[Snyk] Upgrade dompurify from 3.0.5 to 3.0.7

[X-oss-byte]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade dompurify from 3.0.5 to 3.0.7.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 2 versions ahead of your current version.
• The recommended version was released 21 days ago, on 2024-01-04.

Release notes

Package name: dompurify

• 3.0.7 - 2024-01-04
  
  • Added better protection against CSPP attacks, thanks @ kevin-mizu
  • Updated browser versions for automated tests
  • Updated Node versions for automated tests
  • Refactored code base, thanks @ ssi02014
  • Refactored build system & deployment, thanks @ ssi02014
• 3.0.6 - 2023-09-28
  
  • Refactored the core code-base and several utilities, thanks @ ssi02014
  • Updated and fixed several sections of the README, thanks @ ssi02014
  • Updated several outdated build and test dependencies
• 3.0.5 - 2023-07-11
  
  • Fixed a licensing issue spotted and reported by @ george-thomas-hill
  • Updated several build and test dependencies

from dompurify GitHub release notes

Commit messages

Package name: dompurify

• aa2c561 Merge pull request "During rendering these classes are extracted from the..."  mermaid-js/mermaid#893 from cure53/main
• ab2c081 chore: Preparing 3.0.7 release
• d7498e0 Merge pull request #835 Feature/allow class directly at node flow mermaid-js/mermaid#890 from cure53/dependabot/github_actions/github/codeql-action-3
• 813bea6 build(deps): bump github/codeql-action from 2 to 3
• 31e0300 chore: mapped Node 21 to browserstack testing
• 595fc22 chore: added newer node releases to test suite
• 956e074 chore: extended browser test array with latest versions
• d1e4f21 see chore(deps): bump atob from 2.0.3 to 2.1.2 mermaid-js/mermaid#881
• d7318ee see chore(deps): bump atob from 2.0.3 to 2.1.2 mermaid-js/mermaid#881
• f89d726 fix: added better protection against CSPP, thanks @ Kevin-Mizu
• db73dd7 Merge pull request Text not readable with fill styling when htmlLabels false mermaid-js/mermaid#885 from cure53/main
• c29aa90 Update README.md
• d25f8b5 Merge pull request feat(stale.yml): update issue label and bot comment mermaid-js/mermaid#874 from ssi02014/chore/package
• e80470f revert: commit-amend-build.sh
• 8d94280 chore: packagejson conditional exports
• 2c66eb1 Merge pull request Feature/allow inclusive enddates mermaid-js/mermaid#872 from nanase/fix-typo
• d74271a Fix typo in README
• db13816 Merge pull request inventory of other projects that make use of mermaid to manage community presence mermaid-js/mermaid#870 from ssi02014/chore/build
• 3d4fb16 chore: modify package.json and rollup.config
• 7d31ac3 chore: add package.json individual build commands
• 4992d25 chore: modify package.json and ollup.config
• 60ecd30 Merge pull request Support multiple layout algorithms for flowcharts mermaid-js/mermaid#867 from ssi02014/refac/purify
• ef183e0 refac: remove and improve unnecessary code
• ce2eaab Merge pull request Collaborators wanted! mermaid-js/mermaid#866 from cure53/dependabot/github_actions/actions/setup-node-4

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[stackblitz]

Run & review this pull request in StackBlitz Codeflow.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 1161a9d

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[sourcery-ai]

PR Type: Enhancement

PR Summary: The pull request upgrades the dompurify package from version 3.0.5 to 3.0.7. This update includes improvements such as better protection against CSPP attacks and refactoring of the code base and build system.

Decision: Comment

📝 Type: 'Enhancement' - not supported yet.

• Sourcery currently only approves 'Typo fix' PRs.

✅ Issue addressed: this change correctly addresses the issue or implements the desired feature.

No details provided.

✅ Small diff: the diff is small enough to approve with confidence.

No details provided.

General suggestions:

• Ensure that the upgrade does not introduce any breaking changes that could affect the current functionality of the mermaid package.
• Verify that all features that rely on dompurify continue to function as expected after the upgrade.
• Consider performing a thorough dependency audit to ensure that all other dependencies are up-to-date and secure.

Thanks for using Sourcery. We offer it for free for open source projects and would be very grateful if you could help us grow. If you like it, would you consider sharing Sourcery on your favourite social media? ✨

Share Sourcery

• X
• Mastodon
• LinkedIn
• Facebook

---

Help me be more useful! Please click 👍 or 👎 on each comment to tell me if it was helpful.