Bump isomorphic-dompurify from 2.36.0 to 3.9.0 in /frontend

[dependabot]

Bumps isomorphic-dompurify from 2.36.0 to 3.9.0.

Release notes

Sourced from isomorphic-dompurify's releases.

3.9.0: Updated dompurify and others

What's Changed

• Updated DOMPurify to 3.4.0
• Updated dev dependencies (Biome, Vitest)

Full Changelog: kkomelin/isomorphic-dompurify@3.8.0...3.9.0

3.8.0: Updated dependencies

Dependency updates:

• bump jsdom from 29.0.1 to 29.0.2
• bump @​biomejs/biome from 2.4.8 to 2.4.10
• bump vitest from 4.1.1 to 4.1.3
• bump lefthook from 2.1.4 to 2.1.5

3.7.1

Bug Fix

• Fixed missing browser type declarations — browser.d.ts and browser.d.mts were not included in the 3.7.0 published package due to a race condition in the build process. This caused TS7016: Could not find a declaration file for module 'isomorphic-dompurify' errors in tsgo and TypeScript 6 when resolving through the default (browser) exports condition. (#411)

Thanks to @​asterikx and @​ElPrudi for their help with the issue.

3.7.0: TypeScript 6 compatibility

TypeScript 6 compatibility fixes:

• Add explicit type annotation for sanitize to satisfy TS6
• Silence baseUrl deprecation warning from tsup dts build in TS6

Dependency updates:

• bump typescript from 5.9.3 to 6.0.2
• bump vitest from 4.1.0 to 4.1.1

3.6.0: Updated dependencies

Dependency updates:

• bump jsdom from 29.0.0 to 29.0.1
• bump @​types/jsdom from 28.0.0 to 28.0.1
• bump @​biomejs/biome from 2.4.7 to 2.4.8

3.5.1

Fix outdated build artifacts published in 3.5.0.

3.5.0: Add factory function support

What's new

Features

• The default export is now callable as a factory function, matching the dompurify API — DOMPurify(window) now returns a new DOMPurify instance bound to the given window (#405)

Bug fixes

• Fixed isEqualNode returning false when comparing RETURN_DOM + FORCE_BODY output against nodes from a separate JSDOM context (#405)

Thanks to @​probablykasper for helping with this release.

... (truncated)

Commits

• 8ca0afa chore: Incremented project version.
• a544f3c chore: Upated deps.
• d2daec3 chore(deps): bump dompurify from 3.3.3 to 3.4.0
• 2d121b0 chore(deps-dev): bump @​biomejs/biome from 2.4.11 to 2.4.12
• 5e36187 chore(deps-dev): bump @​biomejs/biome from 2.4.10 to 2.4.11
• 06b4ce4 chore(deps-dev): bump vitest from 4.1.3 to 4.1.4
• 40c0ced chore(release): bump version to 3.8.0 and update dep ranges
• 1493745 chore(deps): bump jsdom from 29.0.1 to 29.0.2
• 772dbc8 chore(deps-dev): bump vitest from 4.1.2 to 4.1.3
• 5c426c9 chore(deps-dev): bump lefthook from 2.1.4 to 2.1.5
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)