From 08b801330459edcf84bbc7a3d9468fd7669a8ac4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 12 Dec 2024 21:27:17 +0000
Subject: [PATCH] Bump dompurify from 2.4.5 to 2.5.8 in /apps/scorecard

Bumps [dompurify](https://github.com/cure53/DOMPurify) from 2.4.5 to 2.5.8.
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](https://github.com/cure53/DOMPurify/compare/2.4.5...2.5.8)

---
updated-dependencies:
- dependency-name: dompurify
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 apps/scorecard/package-lock.json | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/apps/scorecard/package-lock.json b/apps/scorecard/package-lock.json
index 764e038950..7da85b60ca 100644
--- a/apps/scorecard/package-lock.json
+++ b/apps/scorecard/package-lock.json
@@ -5956,10 +5956,9 @@
       }
     },
     "dompurify": {
-      "version": "2.4.5",
-      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.4.5.tgz",
-      "integrity": "sha512-jggCCd+8Iqp4Tsz0nIvpcb22InKEBrGz5dw3EQJMs8HPJDsKbFIO3STYtAvCfDx26Muevn1MHVI0XxjgFfmiSA==",
-      "optional": true
+      "version": "2.5.8",
+      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.5.8.tgz",
+      "integrity": "sha512-o1vSNgrmYMQObbSSvF/1brBYEQPHhV1+gsmrusO7/GXtp1T9rCS8cXFqVxK/9crT1jA6Ccv+5MTSjBNqr7Sovw=="
     },
     "downsample-lttb": {
       "version": "0.0.1",