[Snyk] Security upgrade dompurify from 2.3.3 to 2.5.4

[Gutts-n]

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

✨ Snyk has automatically assigned this pull request, set who gets assigned.

As this is a private repository, Snyk-bot does not have access. Therefore, this PR has been created automatically, but appears to have been created by a real user.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Template Injection SNYK-JS-DOMPURIFY-6474511	No	Proof of Concept
	629/1000 Why? Has a fix available, CVSS 8.3	Prototype Pollution SNYK-JS-DOMPURIFY-7984421	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: dompurify

The new version differs by 250 commits.

• 10c1261 docs: Updated README ever so slightly
• 1c92880 test: Fixed two more tests for MSIE11 and Edge 18
• 1401208 test: Fixed more tests for MSIE and Edge 18
• 2c6410a test: Fixed several new tests for MSIE11 and Edge 18
• 2c9bca9 test: Changed github config to include MSIE tests for 2.x
• b188787 chore: Preparing 2.5.4 release
• 707b3d6 fix: Added a better for for the MSIE iNaN issue
• 62fe3be test: Attempting to get MSIE 11 back into the browser test array
• f3a9710 fix: Fixed an issue with MSIE and no support for Number.isNaN
• e1ddfc7 Merge branch '2.x' of github.com:cure53/DOMPurify into 2.x
• 26e1d69 fix: Merged prototype pollution check into 2.x
• b45d789 docs: Updated README.md with right version number
• 481ff8e chore: chore: Preparing 2.5.3 release
• 2e0d6d9 chore: Getting 2.x branch up to date with main
• 76a19d1 fix: Added better configurability for new comment behavior
• b81a576 chore: Getting 2.x branch up to date with main
• d299fcc chore: Preparing 2.5.2 release
• fc9f702 chore: Migrated relevant changes from main over to 2.x
• f275c0b chore: Preparing 2.5.1 release
• 381bc61 test: Fixed the tests for new MAX_NESTING_DEPTH limit
• 8589191 fix: Started to set new MAX_NESTING_DEPTH limits as well
• 2076d1b test: Fixed a linter issue breaking the tests
• 0ef5e53 chore: Updated 2.x branch with relevant fixes for nesting-based mXSS
• 7f6cf8a chore: Updated some packages

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

👩‍💻 Set who automatically gets assigned

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Prototype Pollution