chore(deps): dompurify@^2.2.3 (#6679)

This contribution allows the installation of DOMPurify ^2.2.3 instead of locking to the specific 2.2.2. The version 2.2.2 has a known security issue [0].
2020-12-10 01:06:00 +01:00
parent c6b9b7d613
commit a915d7d641
2 changed files with 4 additions and 4 deletions
--- a/package-lock.json
+++ b/package-lock.json
@@ -11142,9 +11142,9 @@
      }
    },
    "dompurify": {
-      "version": "2.2.2",
-      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.2.2.tgz",
-      "integrity": "sha512-BsGR4nDLaC5CNBnyT5I+d5pOeaoWvgVeg6Gq/aqmKYWMPR07131u60I80BvExLAJ0FQEIBQ1BTicw+C5+jOyrg=="
+      "version": "2.2.3",
+      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.2.3.tgz",
+      "integrity": "sha512-8Hv7Q0FuwD9rWoB6qI2eZsfKbGXfoUVuGHHrE15vgk4ReOKwOkSgbqb2OMFtc0d5besOEkoLkcyuV10zQ2X5gw=="
    },
    "domutils": {
      "version": "1.5.1",
--- a/package.json
+++ b/package.json
@@ -66,7 +66,7 @@
    "classnames": "^2.2.6",
    "css.escape": "1.5.1",
    "deep-extend": "0.6.0",
-    "dompurify": "=2.2.2",
+    "dompurify": "^2.2.3",
    "ieee754": "^1.1.13",
    "immutable": "^3.x.x",
    "js-file-download": "^0.4.1",