From 267065e75be2bbf41b3684539bccb98f90fbdb80 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 17 Jun 2026 05:30:23 +0000
Subject: [PATCH] build(deps): bump dompurify from 3.4.0 to 3.4.9

Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.4.0 to 3.4.9.
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](https://github.com/cure53/DOMPurify/compare/3.4.0...3.4.9)

---
updated-dependencies:
- dependency-name: dompurify
  dependency-version: 3.4.9
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 package.json | 2 +-
 yarn.lock    | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package.json b/package.json
index 5ac858466..3faa5ebff 100644
--- a/package.json
+++ b/package.json
@@ -43,7 +43,7 @@
     "cookies": "^0.8.0",
     "dgram": "^1.0.1",
     "docx": "^9.5.1",
-    "dompurify": "^3.4.0",
+    "dompurify": "^3.4.9",
     "dotenv": "^8.2.0",
     "eslint-config-next": "13",
     "exifr": "^7.1.3",
diff --git a/yarn.lock b/yarn.lock
index 867aba67d..9d8602bcb 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -4281,10 +4281,10 @@ domhandler@^4.2.0, domhandler@^4.3.1:
   dependencies:
     domelementtype "^2.2.0"
 
-dompurify@^3.3.1, dompurify@^3.4.0:
-  version "3.4.0"
-  resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-3.4.0.tgz#b1fc33ebdadb373241621e0a30e4ad81573dfd0b"
-  integrity sha512-nolgK9JcaUXMSmW+j1yaSvaEaoXYHwWyGJlkoCTghc97KgGDDSnpoU/PlEnw63Ah+TGKFOyY+X5LnxaWbCSfXg==
+dompurify@^3.3.1, dompurify@^3.4.9:
+  version "3.4.9"
+  resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-3.4.9.tgz#b036637b2df8997126b58837bc90f85dbcad6b2f"
+  integrity sha512-4dPSRMRDqHvs0V4YDFCsaIZo4if5u0xM+llyxiM2fwuZFdKArUBAF3VtI2+n8NKg9P870WMdYk0UhqQNoWXbfQ==
   optionalDependencies:
     "@types/trusted-types" "^2.0.7"