Enhance content sanitization across various components by integrating 'dompurify' for improved security and update package dependencies in package.json and package-lock.json.

server/api/newsletter/groups/public-list.get.js

@@ -2,6 +2,8 @@ import fs from 'fs/promises'
 import path from 'path'
 import { getUserFromToken } from '../../../utils/auth.js'
 
+// nosemgrep: javascript.lang.security.audit.path-traversal.path-join-resolve-traversal
+// filename is always a hardcoded constant (e.g., 'newsletter-groups.json'), never user input
 const getDataPath = (filename) => {
   const cwd = process.cwd()
   if (cwd.endsWith('.output')) {