Bump dompurify from 3.3.2 to 3.3.3

[dependabot]

Bumps dompurify from 3.3.2 to 3.3.3.

Release notes

Sourced from dompurify's releases.

DOMPurify 3.3.3

• Fixed an engine requirement for Node 20 which caused hiccups, thanks @​Rotzbua

Commits

• 8bcbf73 chore: Preparing 3.3.3 release
• 5faddd6 fix: engine requirement (#1210)
• 0f91e3a Update README.md
• d5ff1a8 Merge branch 'main' of github.com:cure53/DOMPurify
• c3efd48 fix: moved back from jsdom 28 to jsdom 20
• 988b888 fix: moved back from jsdom 28 to jsdom 20
• 2726c74 chore: Preparing 3.3.2 release
• 6202c7e build(deps): bump @​tootallnate/once and jsdom (#1204)
• 302b51d fix: Expanded the regex ever so slightly to also cover script
• cd85175 Merge branch 'main' of github.com:cure53/DOMPurify
• Additional commits viewable in compare view

[rtibblesbot]

Dependency Update Review

Package: dompurify 3.3.2 → 3.3.3
Semver risk: Patch
Dependency type: Production
CI status: Passing

Changelog Analysis

Sources consulted:

• Release notes v3.3.3
• Compare 3.3.2...3.3.3

Breaking changes: None.

Security fixes: None.

Notable changes:

• Fixed an overly strict Node.js engine requirement that caused installation issues in some environments (PR #1210). The engines field was relaxed since the published package contains finished builds with no direct Node version requirement.
• Internal-only changes: dev dependency updates, test infrastructure maintenance (QUnit, jsdom), README updates.

Compatibility Assessment

• Project uses affected APIs: No — this is a packaging metadata fix, not an API change.
• Peer dependency changes: None.
• Code changes required: None.
• Lockfile: dompurify bump plus normal transitive resolution changes (@babel/core 7.28.6 → 7.29.0 from lock regeneration). No unexpected additions.

Recommendation

APPROVE — Minimal-risk patch release fixing only a Node engine constraint. No API or behavioral changes. CI passing.

---

@rtibblesbot's comments are generated by an LLM, and should be evaluated accordingly

How was this generated?

Reviewed the pull request diff checking for:

• Correctness: bugs, edge cases, undocumented behavior, resource leaks, hardcoded values
• Design: unnecessary complexity, naming, readability, comment accuracy, redundant state
• Architecture: duplicated concerns, minimal interfaces, composition over inheritance
• Testing: behavior-based assertions, mocks only at hard boundaries, accurate coverage
• Completeness: missing dependencies, unupdated usages, i18n, accessibility, security
• Principles: DRY (same reason to change), SRP, Rule of Three (no premature abstraction)
• Checked CI status and linked issue acceptance criteria
• For UI changes: inspected screenshots for layout, visual completeness, and consistency

[github-actions]

Build Artifacts

Asset type	Download link
PEX file	kolibri-0.20.0.dev0_git.20260331203057.pex
Windows Installer (EXE)	kolibri-0.20.0.dev0+git.20260331203057-windows-setup-unsigned.exe
Debian Package	kolibri_0.20.0.dev0+git.20260331203057-0ubuntu1_all.deb
Mac Installer (DMG)	kolibri-0.20.0.dev0+git.20260331203057.dmg
Android Package (APK)	kolibri-0.20.0.dev0+git.20260331203057-0.1.7-debug.apk
Raspberry Pi Image	kolibri-pi-image-0.20.0.dev0+git.20260331203057.zip
TAR file	kolibri-0.20.0.dev0+git.20260331203057.tar.gz
WHL file	kolibri-0.20.0.dev0+git.20260331203057-py2.py3-none-any.whl

Smoke test screenshot

Download screenshot