chore(deps): update dependency dompurify to v3.4.10#6229
Conversation
thomhurst
added
dependencies
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
There was a problem hiding this comment.
Patch dependency update generated by Renovate — bumps dompurify in docs/ from 3.4.9 to 3.4.10.
Scope: Only docs/package.json and docs/yarn.lock are touched. No .NET source, engine logic, tests, or snapshots are affected.
Change is correct: The yarn.lock entry (version, resolved URL, and integrity hash) is consistent with the package.json version pin.
Release notes look safe: The 3.4.10 changelog is purely a refactor/performance/housekeeping release — no breaking changes, no API surface changes. The mXSS probe hoisting and textContent-before-innerHTML optimisation are neutral-to-positive for a docs-site sanitisation use case.
Auto-merge is already enabled, which is appropriate for this category of patch. Nothing here warrants blocking.
Up to standards ✅🟢 Issues
|
2 participants
This PR contains the following updates:
3.4.9→3.4.10Release Notes
cure53/DOMPurify (dompurify)
v3.4.10: DOMPurify 3.4.10Compare Source
types.tsSAFE_FOR_TEMPLATESscrubbing into single shared pathtextContentbeforeinnerHTMLnpm run bench) with a--comparemodedemos/folder so every demo runs again, and added a SVG-via-<img>demotest:happydomscripts in the READMEConfiguration
📅 Schedule: (UTC)
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate.