From f0802c0dc7190eb15c8628d3144476cb41d523cb Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 19 Jun 2026 18:45:02 +0000 Subject: [PATCH 1/2] Update dependency dompurify to v3.4.11 [SECURITY] --- client/package.json | 2 +- client/pnpm-lock.yaml | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/client/package.json b/client/package.json index 9f6377999..62e2c9d2e 100644 --- a/client/package.json +++ b/client/package.json @@ -63,7 +63,7 @@ "@tiptap/react": "3.26.1", "@tiptap/starter-kit": "3.26.1", "dayjs": "1.11.21", - "dompurify": "3.4.10", + "dompurify": "3.4.11", "embla-carousel": "8.6.0", "embla-carousel-react": "8.6.0", "i18n-iso-countries": "7.14.0", diff --git a/client/pnpm-lock.yaml b/client/pnpm-lock.yaml index 941c3210a..6dc4b6493 100644 --- a/client/pnpm-lock.yaml +++ b/client/pnpm-lock.yaml @@ -91,8 +91,8 @@ importers: specifier: 1.11.21 version: 1.11.21 dompurify: - specifier: 3.4.10 - version: 3.4.10 + specifier: 3.4.11 + version: 3.4.11 embla-carousel: specifier: 8.6.0 version: 8.6.0 @@ -2097,8 +2097,8 @@ packages: resolution: {integrity: sha512-cgwlv/1iFQiFnU96XXgROh8xTeetsnJiDsTc7TYCLFd9+/WNkIqPTxiM/8pSd8VIrhXGTf1Ny1q1hquVqDJB5w==} engines: {node: '>= 4'} - dompurify@3.4.10: - resolution: {integrity: sha512-0xzNv0e7oYC6yyuOGZIABPM4qtg3QxLFniDNPP4ZP90wR8Yq3zgwpRbrNiT4N3IKqDbbYFEJLV+JWEs19aZ//w==} + dompurify@3.4.11: + resolution: {integrity: sha512-zhlUV12GsaRzMsf9q5M254YhA4+VuF0fG+QFqu6aYpoGlKtz+w8//jBcGVYBgQkR5GHjUomejY84AV+/uPbWdw==} domutils@2.8.0: resolution: {integrity: sha512-w96Cjofp72M5IIhpjgobBimYEfoPjx1Vx0BSX9P30WBdZW2WIKU0T1Bd0kz2eNZ9ikjKgHbEyKx8BB6H1L3h3A==} @@ -6603,7 +6603,7 @@ snapshots: dependencies: domelementtype: 2.3.0 - dompurify@3.4.10: + dompurify@3.4.11: optionalDependencies: '@types/trusted-types': 2.0.7 From b97297b11827fdcca4d9b86cc3a27ac91a5baa1a Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Fri, 19 Jun 2026 18:50:44 +0000 Subject: [PATCH 2/2] chore: refresh SBOM after dependency update --- client/sbom/.lock-hash | 2 +- client/sbom/bom.json | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/client/sbom/.lock-hash b/client/sbom/.lock-hash index 29dfc8903..feb3aa5cf 100644 --- a/client/sbom/.lock-hash +++ b/client/sbom/.lock-hash @@ -1 +1 @@ -fabc3dee8aa513fd25dcc539128d48e3bb3d1d8b78ba872eb498b523e77ca987 +f1a2e6958c711599b1bed5ca197684d8c0da42ff052eb5a22167b982ebc5b985 diff --git a/client/sbom/bom.json b/client/sbom/bom.json index f7eed963a..dd67a172d 100644 --- a/client/sbom/bom.json +++ b/client/sbom/bom.json @@ -7931,17 +7931,17 @@ { "type": "library", "name": "dompurify", - "version": "3.4.10", - "purl": "pkg:npm/dompurify@3.4.10", - "bom-ref": "pkg:npm/dompurify@3.4.10", + "version": "3.4.11", + "purl": "pkg:npm/dompurify@3.4.11", + "bom-ref": "pkg:npm/dompurify@3.4.11", "externalReferences": [ { "type": "distribution", - "url": "https://registry.npmjs.org/dompurify/-/dompurify-3.4.10.tgz", + "url": "https://registry.npmjs.org/dompurify/-/dompurify-3.4.11.tgz", "hashes": [ { "alg": "SHA-512", - "content": "d31ccdbf47bba180bacb2b8e19920004f338aad8374312c59e20cd3cfe193fdd3047c62adf3830a516eb3624f837720aa836db6051092d5f89584b35f5a67fff" + "content": "ce1954575d86b1a47332c7fdab9336e78621038f95b85d1f1be405aaee9a629a0694ab73fb0f3ffe305c195601810911e461e352899e8d8f38015fbfb8f6d677" } ] } @@ -20426,7 +20426,7 @@ ] }, { - "ref": "pkg:npm/dompurify@3.4.10", + "ref": "pkg:npm/dompurify@3.4.11", "dependsOn": [ "pkg:npm/%40types/trusted-types@2.0.7" ] @@ -22896,7 +22896,7 @@ "pkg:npm/css-loader@7.1.4", "pkg:npm/css-minimizer-webpack-plugin@8.0.0", "pkg:npm/dayjs@1.11.21", - "pkg:npm/dompurify@3.4.10", + "pkg:npm/dompurify@3.4.11", "pkg:npm/embla-carousel-react@8.6.0", "pkg:npm/embla-carousel@8.6.0", "pkg:npm/eslint-config-prettier@10.1.8",