Bump dompurify from 2.3.6 to 2.4.5

[dependabot[bot]]

Bumps dompurify from 2.3.6 to 2.4.5.

Release notes

Sourced from dompurify's releases.

DOMPurify 2.4.5

• Fixed a problem with improper reset of custom HTML options, thanks @​ammaraskar

DOMPurify 2.4.4

• Added support for ALLOW_SELF_CLOSE_IN_ATTR flag, thanks @​edg2s @​AndreVirtimo
• Added better support for shadowrootmode, thanks @​mfreed7

DOMPurify 2.4.3

• Final release that is compatible with MSIE10 & MSIE 11

DOMPurify 2.4.2

• Fixed a Trusted Types sink violation with empty input and NAMESPACE , thanks @​tosmolka
• Fixed a Prototype Pollution issue discovered and reported by @​kevin-mizu

DOMPurify 2.4.1

• Added new config option ALLOWED_NAMESPACES for better XML handling, thanks @​kevin-deyoungster @​tosmolka
• Added better detection of template literals when SAFE_FOR_TEMPLATES is true
• Fixed an exception caused by DOM clobbering, thanks @​masatokinugawa
• Bumped some dependencies, thanks @​marcpenya-tf

DOMPurify 2.4.0

• Removed bundled types again as they caused too much trouble

DOMPurify 2.3.12

• Fixed an issue in 2.3.11 causing errors w. TypeScript, see #712, thanks @​Mirco469, @​brentkeller, @​aryanisml

DOMPurify 2.3.11

• Added generated type definitions for better compatibility
• Added SANITIZE_NAMED_PROPS config option, thanks @​SoheilKhodayari
• Updated README and config documentation, thanks @​0xedward
• Updated test suite with newer Node versions

DOMPurify 2.3.10

• Added support for sanitization of attributes requiring Trusted Types, thanks @​tosmolka

DOMPurify 2.3.9

• Made TAG and ATTR config options case-sensitive when parsing XHTML, thanks @​tosmolka
• Bumped some dependencies, thanks @​is2ei
• Included github-actions in the dependabot config, thanks @​nathannaveen

DOMPurify 2.3.8

• Cleaned up a minor issue with the 2.3.7 release, thanks @​johnbirds

No other changes compared to 2.3.7 release, which entail:

• Fixes around a bug in Safari, thanks @​sybrew
• Slightly improved performance, thanks @​tiny-ben-tran
• Lots of chores, bumps and typo fixes, thanks @​is2ei
• Removed unnecessary string trimming, thanks @​christopherehlen

Commits

• f464d95 chore: preparing 2.4.5 release
• fa4e8ee chore: preparing 2.4.4 release
• f5c25ac see #767
• 08e9fab test: Added 2.x tag to 2.x branch actions
• 5f766bc See #761
• 90326ef Merge pull request #750 from cure53/dependabot/npm_and_yarn/json5-1.0.2
• fade506 chore: Prepare 2.4.3, final feature release compatible w. MSIE10/11
• 3afe389 build(deps): bump json5 from 1.0.1 to 1.0.2
• f1e180f fix: merged from latest main
• 7707778 Update README.md
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)