From ed4b527b48050213198585935e69164745eb7559 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 16 Apr 2026 13:15:37 -0400
Subject: [PATCH 1/3] chore(deps): bump dompurify from 3.3.3 to 3.4.0 in
 /src/ui (#285)

Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.3.3 to 3.4.0.
- [Release notes](https://github.com/cure53/DOMPurify/releases)
- [Commits](https://github.com/cure53/DOMPurify/compare/3.3.3...3.4.0)

---
updated-dependencies:
- dependency-name: dompurify
  dependency-version: 3.4.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 src/ui/package-lock.json | 8 ++++----
 src/ui/package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/ui/package-lock.json b/src/ui/package-lock.json
index b6c5d9a2e..595e7681e 100644
--- a/src/ui/package-lock.json
+++ b/src/ui/package-lock.json
@@ -37,7 +37,7 @@
         "axios": "^1.12.1",
         "brace-expansion": "^2.0.3",
         "chart.js": "^4.5.0",
-        "dompurify": "^3.3.2",
+        "dompurify": "^3.4.0",
         "form-data": "^4.0.4",
         "immer": "^10.1.3",
         "js-yaml": "^4.1.1",
@@ -12108,9 +12108,9 @@
       }
     },
     "node_modules/dompurify": {
-      "version": "3.3.3",
-      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.3.3.tgz",
-      "integrity": "sha512-Oj6pzI2+RqBfFG+qOaOLbFXLQ90ARpcGG6UePL82bJLtdsa6CYJD7nmiU8MW9nQNOtCHV3lZ/Bzq1X0QYbBZCA==",
+      "version": "3.4.0",
+      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.4.0.tgz",
+      "integrity": "sha512-nolgK9JcaUXMSmW+j1yaSvaEaoXYHwWyGJlkoCTghc97KgGDDSnpoU/PlEnw63Ah+TGKFOyY+X5LnxaWbCSfXg==",
       "license": "(MPL-2.0 OR Apache-2.0)",
       "optionalDependencies": {
         "@types/trusted-types": "^2.0.7"
diff --git a/src/ui/package.json b/src/ui/package.json
index 6c2a577eb..9e107ce50 100644
--- a/src/ui/package.json
+++ b/src/ui/package.json
@@ -59,7 +59,7 @@
     "uuid": "^11.1.0",
     "vuera": "^0.2.7",
     "xlsx": "https://cdn.sheetjs.com/xlsx-0.20.2/xlsx-0.20.2.tgz",
-    "dompurify": "^3.3.2"
+    "dompurify": "^3.4.0"
   },
   "scripts": {
     "dev": "vite",

From 198a49021c5dff02570ae7ed76f1b61348ae607e Mon Sep 17 00:00:00 2001
From: Bob Strahan <strahanr@amazon.com>
Date: Thu, 16 Apr 2026 13:16:22 -0400
Subject: [PATCH 2/3] Revert "chore(deps): bump dompurify from 3.3.3 to 3.4.0
 in /src/ui (#285)" (#287)

This reverts commit ed4b527b48050213198585935e69164745eb7559.
---
 src/ui/package-lock.json | 8 ++++----
 src/ui/package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/ui/package-lock.json b/src/ui/package-lock.json
index 595e7681e..b6c5d9a2e 100644
--- a/src/ui/package-lock.json
+++ b/src/ui/package-lock.json
@@ -37,7 +37,7 @@
         "axios": "^1.12.1",
         "brace-expansion": "^2.0.3",
         "chart.js": "^4.5.0",
-        "dompurify": "^3.4.0",
+        "dompurify": "^3.3.2",
         "form-data": "^4.0.4",
         "immer": "^10.1.3",
         "js-yaml": "^4.1.1",
@@ -12108,9 +12108,9 @@
       }
     },
     "node_modules/dompurify": {
-      "version": "3.4.0",
-      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.4.0.tgz",
-      "integrity": "sha512-nolgK9JcaUXMSmW+j1yaSvaEaoXYHwWyGJlkoCTghc97KgGDDSnpoU/PlEnw63Ah+TGKFOyY+X5LnxaWbCSfXg==",
+      "version": "3.3.3",
+      "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.3.3.tgz",
+      "integrity": "sha512-Oj6pzI2+RqBfFG+qOaOLbFXLQ90ARpcGG6UePL82bJLtdsa6CYJD7nmiU8MW9nQNOtCHV3lZ/Bzq1X0QYbBZCA==",
       "license": "(MPL-2.0 OR Apache-2.0)",
       "optionalDependencies": {
         "@types/trusted-types": "^2.0.7"
diff --git a/src/ui/package.json b/src/ui/package.json
index 9e107ce50..6c2a577eb 100644
--- a/src/ui/package.json
+++ b/src/ui/package.json
@@ -59,7 +59,7 @@
     "uuid": "^11.1.0",
     "vuera": "^0.2.7",
     "xlsx": "https://cdn.sheetjs.com/xlsx-0.20.2/xlsx-0.20.2.tgz",
-    "dompurify": "^3.4.0"
+    "dompurify": "^3.3.2"
   },
   "scripts": {
     "dev": "vite",

