From 33663d4b73cc641ae7c24522141730c28de30284 Mon Sep 17 00:00:00 2001
From: Bill Thornton <thornbill@users.noreply.github.com>
Date: Mon, 14 Oct 2024 12:29:15 -0400
Subject: [PATCH 1/2] Rollback to dompurify v2 for legacy support

---
 package-lock.json | 14 +++++++-------
 package.json      |  2 +-
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 2ebb47e5c3..8bf87c139c 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -32,7 +32,7 @@
         "classnames": "2.5.1",
         "core-js": "3.38.1",
         "date-fns": "2.30.0",
-        "dompurify": "3.0.1",
+        "dompurify": "2.5.7",
         "epubjs": "0.3.93",
         "escape-html": "1.0.3",
         "fast-text-encoding": "1.0.6",
@@ -10191,9 +10191,9 @@
       ]
     },
     "node_modules/dompurify": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.0.1.tgz",
-      "integrity": "sha512-60tsgvPKwItxZZdfLmamp0MTcecCta3avOhsLgPZ0qcWt96OasFfhkeIRbJ6br5i0fQawT1/RBGB5L58/Jpwuw=="
+      "version": "2.5.7",
+      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.5.7.tgz",
+      "integrity": "sha512-2q4bEI+coQM8f5ez7kt2xclg1XsecaV9ASJk/54vwlfRRNQfDqJz2pzQ8t0Ix/ToBpXlVjrRIx7pFC/o8itG2Q=="
     },
     "node_modules/domutils": {
       "version": "1.7.0",
@@ -32794,9 +32794,9 @@
       }
     },
     "dompurify": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.0.1.tgz",
-      "integrity": "sha512-60tsgvPKwItxZZdfLmamp0MTcecCta3avOhsLgPZ0qcWt96OasFfhkeIRbJ6br5i0fQawT1/RBGB5L58/Jpwuw=="
+      "version": "2.5.7",
+      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-2.5.7.tgz",
+      "integrity": "sha512-2q4bEI+coQM8f5ez7kt2xclg1XsecaV9ASJk/54vwlfRRNQfDqJz2pzQ8t0Ix/ToBpXlVjrRIx7pFC/o8itG2Q=="
     },
     "domutils": {
       "version": "1.7.0",
diff --git a/package.json b/package.json
index 664ad179c4..536717b049 100644
--- a/package.json
+++ b/package.json
@@ -93,7 +93,7 @@
     "classnames": "2.5.1",
     "core-js": "3.38.1",
     "date-fns": "2.30.0",
-    "dompurify": "3.0.1",
+    "dompurify": "2.5.7",
     "epubjs": "0.3.93",
     "escape-html": "1.0.3",
     "fast-text-encoding": "1.0.6",

From 016fc1fdba7206c61e2a279b4eed980a9ae097cf Mon Sep 17 00:00:00 2001
From: Bill Thornton <thornbill@users.noreply.github.com>
Date: Mon, 14 Oct 2024 13:20:52 -0400
Subject: [PATCH 2/2] Disable dompurify major updates from renovate

---
 .github/renovate.json | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/renovate.json b/.github/renovate.json
index 200d5e43e7..2fc0eb8728 100644
--- a/.github/renovate.json
+++ b/.github/renovate.json
@@ -10,6 +10,11 @@
       "followTag": "unstable",
       "minimumReleaseAge": null,
       "schedule": [ "after 7:00 am" ]
+    },
+    {
+      "matchPackageNames": ["dompurify"],
+      "matchUpdateTypes": ["major"],
+      "enabled": false
     }
   ]
 }