Upgrade `dompurify` to version `3.2.6` in order to patch `CVE-2025-48050` vulnerability

[zeraye]

There is vulnerability CVE-2025-48050 with CVSS v3 score of 7.5 (High), see on nvd.nist.gov site. Upgrade to dompurify version 3.2.6 would patch this issue. It's not as easy as bumping version, because some tests fail after upgrade. Order of attributes have changed, so tests fail with issues like:

- <div class=\"renderedMarkdown\"><p><img title=\"Image title\" alt=\"Image alt text\" src=\"http://image.source\"></p></div>
+ <div class=\"renderedMarkdown\"><p><img src=\"http://image.source\" alt=\"Image alt text\" title=\"Image title\"></p></div>

Not sure if any users rely on attribute order. If it's just about fixing tests, I can send a PR to update them and upgrade dompurify.