Bump dompurify from 2.4.4 to 2.4.6 (!68) · Merge requests · eliatra-suite / Eliatra Suite Plugin for OpenSearch Dashboards

dependabot requested to merge dependabot-npm_and_yarn-dompurify-2.4.6 into main Jul 10, 2023

Bumps dompurify from 2.4.4 to 2.4.6.

Release notes

DOMPurify 2.4.6

Fixed a bypass in jsdom 22 in case the noframes element is permitted, thanks @leeN

DOMPurify 2.4.5

Fixed a problem with improper reset of custom HTML options, thanks @ammaraskar

Commits

5b7dff9 chore: Preparing 2.4.6 release
a01c083 Fix: addressed a bypass on jsdom 22 when noframes tag is allowed
f464d95 chore: preparing 2.4.5 release
See full diff in compare view

Dependabot commands

You can trigger Dependabot actions by commenting on this MR

$dependabot rebase will rebase this MR
$dependabot recreate will recreate this MR rewriting all the manual changes and resolving conflicts

Bump dompurify from 2.4.4 to 2.4.6

DOMPurify 2.4.6

DOMPurify 2.4.5

Merge request reports