Update dependency dompurify to v3.4.5

[red-hat-konflux]

This PR contains the following updates:

Package	Change	Age	Confidence
dompurify	3.4.3 → 3.4.5

---

Release Notes

cure53/DOMPurify (dompurify)

v3.4.5: DOMPurify 3.4.5

Compare Source

• Fixed a bypass caused by the new HTML element selectedcontent added in 3.4.4, thanks @​KabirAcharya

Note that this is a security release for an issue introduced in 3.4.4 and should be upgraded to immediately.

v3.4.4: DOMPurify 3.4.4

Compare Source

• Added the selectedcontent element to default allow-list, thanks @​lukewarlow
• Added the command and commandfor attributes to default allowed-list, thanks @​lukewarlow
• Added better template scrubbing for IN_PLACE operations, thanks @​DEMON1A
• Added stronger checks for cross-realm windows, thanks @​DEMON1A & @​fg0x0
• Updated demo website and made sure it uses the latest from main
• Updated existing workflows, fuzzer, dependabot, etc., added more tests
• Bumped several dependencies where possible

🚨 This release had been flagged as deprecated, please use DOMPurify 3.4.5 instead 🚨

---

Configuration

📅 Schedule: Branch creation - Every minute ( * * * * * ) in timezone UTC, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

---

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: f60f7cd0-845b-4401-92b8-53edf8d893c9

📥 Commits

Reviewing files that changed from the base of the PR and between 1927f45 and 1397e06.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json

---

📝 Walkthrough

Walkthrough

This PR updates the dompurify dependency from version 3.4.3 to 3.4.5 in both the dependencies and overrides fields of package.json.

Changes

Dependency Version Updates

Layer / File(s)	Summary
dompurify version bump package.json	dompurify is bumped from 3.4.3 to 3.4.5 in both dependencies and overrides.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• openshift/lightspeed-console#1989: Both PRs modify package.json to bump the dompurify version in dependencies and overrides (from 3.4.2→3.4.3 vs 3.4.3→3.4.5).
• openshift/lightspeed-console#1990: The main PR bumps dompurify in package.json from 3.4.3 to 3.4.5 (including overrides), while the retrieved PR updates dompurify from 3.4.2 to 3.4.3 in the same fields—both directly change the same dependency version entries.

Suggested labels

lgtm, approved

Suggested reviewers

• kyoto
• xrajesh

Poem

🐰 A tiny hop in version's way,
From three-point-four, three to five-dot-two,
The DOM purifier gets an upgrade today,
Cleaner, safer HTML shines through!

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately and specifically describes the main change: updating the dompurify dependency from v3.4.3 to v3.4.5, which is the only modification in the changeset.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch konflux/mintmaker/release-4.19/dompurify-3.x

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[kyoto]

/approve
/lgtm
/retest

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: kyoto

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [kyoto]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment