javascript XSS flaw

can somebody help fixing flaw on line “11” i believe its the “id” since the html already sanitized, Veracode complaining about it.

$(document).ready(function () {
    function populateSelect(id, parentId) {
      var html = '';
      $.getJSON('list.json', function (data) {
        html += `<option value="">Select ${DOMPurify.sanitize(id)}</option>`;
        $.each(data, function (key, value) {
          if ((id === 'App' && value.parent_id === '0') || (id !== 'App' && value.parent_id === parentId)) {
            html += `<option value="${DOMPurify.sanitize(value.id)}">${DOMPurify.sanitize(value.name)}</option>`;
          }
        });
        $(`#${id}`).html(html);
      });
    }
  
    populateSelect('App');
  
    $('#App').on('change', function () {
      var appId = $(this).val();
      if (appId) {
        populateSelect('Source', appId);
      } else {
        $('#source').html('<option value="">Select Source</option>');
      }
    });
  });