[Snyk] Upgrade dompurify from 3.2.4 to 3.3.0

[MrRio]

Snyk has created this PR to upgrade dompurify from 3.2.4 to 3.3.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 4 versions ahead of your current version.

• The recommended version was released 2 months ago.

Release notes

Package name: dompurify

• 3.3.0 - 2025-10-13
  
  • Added the SVG mask-type attribute to default allow-list, thanks @ prasadrajandran
  • Added support for ADD_ATTR and ADD_TAGS to accept functions, thanks @ nelstrom
  • Fixed an issue with the slot element being in both SVG and HTML allow-list, thanks @ Wim-Valgaeren
• 3.2.7 - 2025-09-17
  
  • Added new attributes and elements to default allow-list, thanks @ elrion018
  • Added tagName parameter to custom element attributeNameCheck, thanks @ nelstrom
  • Added better check for animated href attributes, thanks @ llamakko
  • Updated and improved the bundled types, thanks @ ssi02014
  • Updated several tests to better align with new browser encoding behaviors
  • Improved the handling of potentially risky content inside CDATA elements, thanks @ securityMB & @ terjanq
  • Improved the regular expression for raw-text elements to cover textareas, thanks @ securityMB & @ terjanq
• 3.2.6 - 2025-05-19
  
  • Fixed several typos and removed clutter from our documentation, thanks @ Rotzbua
  • Added matrix: as an allowed URI scheme, thanks @ kleinesfilmroellchen
  • Added better config hardening against prototype pollution, thanks @ EffectRenan
  • Added better handling of attribute removal, thanks @ michalnieruchalski-tiugo
  • Added better configuration for aggressive mXSS scrubbing behavior, thanks @ BryanValverdeU
  • Removed the script that caused the fake entry CVE-2025-48050
• 3.2.5 - 2025-04-03
  
  • Added a check to the mXSS detection regex to be more strict, thanks @ masatokinugawa
  • Added ESM type imports in source, removes patch function, thanks @ donmccurdy
  • Added script to verify various TypeScript configurations, thanks @ reduckted
  • Added more modern browsers to the Karma launchers list
  • Added Node 23.x to tested runtimes, removed Node 17.x
  • Fixed the generation of source maps, thanks @ reduckted
  • Fixed an unexpected behavior with ALLOWED_URI_REGEXP using the 'g' flag, thanks @ hhk-png
  • Fixed a few typos in the README file
• 3.2.4 - 2025-01-30
  
  • Fixed a conditional and config dependent mXSS-style bypass reported by @ nsysean
  • Added a new feature to allow specific hook removal, thanks @ davecardwell
  • Added purify.js and purify.min.js to exports, thanks @ Aetherinox
  • Added better logic in case no window object is president, thanks @ yehuya
  • Updated some dependencies called out by dependabot
  • Updated license files etc to show the correct year

from dompurify GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs