From b8931813de562c4e7096968398c064a96ae40ee0 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 21 May 2026 17:01:15 +0000
Subject: [PATCH] build(deps): bump sanitize-html from 2.17.3 to 2.17.4 in
 /Core

Bumps [sanitize-html](https://github.com/apostrophecms/apostrophe/tree/HEAD/packages/sanitize-html) from 2.17.3 to 2.17.4.
- [Changelog](https://github.com/apostrophecms/apostrophe/blob/main/packages/sanitize-html/CHANGELOG.md)
- [Commits](https://github.com/apostrophecms/apostrophe/commits/HEAD/packages/sanitize-html)

---
updated-dependencies:
- dependency-name: sanitize-html
  dependency-version: 2.17.4
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 Core/package-lock.json | 24 ++++++++++++++++++++----
 Core/package.json      |  2 +-
 2 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/Core/package-lock.json b/Core/package-lock.json
index 21d20c111..18202fe58 100644
--- a/Core/package-lock.json
+++ b/Core/package-lock.json
@@ -12,7 +12,7 @@
         "@openpgp/web-stream-tools": "^0.1.3",
         "encoding-japanese": "^2.2.0",
         "openpgp": "^6.2.0",
-        "sanitize-html": "^2.17.3",
+        "sanitize-html": "^2.17.4",
         "zxcvbn": "4.4.2"
       },
       "devDependencies": {
@@ -1256,6 +1256,12 @@
         "node": ">=6"
       }
     },
+    "node_modules/dayjs": {
+      "version": "1.11.20",
+      "resolved": "https://registry.npmjs.org/dayjs/-/dayjs-1.11.20.tgz",
+      "integrity": "sha512-YbwwqR/uYpeoP4pu043q+LTDLFBLApUP6VxRihdfNTqu4ubqMlGDLd6ErXhEgsyvY0K6nCs7nggYumAN+9uEuQ==",
+      "license": "MIT"
+    },
     "node_modules/debug": {
       "version": "4.4.3",
       "resolved": "https://registry.npmjs.org/debug/-/debug-4.4.3.tgz",
@@ -2133,6 +2139,15 @@
         "node": ">=0.10.0"
       }
     },
+    "node_modules/launder": {
+      "version": "1.7.1",
+      "resolved": "https://registry.npmjs.org/launder/-/launder-1.7.1.tgz",
+      "integrity": "sha512-mU6WRz5EusL9ZZuiZ5SO4Y6C0P9PAUR9iwdb6bzj4KDihm28DiHFw+/yk9DBH4f+Pv1wuzQ4e2jV3oQ7mkIqvw==",
+      "license": "MIT",
+      "dependencies": {
+        "dayjs": "^1.11.7"
+      }
+    },
     "node_modules/load-json-file": {
       "version": "7.0.1",
       "resolved": "https://registry.npmjs.org/load-json-file/-/load-json-file-7.0.1.tgz",
@@ -2860,15 +2875,16 @@
       }
     },
     "node_modules/sanitize-html": {
-      "version": "2.17.3",
-      "resolved": "https://registry.npmjs.org/sanitize-html/-/sanitize-html-2.17.3.tgz",
-      "integrity": "sha512-Kn4srCAo2+wZyvCNKCSyB2g8RQ8IkX/gQs2uqoSRNu5t9I2qvUyAVvRDiFUVAiX3N3PNuwStY0eNr+ooBHVWEg==",
+      "version": "2.17.4",
+      "resolved": "https://registry.npmjs.org/sanitize-html/-/sanitize-html-2.17.4.tgz",
+      "integrity": "sha512-2HW7v2ol/uAM7sX4hbD8Z59OGWmAPrvjL8E71UWlBcj6m+kcF6ilQBLny+cIgY214QJeJT5tQuxKKqX0SQqjGQ==",
       "license": "MIT",
       "dependencies": {
         "deepmerge": "^4.2.2",
         "escape-string-regexp": "^4.0.0",
         "htmlparser2": "^10.1.0",
         "is-plain-object": "^5.0.0",
+        "launder": "^1.7.1",
         "parse-srcset": "^1.0.2",
         "postcss": "^8.3.11"
       }
diff --git a/Core/package.json b/Core/package.json
index 0e67e1b97..a9a25ea8e 100644
--- a/Core/package.json
+++ b/Core/package.json
@@ -6,7 +6,7 @@
     "@openpgp/web-stream-tools": "^0.1.3",
     "encoding-japanese": "^2.2.0",
     "openpgp": "^6.2.0",
-    "sanitize-html": "^2.17.3",
+    "sanitize-html": "^2.17.4",
     "zxcvbn": "4.4.2"
   },
   "devDependencies": {