diff --git a/frontend/package-lock.json b/frontend/package-lock.json
index 34d3eefb73..e861608bad 100644
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
@@ -17,8 +17,10 @@
"classnames": "^2.5.1",
"date-fns": "^4.1.0",
"date-fns-tz": "^3.2.0",
+ "dompurify": "^3.3.1",
"flag-icons": "^7.2.3",
"formik": "^2.4.6",
+ "http-proxy-middleware": "^2.0.6",
"js-cookie": "^3.0.5",
"md5": "^2.3.0",
"prop-types": "^15.8.1",
@@ -55,7 +57,6 @@
"eslint-plugin-jsx-a11y": "^6.10.0",
"eslint-plugin-react": "^7.37.1",
"eslint-plugin-react-hooks": "^4.6.2",
- "http-proxy-middleware": "^2.0.6",
"jest": "^29.7.0",
"jest-environment-jsdom": "^29.7.0",
"prettier": "^3.3.3",
@@ -5277,9 +5278,10 @@
"dev": true
},
"node_modules/@types/trusted-types": {
- "version": "2.0.3",
- "resolved": "https://registry.npmjs.org/@types/trusted-types/-/trusted-types-2.0.3.tgz",
- "integrity": "sha512-NfQ4gyz38SL8sDNrSixxU2Os1a5xcdFxipAFxYEuLUlvU2uDwS4NUpsImcf1//SlWItCVMMLiylsxbmNMToV/g=="
+ "version": "2.0.7",
+ "resolved": "https://registry.npmjs.org/@types/trusted-types/-/trusted-types-2.0.7.tgz",
+ "integrity": "sha512-ScaPdn1dQczgbl0QFTeTOmVHFULt394XJgOQNoyVhZ6r2vLnMLJfBPd53SB52T/3G36VI1/g2MZaX0cwDuXsfw==",
+ "license": "MIT"
},
"node_modules/@types/unist": {
"version": "2.0.7",
@@ -8673,6 +8675,15 @@
"url": "https://github.com/fb55/domhandler?sponsor=1"
}
},
+ "node_modules/dompurify": {
+ "version": "3.3.1",
+ "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.3.1.tgz",
+ "integrity": "sha512-qkdCKzLNtrgPFP1Vo+98FRzJnBRGe4ffyCea9IwHB1fyxPOeNTHpLKYGd4Uk9xvNoH0ZoOjwZxNptyMwqrId1Q==",
+ "license": "(MPL-2.0 OR Apache-2.0)",
+ "optionalDependencies": {
+ "@types/trusted-types": "^2.0.7"
+ }
+ },
"node_modules/domutils": {
"version": "2.8.0",
"resolved": "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz",
@@ -28224,9 +28235,9 @@
"dev": true
},
"@types/trusted-types": {
- "version": "2.0.3",
- "resolved": "https://registry.npmjs.org/@types/trusted-types/-/trusted-types-2.0.3.tgz",
- "integrity": "sha512-NfQ4gyz38SL8sDNrSixxU2Os1a5xcdFxipAFxYEuLUlvU2uDwS4NUpsImcf1//SlWItCVMMLiylsxbmNMToV/g=="
+ "version": "2.0.7",
+ "resolved": "https://registry.npmjs.org/@types/trusted-types/-/trusted-types-2.0.7.tgz",
+ "integrity": "sha512-ScaPdn1dQczgbl0QFTeTOmVHFULt394XJgOQNoyVhZ6r2vLnMLJfBPd53SB52T/3G36VI1/g2MZaX0cwDuXsfw=="
},
"@types/unist": {
"version": "2.0.7",
@@ -30672,6 +30683,14 @@
"domelementtype": "^2.2.0"
}
},
+ "dompurify": {
+ "version": "3.3.1",
+ "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.3.1.tgz",
+ "integrity": "sha512-qkdCKzLNtrgPFP1Vo+98FRzJnBRGe4ffyCea9IwHB1fyxPOeNTHpLKYGd4Uk9xvNoH0ZoOjwZxNptyMwqrId1Q==",
+ "requires": {
+ "@types/trusted-types": "^2.0.7"
+ }
+ },
"domutils": {
"version": "2.8.0",
"resolved": "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz",
diff --git a/frontend/package.json b/frontend/package.json
index 735c9a9087..84efc07217 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -12,6 +12,7 @@
"classnames": "^2.5.1",
"date-fns": "^4.1.0",
"date-fns-tz": "^3.2.0",
+ "dompurify": "^3.3.1",
"flag-icons": "^7.2.3",
"formik": "^2.4.6",
"http-proxy-middleware": "^2.0.6",
diff --git a/frontend/src/components/jobs/notification/NotificationsList.jsx b/frontend/src/components/jobs/notification/NotificationsList.jsx
index 05030c68ae..e02a44cedb 100644
--- a/frontend/src/components/jobs/notification/NotificationsList.jsx
+++ b/frontend/src/components/jobs/notification/NotificationsList.jsx
@@ -1,5 +1,6 @@
import React from "react";
import PropTypes from "prop-types";
+import DOMPurify from "dompurify";
import {
ListGroup,
ListGroupItem,
@@ -43,7 +44,9 @@ export default function NotificationsList({ notifications, refetchFn }) {
{notif?.read === false && (