chore(deps): update dependency dompurify to v3.4.10#6229
Merged
Conversation
thomhurst
added
dependencies
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Patch dependency update generated by Renovate — bumps dompurify in docs/ from 3.4.9 to 3.4.10.
Scope: Only docs/package.json and docs/yarn.lock are touched. No .NET source, engine logic, tests, or snapshots are affected.
Change is correct: The yarn.lock entry (version, resolved URL, and integrity hash) is consistent with the package.json version pin.
Release notes look safe: The 3.4.10 changelog is purely a refactor/performance/housekeeping release — no breaking changes, no API surface changes. The mXSS probe hoisting and textContent-before-innerHTML optimisation are neutral-to-positive for a docs-site sanitisation use case.
Auto-merge is already enabled, which is appropriate for this category of patch. Nothing here warrants blocking.
Up to standards ✅🟢 Issues
|
This was referenced Jun 12, 2026
This was referenced Jun 15, 2026
Open
github-actions Bot
pushed a commit
to IntelliTect/CodingGuidelines
that referenced
this pull request
Jun 15, 2026
Updated [TUnit.Core](https://github.com/thomhurst/TUnit) from 1.51.0 to 1.55.2. <details> <summary>Release notes</summary> _Sourced from [TUnit.Core's releases](https://github.com/thomhurst/TUnit/releases)._ ## 1.55.2 <!-- Release notes generated using configuration in .github/release.yml at v1.55.2 --> ## What's Changed ### Other Changes * fix(aspire): publish TUnit.Aspire.Core package (#6246) by @thomhurst in thomhurst/TUnit#6247 ### Dependencies * chore(deps): update tunit to 1.55.0 by @thomhurst in thomhurst/TUnit#6245 **Full Changelog**: thomhurst/TUnit@v1.55.0...v1.55.2 ## 1.55.0 <!-- Release notes generated using configuration in .github/release.yml at v1.55.0 --> ## What's Changed ### Other Changes * feat(aspire): add TUnit.Aspire.Core without TUnit metapackage dependency (#5471) by @thomhurst in thomhurst/TUnit#6243 * fix(analyzers): scope TUnit0031 async-void rule to tests and hooks (#6190) by @thomhurst in thomhurst/TUnit#6244 ### Dependencies * chore(deps): update dependency streamjsonrpc to 2.25.28 by @thomhurst in thomhurst/TUnit#6232 * chore(deps): update tunit to 1.54.0 by @thomhurst in thomhurst/TUnit#6233 * chore(deps): bump joi from 17.13.3 to 17.13.4 in /docs by @dependabot[bot] in thomhurst/TUnit#6234 * chore(deps): update dependency polyfill to 10.9.0 by @thomhurst in thomhurst/TUnit#6238 * chore(deps): update _tunitpolyfillversion to 10.9.0 by @thomhurst in thomhurst/TUnit#6237 * chore(deps): update dependency polyfill to 10.10.0 by @thomhurst in thomhurst/TUnit#6242 * chore(deps): update _tunitpolyfillversion to 10.10.0 by @thomhurst in thomhurst/TUnit#6241 **Full Changelog**: thomhurst/TUnit@v1.54.0...v1.55.0 ## 1.54.0 <!-- Release notes generated using configuration in .github/release.yml at v1.54.0 --> ## What's Changed ### Other Changes * Generate collection-shape drill-in overloads (#6185) by @thomhurst in thomhurst/TUnit#6218 * feat(mocks): setup/verify on secondary interfaces of multi-type mocks by @thomhurst in thomhurst/TUnit#6230 * perf: reduce allocations in source-gen test building hot paths by @thomhurst in thomhurst/TUnit#6228 * perf: shrink generated TestEntry builder IL via shared TUnit.Core factory helpers by @thomhurst in thomhurst/TUnit#6231 ### Dependencies * chore(deps): update tunit to 1.53.0 by @thomhurst in thomhurst/TUnit#6199 * chore(deps): update verify to 31.19.1 by @thomhurst in thomhurst/TUnit#6200 * chore(deps): update dependency messagepack to 3.1.7 by @thomhurst in thomhurst/TUnit#6203 * chore(deps): update dependency fsharp.core to 10.1.301 by @thomhurst in thomhurst/TUnit#6202 * chore(deps): update dependency microsoft.entityframeworkcore to 10.0.9 by @thomhurst in thomhurst/TUnit#6205 * chore(deps): update dependency dotnet-sdk to v10.0.301 by @thomhurst in thomhurst/TUnit#6204 * chore(deps): update dependency microsoft.templateengine.authoring.cli to v10.0.301 by @thomhurst in thomhurst/TUnit#6206 * chore(deps): update dependency microsoft.templateengine.authoring.templateverifier to 10.0.301 by @thomhurst in thomhurst/TUnit#6207 * chore(deps): update microsoft.aspnetcore to 10.0.9 by @thomhurst in thomhurst/TUnit#6209 * chore(deps): update dependency system.commandline to 2.0.9 by @thomhurst in thomhurst/TUnit#6208 * chore(deps): update microsoft.extensions by @thomhurst in thomhurst/TUnit#6211 * chore(deps): update dependency dompurify to v3.4.9 by @thomhurst in thomhurst/TUnit#6213 * chore(deps): bump shell-quote from 1.8.3 to 1.8.4 in /docs by @dependabot[bot] in thomhurst/TUnit#6210 * chore(deps): update dependency polly to 8.7.0 by @thomhurst in thomhurst/TUnit#6214 * chore(deps): update dependency microsoft.net.stringtools to 18.7.1 by @thomhurst in thomhurst/TUnit#6215 * chore(deps): update microsoft.build to 18.7.1 by @thomhurst in thomhurst/TUnit#6216 * chore(deps): update opentelemetry to 1.16.0 by @thomhurst in thomhurst/TUnit#6217 * chore(deps): update dependency dompurify to v3.4.10 by @thomhurst in thomhurst/TUnit#6229 **Full Changelog**: thomhurst/TUnit@v1.53.0...v1.54.0 ## 1.53.0 <!-- Release notes generated using configuration in .github/release.yml at v1.53.0 --> ## What's Changed ### Other Changes * feat(assertions): return typed value from IsAssignableTo<T> (#6184) by @thomhurst in thomhurst/TUnit#6187 * fix: stop doubling backslashes in source-gen emitted FilePath (breaks HTML report source links) by @thomhurst in thomhurst/TUnit#6193 * feat(assertions): add ContainsKey().And.Value drill-in for dictionaries (#6185) by @thomhurst in thomhurst/TUnit#6188 * fix(tests): snapshot ExecutionLog under lock to fix parallel race by @thomhurst in thomhurst/TUnit#6194 * fix(engine): run lifecycle hooks before test class construction (#6192) by @thomhurst in thomhurst/TUnit#6195 * feat(assertions): inference-friendly pinned overload for covariant [AssertionExtension] with own generic (#5922) by @thomhurst in thomhurst/TUnit#6196 * feat: add DeferEnumeration to defer data-source expansion to runtime (#5833) by @thomhurst in thomhurst/TUnit#6197 ### Dependencies * chore(deps): update tunit to 1.51.0 by @thomhurst in thomhurst/TUnit#6186 * chore(deps): update microsoft.testing to 18.8.0 by @thomhurst in thomhurst/TUnit#6191 * chore(deps): update aspire to 13.4.3 by @thomhurst in thomhurst/TUnit#6198 **Full Changelog**: thomhurst/TUnit@v1.51.0...v1.53.0 Commits viewable in [compare view](thomhurst/TUnit@v1.51.0...v1.55.2). </details> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This was referenced Jun 15, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
3.4.9→3.4.10Release Notes
cure53/DOMPurify (dompurify)
v3.4.10: DOMPurify 3.4.10Compare Source
types.tsSAFE_FOR_TEMPLATESscrubbing into single shared pathtextContentbeforeinnerHTMLnpm run bench) with a--comparemodedemos/folder so every demo runs again, and added a SVG-via-<img>demotest:happydomscripts in the READMEConfiguration
📅 Schedule: (UTC)
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate.