chore(deps): bump dompurify from 2.4.5 to 3.0.3

[dependabot[bot]]

Bumps dompurify from 2.4.5 to 3.0.3.

Release notes

Sourced from dompurify's releases.

DOMPurify 3.0.3

• Added new TRUSTED_TYPES_POLICY configuration option, thanks @​dejang
• Added feDropShadow to the SVG filter allow-list, thanks @​SelfMadeSystem

DOMPurify 3.0.2

• Fixed an issue with ALLOWED_URI_REGEXP not being reset, thanks @​mukilane
• Added mprescripts tag to allowed MathML elements, thanks @​duyhai94
• Added SMS URI scheme to allowed URI schemes, tanks @​Kiwka
• Updated supported browser versions for nicer code and smaller size, thanks @​buzinas

DOMPurify 3.0.1

• Fixed a problem with improper reset of custom HTML options, thanks @​ammaraskar

DOMPurify 3.0.0

• Removed all code that is for MSIE-only
• Removed all tests that are for MSIE-only
• Modified documentation to reflect new state of MSIE support
• Added support for ALLOW_SELF_CLOSE_IN_ATTR flag, thanks @​edg2s @​AndreVirtimo
• Added better support for shadowrootmode, thanks @​mfreed7

NOTE Please use the 2.4.4 release if you still need MSIE support, 3.0.0 comes without the MSIE overhead

Commits

• c70f8c5 Merge pull request #805 from cure53/main
• ca67d37 chore: preparing 3.0.3 release
• ad1bdd4 Merge pull request #801 from dejang/refactor-policy-creation-order
• e7895b4 Merge pull request #803 from cure53/dependabot/npm_and_yarn/engine.io-and-soc...
• 8a2ca66 build(deps): bump engine.io and socket.io
• 2377fc5 create internal trustedTypes policy only if not specified via config object
• bb04683 Merge pull request #800 from dejang/configurable-trusted-types-policy
• 8dc24e4 support TRUSTED_TYPES_POLICY configuration option
• f3a5f0c Merge pull request #795 from SelfMadeSystem/patch-1
• d507666 Moved feDropShadow to the svg filter allowlist
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[coveralls]

Coverage: 100.0%. Remained the same when pulling 10959234390d5a608d77caaaacc5c35e82f42216 on dependabot/npm_and_yarn/dompurify-3.0.3 into d10fd5f50694df6f27e83d2fe760bc38675a6528 on master.

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.