[Snyk] Upgrade dompurify from 2.4.5 to 2.5.3

[stanleyowen]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade dompurify from 2.4.5 to 2.5.3.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

- The recommended version is **8 versions** ahead of your current version. - The recommended version was released on **21 days ago**. #### Issues fixed by the recommended upgrade: | | Issue | Score | Exploit Maturity | :-------------------------:|:-------------------------|:-------------------------|:-------------------------  | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-ADOBECSSTOOLS-6096077](https://snyk.io/vuln/SNYK-JS-ADOBECSSTOOLS-6096077) | **250** | No Known Exploit  | Uncontrolled resource consumption
[SNYK-JS-BRACES-6838727](https://snyk.io/vuln/SNYK-JS-BRACES-6838727) | **250** | Proof of Concept  | Path Traversal
[SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555](https://snyk.io/vuln/SNYK-JS-WEBPACKDEVMIDDLEWARE-6476555) | **250** | Proof of Concept  | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-ADOBECSSTOOLS-5871286](https://snyk.io/vuln/SNYK-JS-ADOBECSSTOOLS-5871286) | **250** | No Known Exploit  | Incomplete List of Disallowed Inputs
[SNYK-JS-BABELTRAVERSE-5962462](https://snyk.io/vuln/SNYK-JS-BABELTRAVERSE-5962462) | **250** | Proof of Concept  | Inefficient Regular Expression Complexity
[SNYK-JS-MICROMATCH-6838728](https://snyk.io/vuln/SNYK-JS-MICROMATCH-6838728) | **250** | No Known Exploit  | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **250** | Proof of Concept  | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-SEMVER-3247795](https://snyk.io/vuln/SNYK-JS-SEMVER-3247795) | **250** | Proof of Concept  | Improper Input Validation
[SNYK-JS-FOLLOWREDIRECTS-6141137](https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137) | **250** | Proof of Concept  | Prototype Pollution
[SNYK-JS-TOUGHCOOKIE-5672873](https://snyk.io/vuln/SNYK-JS-TOUGHCOOKIE-5672873) | **250** | Proof of Concept  | Information Exposure
[SNYK-JS-FOLLOWREDIRECTS-6444610](https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6444610) | **250** | Proof of Concept  | Template Injection
[SNYK-JS-DOMPURIFY-6474511](https://snyk.io/vuln/SNYK-JS-DOMPURIFY-6474511) | **250** | Proof of Concept  | Improper Control of Dynamically-Managed Code Resources
[SNYK-JS-EJS-6689533](https://snyk.io/vuln/SNYK-JS-EJS-6689533) | **250** | No Known Exploit  | Open Redirect
[SNYK-JS-EXPRESS-6474509](https://snyk.io/vuln/SNYK-JS-EXPRESS-6474509) | **250** | No Known Exploit  | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-WORDWRAP-3149973](https://snyk.io/vuln/SNYK-JS-WORDWRAP-3149973) | **250** | Proof of Concept

Release notes

Package name: dompurify

• 2.5.3 - 2024-05-11
  
  • Fixed several mXSS variations found by and thanks to @ kevin-mizu & @ Ry0taK
  • Added better configurability for comment scrubbing default behavior
  • Added better hardening against Prototype Pollution attacks, thanks @ kevin-mizu
  • Fixed some smaller issues in README and other documentation
• 2.5.2 - 2024-04-30
  
  • Addressed and fixed a mXSS variation found by @ kevin-mizu
  • Addressed and fixed a mXSS variation found by Adam Kues of Assetnote
  • Updated tests for older Safari and Chrome versions
• 2.5.1 - 2024-04-26
  
  • Fixed an mXSS sanitizer bypass reported by @ icesfont
  • Added new code to track element nesting depth
  • Added new code to enforce a maximum nesting depth of 255
  • Added coverage tests and necessary clobbering protections

  Note that this is a security release and should be upgraded to immediately. Please also note that further releases may follow as the underlying vulnerability is apparently new and further variations may be discovered.

• 2.5.0 - 2024-04-07
• 2.4.9 - 2024-03-21
• 2.4.8 - 2024-03-19
• 2.4.7 - 2023-07-11
• 2.4.6 - 2023-07-10
• 2.4.5 - 2023-03-01

from dompurify GitHub release notes

--- > [!IMPORTANT] > > - Check the changes in this PR to ensure they won't cause issues with your project. > - This PR was automatically created by Snyk using the credentials of a real user. > - Max score is 1000. Note that the real score may have changed since the PR was raised. --- **Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs._ **For more information:** > - 🧐 [View latest project report](https://app.snyk.io/org/stanleyowen06/project/6c4f0783-1007-4aa3-8da0-92885788a6c2?utm_source=github&utm_medium=referral&page=upgrade-pr) > - 📜 [Customise PR templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates) > - 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/stanleyowen06/project/6c4f0783-1007-4aa3-8da0-92885788a6c2/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) > - 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/stanleyowen06/project/6c4f0783-1007-4aa3-8da0-92885788a6c2/settings/integration?pkg=dompurify&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)

[netlify[bot]]

✅ Deploy Preview for otlio ready!

Name	Link
🔨 Latest commit	9a5cbdee1f6fca241d8fdf6fc9e61a811c8be8fd
🔍 Latest deploy log	https://app.netlify.com/sites/otlio/deploys/665b9609aa93c400081b21d9
😎 Deploy Preview	https://deploy-preview-442--otlio.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
Lighthouse	1 paths audited Performance: 65 (🔴 down 2 from production) Accessibility: 97 (🟢 up 3 from production) Best Practices: 92 (🟢 up 9 from production) SEO: 97 (no change from production) PWA: 70 (no change from production) View the detailed breakdown and full score reports

---

To edit notification comments on pull requests, go to your Netlify site configuration.