQczgbl0QFTeTOmVHFULt394XJgOQNoyVhZ6r2vLnMLJfBPd53SB52T/3G36VI1/g2MZaX0cwDuXsfw==",
+			"license": "MIT",
+			"optional": true
+		},
 		"node_modules/@types/ws": {
 			"version": "8.5.5",
 			"resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.5.5.tgz",
@@ -5788,9 +5795,13 @@
 			}
 		},
 		"node_modules/dompurify": {
-			"version": "2.4.5",
-			"resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.4.5.tgz",
-			"integrity": "sha512-jggCCd+8Iqp4Tsz0nIvpcb22InKEBrGz5dw3EQJMs8HPJDsKbFIO3STYtAvCfDx26Muevn1MHVI0XxjgFfmiSA=="
+			"version": "3.4.0",
+			"resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.4.0.tgz",
+			"integrity": "sha512-nolgK9JcaUXMSmW+j1yaSvaEaoXYHwWyGJlkoCTghc97KgGDDSnpoU/PlEnw63Ah+TGKFOyY+X5LnxaWbCSfXg==",
+			"license": "(MPL-2.0 OR Apache-2.0)",
+			"optionalDependencies": {
+				"@types/trusted-types": "^2.0.7"
+			}
 		},
 		"node_modules/domready": {
 			"version": "1.0.8",
diff --git a/package.json b/package.json
old mode 100755
new mode 100644
index b6b26f147..2a84bef5e
--- a/package.json
+++ b/package.json
@@ -30,7 +30,7 @@
 		"@juggle/resize-observer": "^3.3.0",
 		"@sentry/react": "^6.0.0",
 		"date-fns": "^2.28.0",
-		"dompurify": "^2.2.0",
+		"dompurify": "^3.4.0",
 		"downshift": "^6.1.0",
 		"form-request-submit-polyfill": "^2.0.0",
 		"intersection-observer": "^0.12.0",