[Snyk] Upgrade dompurify from 3.3.0 to 3.3.1

[graymalkin77]

Snyk has created this PR to upgrade dompurify from 3.3.0 to 3.3.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 1 version ahead of your current version.

• The recommended version was released 2 months ago.

Release notes

Package name: dompurify

• 3.3.1 - 2025-12-08
  
  • Updated ADD_FORBID_CONTENTS setting to extend default list, thanks @ MariusRumpf
  • Updated the ESM import syntax to be more correct, thanks @ binhpv
• 3.3.0 - 2025-10-13
  
  • Added the SVG mask-type attribute to default allow-list, thanks @ prasadrajandran
  • Added support for ADD_ATTR and ADD_TAGS to accept functions, thanks @ nelstrom
  • Fixed an issue with the slot element being in both SVG and HTML allow-list, thanks @ Wim-Valgaeren

from dompurify GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[graymalkin77]

This is a patch version upgrade from 3.3.0 to 3.3.1. According to the changelog, this release contains minor updates and fixes.

Changes:

• The ADD_FORBID_CONTENTS setting was updated to extend its default list of forbidden elements.
• The ESM (ECMAScript Modules) import syntax was updated to be more correct.

These changes are consistent with a patch release and are not expected to be breaking. The ESM syntax update is a correction and should not impact most users.

Source: Release notes

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[graymalkin77]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[Copilot]

Pull request overview

This PR updates the dompurify dependency to the latest patch version as recommended by Snyk, and refreshes the npm lockfile accordingly.

Changes:

• Bump dompurify in package.json to ^3.3.1.
• Update package-lock.json to resolve dompurify 3.3.1 (and include additional lockfile metadata churn).

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated 1 comment.

File	Description
package.json	Updates the declared dompurify version range to ^3.3.1.
package-lock.json	Updates the resolved dompurify package to 3.3.1 and includes broader lockfile metadata changes.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The PR description/title says this is an upgrade from dompurify 3.3.0 → 3.3.1, but package.json is also bumping the declared semver range from ^3.0.11 → ^3.3.1 (raising the minimum required minor). If the intent is only to update the resolved version in the lockfile, consider keeping the existing range and only updating package-lock.json; otherwise, please adjust the PR description to reflect that the manifest constraint is being tightened as well.