fix(security): update DOMpurify to fix potential xss vulnerability

package.json

@@ -82,18 +82,18 @@
     "@ngx-translate/core": "^11.0.1",
     "@ngx-translate/http-loader": "^4.0.0",
     "core-js": "^2.6.1",
-    "dompurify": "^1.0.9",
+    "dompurify": "^2.0.7",
     "excel-builder-webpack": "^1.0.3",
     "flatpickr": ">=4.5.0",
     "font-awesome": "^4.7.0",
-    "jquery": ">=3.2.1",
+    "jquery": ">=3.4.1",
     "jquery-ui-dist": "^1.12.1",
     "lodash.isequal": "^4.5.0",
     "moment-mini": "^2.22.1",
     "rxjs": "^6.3.3",
     "slickgrid": "^2.4.16",
     "text-encoding-utf-8": "^1.0.2",
-    "tslib": "^1.9.3",
+    "tslib": "^1.10.0",
     "vinyl-paths": "^2.1.0"
   },
   "devDependencies": {
@@ -113,21 +113,21 @@
     "@angular/router": "^7.2.15",
     "@ng-select/ng-select": "^2.15.3",
     "@types/flatpickr": "^3.1.2",
-    "@types/jest": "^24.0.18",
-    "@types/jquery": "^3.3.29",
+    "@types/jest": "^24.0.25",
+    "@types/jquery": "^3.3.31",
     "@types/moment": "^2.13.0",
-    "@types/node": "^10.12.15",
+    "@types/node": "^13.1.4",
     "@types/text-encoding-utf-8": "^1.0.1",
     "babel-jest": "^24.9.0",
     "bootstrap": "3.4.1",
-    "codecov": "^3.3.0",
+    "codecov": "^3.6.1",
     "codelyzer": "~4.5.0",
-    "conventional-changelog": "^3.1.8",
-    "copyfiles": "^2.1.0",
-    "cross-env": "^5.2.0",
+    "conventional-changelog": "^3.1.18",
+    "copyfiles": "^2.1.1",
+    "cross-env": "^6.0.3",
     "custom-event-polyfill": "^1.0.7",
-    "del": "^3.0.0",
-    "del-cli": "^1.1.0",
+    "del": "^5.1.0",
+    "del-cli": "^3.0.0",
     "gulp": "^4.0.2",
     "gulp-bump": "^3.1.3",
     "gulp-sass": "^4.0.2",
@@ -138,11 +138,11 @@
     "jest-preset-angular": "^6.0.1",
     "ng-packagr": "~5.3.0",
     "ngx-bootstrap": "^4.3.0",
-    "node-sass": "^4.12.0",
+    "node-sass": "^4.13.0",
     "npm-run-all": "^4.1.5",
-    "postcss-cli": "^6.0.1",
+    "postcss-cli": "^6.1.3",
     "require-dir": "^1.2.0",
-    "rimraf": "^2.6.3",
+    "rimraf": "^3.0.0",
     "run-sequence": "^2.2.1",
     "standard-version": "^6.0.1",
     "ts-node": "~3.3.0",

src/app/examples/grid-editor.component.ts

@@ -385,6 +385,8 @@ export class GridEditorComponent implements OnInit {
         minWidth: 100,
         filterable: true,
         formatter: taskFormatter,
+        exportWithFormatter: true,
+        sanitizeDataExport: true,
         sortable: true,
         type: FieldType.string,
         editor: {

src/app/modules/angular-slickgrid/editors/selectEditor.ts

@@ -1,4 +1,8 @@
 import { TranslateService } from '@ngx-translate/core';
+import { Subscription } from 'rxjs';
+import * as DOMPurify_ from 'dompurify';
+const DOMPurify = DOMPurify_; // patch to fix rollup to work
+
 import { Constants } from '../constants';
 import {
   CollectionCustomStructure,
@@ -16,9 +20,6 @@ import {
 } from './../models/index';
 import { CollectionService } from '../services/index';
 import { charArraysEqual, findOrDefault, getDescendantProperty, htmlEncode, setDeepValue, unsubscribeAllObservables } from '../services/utilities';
-import { Subscription } from 'rxjs';
-import * as DOMPurify_ from 'dompurify';
-const DOMPurify = DOMPurify_; // patch to fix rollup to work
 
 // using external non-typed js libraries
 declare var $: any;

src/app/modules/angular-slickgrid/extensions/rowDetailViewExtension.ts

@@ -1,13 +1,14 @@
 import { ApplicationRef, ComponentRef, Injectable, Type, ViewContainerRef } from '@angular/core';
+import { Observable, Subject, Subscription } from 'rxjs';
+import * as DOMPurify_ from 'dompurify';
+const DOMPurify = DOMPurify_; // patch to fix rollup to work
+
 import { Column, Extension, ExtensionName, GridOption, SlickEventHandler } from '../models/index';
 import { ExtensionUtility } from './extensionUtility';
 import { AngularUtilService } from '../services/angularUtil.service';
 import { FilterService } from '../services/filter.service';
 import { SharedService } from '../services/shared.service';
 import { addToArrayWhenNotExists, castToPromise, unsubscribeAllObservables } from '../services/utilities';
-import { Observable, Subject, Subscription } from 'rxjs';
-import * as DOMPurify_ from 'dompurify';
-const DOMPurify = DOMPurify_; // patch to fix rollup to work
 
 // using external non-typed js libraries
 declare var Slick: any;

src/app/modules/angular-slickgrid/filters/selectFilter.ts

@@ -1,5 +1,9 @@
 import { Optional } from '@angular/core';
 import { TranslateService } from '@ngx-translate/core';
+import { Observable, Subject, Subscription } from 'rxjs';
+import * as DOMPurify_ from 'dompurify';
+const DOMPurify = DOMPurify_; // patch to fix rollup to work
+
 import {
   CollectionCustomStructure,
   CollectionOption,
@@ -19,9 +23,6 @@ import { Constants } from './../constants';
 import { Locale } from './../models/locale.interface';
 import { CollectionService } from './../services/collection.service';
 import { castToPromise, getDescendantProperty, htmlEncode, unsubscribeAllObservables } from '../services/utilities';
-import { Observable, Subject, Subscription } from 'rxjs';
-import * as DOMPurify_ from 'dompurify';
-const DOMPurify = DOMPurify_; // patch to fix rollup to work
 
 // using external non-typed js libraries
 declare var $: any;

src/app/modules/angular-slickgrid/formatters/hyperlinkFormatter.ts

@@ -1,8 +1,9 @@
-import { Column } from './../models/column.interface';
-import { Formatter } from './../models/formatter.interface';
 import * as DOMPurify_ from 'dompurify';
 const DOMPurify = DOMPurify_; // patch to fix rollup to work
 
+import { Column } from './../models/column.interface';
+import { Formatter } from './../models/formatter.interface';
+
 /**
  * Takes an hyperlink cell value and transforms it into a real hyperlink, given that the value starts with 1 of these (http|ftp|https).
  * The structure will be "<a href="hyperlink">hyperlink</a>"

src/app/modules/angular-slickgrid/models/gridOption.interface.ts

@@ -360,7 +360,7 @@ export interface GridOption {
   };
 
   /**
-   * Optionally pass some options to the 3rd party lib "cure32/DOMPurify" used in some Filters.
+   * Optionally pass some options to the 3rd party lib "cure53/DOMPurify" used in some Filters.
    * For this to work, "enableRenderHtml" as to be enabled.
    */
   sanitizeHtmlOptions?: any;