Vulnerablity on dompurify dependency for @triply/yars dependency

[carvilsi]

Hi,

There is a CVE-2024-45801 on dompurify for version < 2.5.4 that is used on https://github.com/TriplyDB/Yasgui/blob/master/packages/yasr/package.json#L38

Please any plan to patch it and release a new version for yasgui?

Thanks in advance.

[MBueschelberger]

Would also very appreciate a patch!

[yoavnash]

As a temporary solution, I found this fork, which tackled this issue:

• https://github.com/zazuko/Yasgui
• https://www.npmjs.com/package/@zazuko/yasgui