[Snyk] Upgrade dompurify from 2.3.4 to 2.3.8

[snyk-bot]

Snyk has created this PR to upgrade dompurify from 2.3.4 to 2.3.8.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 4 versions ahead of your current version.
• The recommended version was released a month ago, on 2022-05-13.

Release notes

Package name: dompurify

• 2.3.8 - 2022-05-13
  
  • Cleaned up a minor issue with the 2.3.7 release, thanks @ johnbirds

  No other changes compared to 2.3.7 release, which entail:

  • Fixes around a bug in Safari, thanks @ sybrew
  • Slightly improved performance, thanks @ tiny-ben-tran
  • Lots of chores, bumps and typo fixes, thanks @ is2ei
  • Removed unnecessary string trimming, thanks @ christopherehlen
• 2.3.7 - 2022-05-11
• 2.3.6 - 2022-02-16
  
  • Added an option to allow HTML5 doctypes, thanks @ tosmolka
  • Bumped several dependencies, thanks @ is2ei
  • Updated documentation to cover recently added flags, thanks @ is2ei
• 2.3.5 - 2022-01-26
  
  • Performed several chores and cleanups, thanks @ is2ei
  • Fixed a bug when working with Trusted Types, thanks @ tosmolka
  • Fixed a bug with weird behavior on insecure nodes in IN_PLACE mode, thanks @ tosmolka
  • Added more SVG attributes to allow-list, thanks @ rzhade3
• 2.3.4 - 2021-12-07
  
  • Added support for Custom Elements, thanks @ franktopel
  • Added new config settings to control Custom Element sanitizing, thanks @ franktopel
  • Added faster clobber checks, thanks @ GrantGryczan
  • Allow-listed SVG feImage elements, thanks @ ydaniv
  • Updated test suite
  • Update supported Node versions
  • Updated README

from dompurify GitHub release notes

Commit messages

Package name: dompurify

• dc6db2c chore: Prepared 2.3.8. release
• 6fa9e5c chore: Preparing 2.3.7. release
• ec99173 fix: Added an experimental fix for a WebKit engine bug, thanks @ sybrew
• 5dda014 Merge pull request Calendar: Remove valarms from objects in read-only shared calendars nextcloud/server#679 from is2ei/fix-typo
• 3d9dd14 Merge pull request WebDAV: stream_get_contents() expects parameter 2 to be long, string given nextcloud/server#680 from tiny-ben-tran/performance-improvement
• f4c5f80 Capitalised const variable name
• 73f2168 Moved commonSvgAndHTMLElements out so _checkValidNamespace doesn't re-created in every call
• 23ff095 Minor performance improvements
• 85ffd13 chore: fix typo in README
• e5931be Merge pull request Create Web Installer script nextcloud/server#678 from is2ei/fix-typo
• 8a38fe4 chore: fix typo
• 0965e99 docs: Added new conributors to README
• 9421f05 Merge pull request Search API nextcloud/server#676 from is2ei/update-pull-request-template
• bf07c50 chore: update pull request template
• 81ae4bd Merge pull request remove extra file size padding to fix action menu position nextcloud/server#674 from is2ei/update-bugbounty-link
• 2f1a97d chore: update the link to bug bounty page
• 6e28ca8 Merge pull request [stable9] Transifex Owncloud > NextCloud nextcloud/server#669 from is2ei/bump-karma
• 6cc790d chore: bump karma
• a7cea06 Merge pull request [stable10] up the minimum size of the public share video a bit, use 16/9 ratio nextcloud/server#668 from cure53/dependabot/npm_and_yarn/minimist-1.2.6
• 8d92904 build(deps-dev): bump minimist from 1.2.5 to 1.2.6
• b256113 Merge pull request [Stable10] Transifex Owncloud > Nextcloud nextcloud/server#667 from is2ei/bump-rollup
• ff41e9d chore: bump rollup
• 34261b1 Merge pull request [stable9] Transifex Owncloud > NextCloud nextcloud/server#666 from is2ei/fix-link-to-amd
• df44011 chore: fix link to AMD

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs