Bump dompurify from 2.3.6 to 2.4.3

[dependabot[bot]]

Bumps dompurify from 2.3.6 to 2.4.3.

Release notes

Sourced from dompurify's releases.

DOMPurify 2.4.3

• Final release that is compatible with MSIE10 & MSIE 11

DOMPurify 2.4.2

• Fixed a Trusted Types sink violation with empty input and NAMESPACE , thanks @​tosmolka
• Fixed a Prototype Pollution issue discovered and reported by @​kevin-mizu

DOMPurify 2.4.1

• Added new config option ALLOWED_NAMESPACES for better XML handling, thanks @​kevin-deyoungster @​tosmolka
• Added better detection of template literals when SAFE_FOR_TEMPLATES is true
• Fixed an exception caused by DOM clobbering, thanks @​masatokinugawa
• Bumped some dependencies, thanks @​marcpenya-tf

DOMPurify 2.4.0

• Removed bundled types again as they caused too much trouble

DOMPurify 2.3.12

• Fixed an issue in 2.3.11 causing errors w. TypeScript, see #712, thanks @​Mirco469, @​brentkeller, @​aryanisml

DOMPurify 2.3.11

• Added generated type definitions for better compatibility
• Added SANITIZE_NAMED_PROPS config option, thanks @​SoheilKhodayari
• Updated README and config documentation, thanks @​0xedward
• Updated test suite with newer Node versions

DOMPurify 2.3.10

• Added support for sanitization of attributes requiring Trusted Types, thanks @​tosmolka

DOMPurify 2.3.9

• Made TAG and ATTR config options case-sensitive when parsing XHTML, thanks @​tosmolka
• Bumped some dependencies, thanks @​is2ei
• Included github-actions in the dependabot config, thanks @​nathannaveen

DOMPurify 2.3.8

• Cleaned up a minor issue with the 2.3.7 release, thanks @​johnbirds

No other changes compared to 2.3.7 release, which entail:

• Fixes around a bug in Safari, thanks @​sybrew
• Slightly improved performance, thanks @​tiny-ben-tran
• Lots of chores, bumps and typo fixes, thanks @​is2ei
• Removed unnecessary string trimming, thanks @​christopherehlen

Commits

• 90326ef Merge pull request #750 from cure53/dependabot/npm_and_yarn/json5-1.0.2
• fade506 chore: Prepare 2.4.3, final feature release compatible w. MSIE10/11
• 3afe389 build(deps): bump json5 from 1.0.1 to 1.0.2
• f1e180f fix: merged from latest main
• 7707778 Update README.md
• 5267b04 chore: Preparing 2.4.2 release
• d1dd037 fix: Fixed a prototype pollution bug reported by @​kevin_mizu
• 24d2a7f Merge pull request #748 from tosmolka/tosmolka/747
• 7de86a0 Fix formatting
• 191cc00 Fix Trusted Types Sink violation with empty input and NAMESPACE
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #1076.