From fc0af347868007fe977b78ef82e07a87bd4480dc Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 21 Apr 2026 18:09:09 +0000
Subject: [PATCH 3/3] chore(deps): bump nbconvert from 7.17.0 to 7.17.1 in
 /lib/idp_common_pkg

Bumps [nbconvert](https://github.com/jupyter/nbconvert) from 7.17.0 to 7.17.1.
- [Release notes](https://github.com/jupyter/nbconvert/releases)
- [Changelog](https://github.com/jupyter/nbconvert/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jupyter/nbconvert/compare/v7.17.0...v7.17.1)

---
updated-dependencies:
- dependency-name: nbconvert
  dependency-version: 7.17.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 lib/idp_common_pkg/uv.lock | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/idp_common_pkg/uv.lock b/lib/idp_common_pkg/uv.lock
index 33f654a25..3090439ca 100644
--- a/lib/idp_common_pkg/uv.lock
+++ b/lib/idp_common_pkg/uv.lock
@@ -930,7 +930,7 @@ wheels = [
 
 [[package]]
 name = "idp-common"
-version = "0.5.6"
+version = "0.5.7"
 source = { editable = "." }
 dependencies = [
     { name = "boto3" },
@@ -1944,7 +1944,7 @@ wheels = [
 
 [[package]]
 name = "nbconvert"
-version = "7.17.0"
+version = "7.17.1"
 source = { registry = "https://pypi.org/simple" }
 dependencies = [
     { name = "beautifulsoup4" },
@@ -1962,9 +1962,9 @@ dependencies = [
     { name = "pygments" },
     { name = "traitlets" },
 ]
-sdist = { url = "https://files.pythonhosted.org/packages/38/47/81f886b699450d0569f7bc551df2b1673d18df7ff25cc0c21ca36ed8a5ff/nbconvert-7.17.0.tar.gz", hash = "sha256:1b2696f1b5be12309f6c7d707c24af604b87dfaf6d950794c7b07acab96dda78", size = 862855, upload-time = "2026-01-29T16:37:48.478Z" }
+sdist = { url = "https://files.pythonhosted.org/packages/01/b1/708e53fe2e429c103c6e6e159106bcf0357ac41aa4c28772bd8402339051/nbconvert-7.17.1.tar.gz", hash = "sha256:34d0d0a7e73ce3cbab6c5aae8f4f468797280b01fd8bd2ca746da8569eddd7d2", size = 865311, upload-time = "2026-04-08T00:44:14.914Z" }
 wheels = [
-    { url = "https://files.pythonhosted.org/packages/0d/4b/8d5f796a792f8a25f6925a96032f098789f448571eb92011df1ae59e8ea8/nbconvert-7.17.0-py3-none-any.whl", hash = "sha256:4f99a63b337b9a23504347afdab24a11faa7d86b405e5c8f9881cd313336d518", size = 261510, upload-time = "2026-01-29T16:37:46.322Z" },
+    { url = "https://files.pythonhosted.org/packages/67/f8/bb0a9d5f46819c821dc1f004aa2cc29b1d91453297dbf5ff20470f00f193/nbconvert-7.17.1-py3-none-any.whl", hash = "sha256:aa85c087b435e7bf1ffd03319f658e285f2b89eccab33bc1ba7025495ab3e7c8", size = 261927, upload-time = "2026-04-08T00:44:12.845Z" },
 ]
 
 [[package]]