The latest version of jQuery V3.4.1 has 5innerHTML() which are not sanitized by default. Does the jQuery team plan on addressing these DOM XSS things in the near future with regards to the new Trusted Types API see here:https://github.com/WICG/trusted-types