From 7acc49abdcf15dba67cb276bf8ca0d492f003608 Mon Sep 17 00:00:00 2001
From: Cam DeBuck <cdebuck@edg.io>
Date: Thu, 21 Aug 2025 12:31:41 -0600
Subject: [PATCH] updated dompurify version to resolve an issue with a critical
 vulnerbility

---
 dev-app/app.html | 2 +-
 package.json     | 4 ++--
 yarn.lock        | 8 ++++----
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/dev-app/app.html b/dev-app/app.html
index e78f9e2e..d71f618e 100644
--- a/dev-app/app.html
+++ b/dev-app/app.html
@@ -52,7 +52,7 @@
                     <c-nav-horizontal-item
                         position="right"
                         href="https://github.com/bindable-ui/bindable"
-                        title="v1.12.2"
+                        title="v1.12.3"
                     ></c-nav-horizontal-item>
                 </c-nav-horizontal>
             </l-box>
diff --git a/package.json b/package.json
index 9c370734..a45cd201 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
   "name": "@bindable-ui/bindable",
   "description": "An Aurelia component library",
-  "version": "1.12.2",
+  "version": "1.12.3",
   "repository": {
     "type": "git",
     "url": "https://github.com/bindable-ui/bindable"
@@ -81,7 +81,7 @@
   "dependencies": {
     "aurelia-dialog": "^2.0.0-rc.7",
     "aurelia-ui-virtualization": "^1.0.0-rc2",
-    "dompurify": "^2.3.6",
+    "dompurify": "^2.4.2",
     "eonasdan-bootstrap-datetimepicker": "^4.17.49",
     "jquery": "^3.6.0",
     "lodash": "^4.17.21",
diff --git a/yarn.lock b/yarn.lock
index 933edea3..ec0ca613 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -3196,10 +3196,10 @@ domhandler@^4.2.0:
   dependencies:
     domelementtype "^2.2.0"
 
-dompurify@^2.3.6:
-  version "2.4.5"
-  resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-2.4.5.tgz#0e89a27601f0bad978f9a924e7a05d5d2cccdd87"
-  integrity sha512-jggCCd+8Iqp4Tsz0nIvpcb22InKEBrGz5dw3EQJMs8HPJDsKbFIO3STYtAvCfDx26Muevn1MHVI0XxjgFfmiSA==
+dompurify@^2.4.2:
+  version "2.5.8"
+  resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-2.5.8.tgz#2809d89d7e528dc7a071dea440d7376df676f824"
+  integrity sha512-o1vSNgrmYMQObbSSvF/1brBYEQPHhV1+gsmrusO7/GXtp1T9rCS8cXFqVxK/9crT1jA6Ccv+5MTSjBNqr7Sovw==
 
 domutils@^1.7.0:
   version "1.7.0"