[WC-2854] Update DOMPurify dependency (#1483)

r0b1n · web-flow · commit 72ede742ec9a · 2025-03-14T13:42:15.000+01:00
diff --git a/packages/pluggableWidgets/html-element-web/CHANGELOG.md b/packages/pluggableWidgets/html-element-web/CHANGELOG.md
@@ -6,6 +6,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 
 ## [Unreleased]
 
+### Security
+
+-   Updated dompurify library to version 3.2.4 to incorporate latest improvements and security fixes.
+
 ## [1.2.1] - 2024-08-23
 
 ### Security
diff --git a/packages/pluggableWidgets/html-element-web/package.json b/packages/pluggableWidgets/html-element-web/package.json
@@ -1,7 +1,7 @@
 {
     "name": "@mendix/html-element-web",
     "widgetName": "HTMLElement",
-    "version": "1.2.1",
+    "version": "1.2.2",
     "description": "Displays custom HTML",
     "copyright": "© Mendix Technology BV 2025. All rights reserved.",
     "license": "Apache-2.0",
@@ -45,10 +45,9 @@
         "@mendix/eslint-config-web-widgets": "workspace:*",
         "@mendix/pluggable-widgets-tools": "*",
         "@mendix/prettier-config-web-widgets": "workspace:*",
-        "@mendix/widget-plugin-platform": "workspace:*",
-        "@types/dompurify": "^2.4.0"
+        "@mendix/widget-plugin-platform": "workspace:*"
     },
     "dependencies": {
-        "dompurify": "^2.5.7"
+        "dompurify": "^3.2.4"
     }
 }
diff --git a/packages/pluggableWidgets/html-element-web/src/package.xml b/packages/pluggableWidgets/html-element-web/src/package.xml
@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8" ?>
 <package xmlns="http://www.mendix.com/package/1.0/">
-    <clientModule name="HTMLElement" version="1.2.1" xmlns="http://www.mendix.com/clientModule/1.0/">
+    <clientModule name="HTMLElement" version="1.2.2" xmlns="http://www.mendix.com/clientModule/1.0/">
         <widgetFiles>
             <widgetFile path="HTMLElement.xml" />
         </widgetFiles>
diff --git a/packages/pluggableWidgets/rich-text-web/package.json b/packages/pluggableWidgets/rich-text-web/package.json
@@ -52,7 +52,6 @@
         "@mendix/widget-plugin-platform": "workspace:*",
         "@mendix/widget-plugin-test-utils": "workspace:*",
         "@rollup/plugin-json": "^6.1.0",
-        "@types/dompurify": "^2.4.0",
         "@types/katex": "^0.16.7",
         "@types/sanitize-html": "^1.27.2",
         "cross-env": "^7.0.3",
@@ -65,7 +64,7 @@
     "dependencies": {
         "@floating-ui/react": "^0.26.27",
         "classnames": "^2.2.6",
-        "dompurify": "^2.5.7",
+        "dompurify": "^3.2.4",
         "katex": "^0.16.11",
         "linkifyjs": "^4.1.3",
         "parchment": "^3.0.0",
diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
