From e5fea46b1c6a8c13febbc475a578afd19487e415 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 4 Nov 2024 19:40:43 +0000
Subject: [PATCH] fix: package.json & yarn.lock to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-DOMPURIFY-8318045
---
 package.json | 2 +-
 yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package.json b/package.json
index cc9410aa880f..6bf213c0f99c 100644
--- a/package.json
+++ b/package.json
@@ -18,7 +18,7 @@
     "@ampproject/toolbox-cache-url": "2.5.4",
     "@ampproject/viewer-messaging": "1.1.0",
     "@ampproject/worker-dom": "0.25.2",
-    "dompurify": "2.0.7",
+    "dompurify": "2.4.2",
     "intersection-observer": "0.11.0",
     "jss": "10.3.0",
     "moment": "2.24.0",
diff --git a/yarn.lock b/yarn.lock
index 62c1d745bbc4..64f4b04fda49 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -6367,10 +6367,10 @@ domhandler@^2.3.0:
   dependencies:
     domelementtype "1"
 
-dompurify@2.0.7:
-  version "2.0.7"
-  resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-2.0.7.tgz#f8266ad38fe1602fb5b3222f31eedbf5c16c4fd5"
-  integrity sha512-S3O0lk6rFJtO01ZTzMollCOGg+WAtCwS3U5E2WSDY/x/sy7q70RjEC4Dmrih5/UqzLLB9XoKJ8KqwBxaNvBu4A==
+dompurify@2.4.2:
+  version "2.4.2"
+  resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-2.4.2.tgz#c3409b49357804c9b00e1fbebea81f26514c5bc3"
+  integrity sha512-ckbbxcGpfTJ7SNHC2yT2pHSCYxo2oQgSfdoDHQANzMzQyGzVmalF9W/B+X97Cdik5xFwWtwJP232gIP2+1kNEA==
 
 domutils@1.5.1:
   version "1.5.1"