Skip to content

[Snyk] Upgrade dompurify from 3.3.0 to 3.3.1#241

Open
graymalkin77 wants to merge 1 commit intomainfrom
snyk-upgrade-7c0a880089864ff901c84ee08f418ca8
Open

[Snyk] Upgrade dompurify from 3.3.0 to 3.3.1#241
graymalkin77 wants to merge 1 commit intomainfrom
snyk-upgrade-7c0a880089864ff901c84ee08f418ca8

Conversation

@graymalkin77
Copy link

snyk-top-banner

Snyk has created this PR to upgrade dompurify from 3.3.0 to 3.3.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 1 version ahead of your current version.

  • The recommended version was released 2 months ago.

Release notes
Package name: dompurify
  • 3.3.1 - 2025-12-08
    • Updated ADD_FORBID_CONTENTS setting to extend default list, thanks @ MariusRumpf
    • Updated the ESM import syntax to be more correct, thanks @ binhpv
  • 3.3.0 - 2025-10-13
    • Added the SVG mask-type attribute to default allow-list, thanks @ prasadrajandran
    • Added support for ADD_ATTR and ADD_TAGS to accept functions, thanks @ nelstrom
    • Fixed an issue with the slot element being in both SVG and HTML allow-list, thanks @ Wim-Valgaeren
from dompurify GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Snyk has created this PR to upgrade dompurify from 3.3.0 to 3.3.1.

See this package in npm:
dompurify

See this project in Snyk:
https://app.snyk.io/org/cognigy-gmbh/project/92bd593a-b4bf-439d-8778-29e930fdd262?utm_source=github&utm_medium=referral&page=upgrade-pr
Copilot AI review requested due to automatic review settings January 30, 2026 23:37
@graymalkin77
Copy link
Author

Merge Risk: Low

This is a patch upgrade from version 3.3.0 to 3.3.1. According to the release notes, this version contains minor updates to settings and import syntax. It does not introduce any breaking changes.

Source: Release notes

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR upgrades the dompurify dependency from version 3.3.0 to 3.3.1, a minor patch release that includes bug fixes and improvements to the HTML sanitization library. The update includes fixes for the ADD_FORBID_CONTENTS setting behavior and corrected ESM import syntax.

Changes:

  • Updates dompurify dependency to version 3.3.1 (released December 8, 2025)

@graymalkin77
Copy link
Author

graymalkin77 commented Jan 30, 2026

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues
Code Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants