Skip to content

chore(deps): bump dompurify from 3.4.10 to 3.4.11 in /SortVision in the npm_and_yarn group across 1 directory#913

Merged
github-actions[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/SortVision/npm_and_yarn-360cad5ee5
Jun 21, 2026
Merged

chore(deps): bump dompurify from 3.4.10 to 3.4.11 in /SortVision in the npm_and_yarn group across 1 directory#913
github-actions[bot] merged 1 commit into
mainfrom
dependabot/npm_and_yarn/SortVision/npm_and_yarn-360cad5ee5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 21, 2026

Copy link
Copy Markdown
Contributor

Bumps the npm_and_yarn group with 1 update in the /SortVision directory: dompurify.

Updates dompurify from 3.4.10 to 3.4.11

Release notes

Sourced from dompurify's releases.

DOMPurify 3.4.11

  • Fixed an issue with a leaky config for hooks via setConfig, thanks @​trace37labs
  • Bumped vulnerable development dependencies to arrive at plain 0 with npm audit
  • Updated the osv-scanner suppression list as no vulnerable dependencies are left for now
  • Updated up the linting tool-chain and removed now-redundant lint directives
  • Updated the documentation is several spots, README, wiki, etc.
  • Bumped several dependencies where possible
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the npm_and_yarn group with 1 update in the /SortVision directory: [dompurify](https://github.com/cure53/DOMPurify).


Updates `dompurify` from 3.4.10 to 3.4.11
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](cure53/DOMPurify@3.4.10...3.4.11)

---
updated-dependencies:
- dependency-name: dompurify
  dependency-version: 3.4.11
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 21, 2026
@dependabot dependabot Bot requested a review from alienx5499 as a code owner June 21, 2026 20:18
@vercel

vercel Bot commented Jun 21, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
sortvision Ready Ready Preview, Comment Jun 21, 2026 8:20pm

@github-actions

Copy link
Copy Markdown

QA suite report

Metric Value
Total tests 655
Passed 655
Failed 0
Warnings 0
Pass rate 100.0%
Grade S+
Duration 4.66s

Result: passed.

View workflow run

QA vs main (last successful CI on base branch)

Baseline: last green Continuous integration on main @ 4399aef (same test:ci suite).

Base This PR Δ passed
Passed 655 655 0
Failed 0 0
Total 655 655

Fixed (failed on base, passing on this PR)

None

New failures (failed on this PR; were not failing on base)

None

Still failing (failed on base and still failing on this PR)

None

@github-actions github-actions Bot merged commit 0042919 into main Jun 21, 2026
16 checks passed
@github-actions

Copy link
Copy Markdown

Dependabot auto-merge

Auto-merge is enabled (squash). GitHub will merge this PR once all required checks and reviews pass.

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/SortVision/npm_and_yarn-360cad5ee5 branch June 21, 2026 20:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants