[Snyk] Upgrade dompurify from 2.2.9 to 2.3.8 #3

javascript-benchmark · 2022-07-14T08:20:35Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade dompurify from 2.2.9 to 2.3.8.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 9 versions ahead of your current version.
The recommended version was released 2 months ago, on 2022-05-13.

Release notes

Package name: dompurify

2.3.8 - 2022-05-13
- Cleaned up a minor issue with the 2.3.7 release, thanks @ johnbirds
No other changes compared to 2.3.7 release, which entail:
- Fixes around a bug in Safari, thanks @ sybrew
- Slightly improved performance, thanks @ tiny-ben-tran
- Lots of chores, bumps and typo fixes, thanks @ is2ei
- Removed unnecessary string trimming, thanks @ christopherehlen
2.3.7 - 2022-05-11
2.3.6 - 2022-02-16
- Added an option to allow HTML5 doctypes, thanks @ tosmolka
- Bumped several dependencies, thanks @ is2ei
- Updated documentation to cover recently added flags, thanks @ is2ei
2.3.5 - 2022-01-26
- Performed several chores and cleanups, thanks @ is2ei
- Fixed a bug when working with Trusted Types, thanks @ tosmolka
- Fixed a bug with weird behavior on insecure nodes in IN_PLACE mode, thanks @ tosmolka
- Added more SVG attributes to allow-list, thanks @ rzhade3
2.3.4 - 2021-12-07
- Added support for Custom Elements, thanks @ franktopel
- Added new config settings to control Custom Element sanitizing, thanks @ franktopel
- Added faster clobber checks, thanks @ GrantGryczan
- Allow-listed SVG feImage elements, thanks @ ydaniv
- Updated test suite
- Update supported Node versions
- Updated README
2.3.3 - 2021-09-20
- Fixed a bug in the handing of PARSER_MEDIA_TYPE spotted by @ securitum-mb
- Adjusted the tests for MSIE to make sure the results are as expected now
2.3.2 - 2021-09-15
- Added new config option PARSER_MEDIA_TYPE, thanks @ tosmolka
2.3.1 - 2021-08-13
- Added code to make FORBID_CONTENTS setting configurable
- Added role to URI-safe attributes
- Added more paranoid handling for template elements
2.3.0 - 2021-07-06
- Added better handling of document creation on Firefox
- Added better handling of version numbers in license file
- Added two new browser versions to test suite config
- Fixed a bug with handling of custom data attributes
2.2.9 - 2021-06-01
- Fixed some minor issues related to the NAMESPACE config
- Fixed some minor issues relating to empty input
- Fixed some minor issues relating to handling of invalid XML

from dompurify GitHub release notes

Commit messages

Package name: dompurify

dc6db2c chore: Prepared 2.3.8. release
6fa9e5c chore: Preparing 2.3.7. release
ec99173 fix: Added an experimental fix for a WebKit engine bug, thanks @ sybrew
5dda014 Merge pull request #679 from is2ei/fix-typo
3d9dd14 Merge pull request #680 from tiny-ben-tran/performance-improvement
f4c5f80 Capitalised const variable name
73f2168 Moved commonSvgAndHTMLElements out so _checkValidNamespace doesn't re-created in every call
23ff095 Minor performance improvements
85ffd13 chore: fix typo in README
e5931be Merge pull request #678 from is2ei/fix-typo
8a38fe4 chore: fix typo
0965e99 docs: Added new conributors to README
9421f05 Merge pull request #676 from is2ei/update-pull-request-template
bf07c50 chore: update pull request template
81ae4bd Merge pull request #674 from is2ei/update-bugbounty-link
2f1a97d chore: update the link to bug bounty page
6e28ca8 Merge pull request #669 from is2ei/bump-karma
6cc790d chore: bump karma
a7cea06 Merge pull request #668 from cure53/dependabot/npm_and_yarn/minimist-1.2.6
8d92904 build(deps-dev): bump minimist from 1.2.5 to 1.2.6
b256113 Merge pull request #667 from is2ei/bump-rollup
ff41e9d chore: bump rollup
34261b1 Merge pull request #666 from is2ei/fix-link-to-amd
df44011 chore: fix link to AMD