Skip to content

Chore(deps): Bump dompurify from 3.4.4 to 3.4.5#7997

Open
dependabot[bot] wants to merge 1 commit into
stable34from
dependabot/npm_and_yarn/stable34/dompurify-3.4.5
Open

Chore(deps): Bump dompurify from 3.4.4 to 3.4.5#7997
dependabot[bot] wants to merge 1 commit into
stable34from
dependabot/npm_and_yarn/stable34/dompurify-3.4.5

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 30, 2026
edited
Loading

Bumps dompurify from 3.4.4 to 3.4.5.

Release notes

Sourced from dompurify's releases.

DOMPurify 3.4.5

  • Fixed a bypass caused by the new HTML element selectedcontent added in 3.4.4, thanks @​KabirAcharya

Note that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.

Commits
Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.

@dependabot dependabot Bot mentioned this pull request May 30, 2026
Closed
@dependabot
Chore(deps): Bump dompurify from 3.4.4 to 3.4.5
ca01278 
Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.4 to 3.4.5.
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](cure53/DOMPurify@3.4.4...3.4.5)

---
updated-dependencies:
- dependency-name: dompurify
  dependency-version: 3.4.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Chore(deps): Bump dompurify from 3.4.0 to 3.4.5 Chore(deps): Bump dompurify from 3.4.4 to 3.4.5 Jun 4, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/stable34/dompurify-3.4.5 branch from 2772862 to ca01278 Compare June 4, 2026 09:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

@luka-nextcloud luka-nextcloud Awaiting requested review from luka-nextcloud luka-nextcloud is a code owner

@grnd-alt grnd-alt Awaiting requested review from grnd-alt grnd-alt is a code owner

Assignees

No one assigned

Labels

3. to review dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants