chore: update dependencies and improve MermaidBlock security

- Updated mermaid from version 11.13.0 to 9.1.7 for compatibility.
- Upgraded next from version 14.2.21 to ^14.2.35 for the latest features and fixes.
- Added @types/dompurify and isomorphic-dompurify for improved sanitization.
- Replaced innerHTML assignment in MermaidBlock with sanitized SVG using DOMPurify.
- Updated eslint-config-next to ^16.2.4 for better linting support.

web/experience/src/components/blocks/MermaidViewer.tsx

@@ -2,6 +2,7 @@
 
 import { useEffect, useRef, useState } from "react";
 import mermaid from "mermaid";
+import DOMPurify from "isomorphic-dompurify";
 import { Block } from "@/lib/api";
 
 interface MermaidViewerProps {
@@ -29,7 +30,8 @@ export default function MermaidViewer({ block }: MermaidViewerProps) {
                 mermaidRef.current.innerHTML = "";
                 const { svg } = await mermaid.render(`mermaid-exp-${block.id}`, block.mermaid_code);
                 if (mermaidRef.current) {
-                    mermaidRef.current.innerHTML = svg;
+                    // Sanitizar SVG antes de inyectar
+                    mermaidRef.current.innerHTML = DOMPurify.sanitize(svg);
                 }
             } catch (error: any) {
                 console.error("Mermaid parsing error:", error);