chore(deps): bump npm deps

[hanabi1224]

Summary of changes

"Dependabot can't resolve your JavaScript dependency files"
https://github.com/ChainSafe/forest/network/updates/1299387250

Changes introduced in this pull request:

• fix https://github.com/ChainSafe/forest/security/dependabot/192

Reference issue to close (if applicable)

Closes

Other information and links

Change checklist

• I have performed a self-review of my own code,
• I have made corresponding changes to the documentation. All new code adheres to the team's documentation standards,
• I have added tests that prove my fix is effective or that my feature works (if possible),
• I have made sure the CHANGELOG is up-to-date. All user-facing changes should be reflected in this document.

Outside contributions

• I have read and agree to the CONTRIBUTING document.
• I have read and agree to the AI Policy document. I understand that failure to comply with the guidelines will lead to rejection of the pull request.

Summary by CodeRabbit

• Chores
  • Updated dependency version constraints to allow compatible newer releases for improved package flexibility.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: e2399fa2-e051-4cca-8952-c5d867b08f92

📥 Commits

Reviewing files that changed from the base of the PR and between 9a1fe93 and 76b7072.

⛔ Files ignored due to path filters (1)

• docs/pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (1)

• docs/package.json

---

Walkthrough

Updated the dompurify dependency resolution constraint in docs/package.json from a fixed version (3.3.1) to a semver range (^3.3.3), allowing yarn or npm to resolve to compatible patch and minor versions of the package.

Changes

Cohort / File(s)	Summary
Dependency Version Constraint docs/package.json	Updated dompurify resolution from pinned version 3.3.1 to semver range ^3.3.3.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Suggested labels

dependencies, javascript

Suggested reviewers

• LesnyRumcajs
• sudo-shashank

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Title check	❓ Inconclusive	The title 'chore(deps): bump npm deps' is generic and vague, using non-descriptive phrasing that doesn't convey the specific change (updating dompurify constraint from fixed version to semver range).	Make the title more specific by mentioning the affected package or the nature of the change, e.g., 'chore(deps): update dompurify to semver constraint' or 'chore(deps): relax dompurify version resolution'.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch hm/bump-npm-deps

✨ Simplify code

• Create PR with simplified code
• Commit simplified code in branch hm/bump-npm-deps

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}