fix(deps): update dependency dompurify to ^3.4.5 (main)

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
dompurify	^3.4.3 → ^3.4.5

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

cure53/DOMPurify (dompurify)

v3.4.5

Compare Source

v3.4.4: DOMPurify 3.4.4

Compare Source

• Added the selectedcontent element to default allow-list, thanks @​lukewarlow
• Added the command and commandfor attributes to default allowed-list, thanks @​lukewarlow
• Added better template scrubbing for IN_PLACE operations, thanks @​DEMON1A
• Added stronger checks for cross-realm windows, thanks @​DEMON1A & @​fg0x0
• Updated demo website and made sure it uses the latest from main
• Updated existing workflows, fuzzer, dependabot, etc., added more tests
• Bumped several dependencies where possible

---

Configuration

📅 Schedule: (in timezone Europe/Berlin)

• Branch creation
  • "every weekend"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ️ Artifact update notice

File name: package-lock.json

npm --before could not be enforced because existing locked packages were published after the minimumReleaseAge cutoff. This will resolve after the next lock file maintenance run.