From 08c04251735aac7bcf4adc2da3994db11ee66bfb Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 4 Nov 2020 08:40:23 +0000
Subject: [PATCH] fix: package.json & package-lock.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-DOMPURIFY-1035544
---
 package-lock.json | 6 +++---
 package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 0ac83eb145fdb..068a15310c0a4 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -3366,9 +3366,9 @@
       }
     },
     "dompurify": {
-      "version": "2.0.15",
-      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.0.15.tgz",
-      "integrity": "sha512-8AnYW8iXOC7xC7K3FBvQ7+GdmtOsgDGZC5dDXaewCC674qcId7G5mhz5VIEnVShJVjQdlcaPjxpaOzaV9JC3Tg=="
+      "version": "2.2.2",
+      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.2.2.tgz",
+      "integrity": "sha512-BsGR4nDLaC5CNBnyT5I+d5pOeaoWvgVeg6Gq/aqmKYWMPR07131u60I80BvExLAJ0FQEIBQ1BTicw+C5+jOyrg=="
     },
     "duplexify": {
       "version": "3.7.1",
diff --git a/package.json b/package.json
index b542abb479a9b..33b2dcad18a81 100644
--- a/package.json
+++ b/package.json
@@ -50,7 +50,7 @@
     "css-vars-ponyfill": "^2.3.2",
     "davclient.js": "git+https://github.com/owncloud/davclient.js.git#0.2.1",
     "debounce": "^1.2.0",
-    "dompurify": "^2.0.15",
+    "dompurify": "^2.2.2",
     "escape-html": "^1.0.3",
     "handlebars": "^4.7.6",
     "jcrop": "git+https://github.com/ChristophWurst/Jcrop.git#v0.9.12-npm3",