Bump loofah to 2.2.2 and rails-html-sanitizer to 1.0.4
See: * https://github.com/rails/rails-html-sanitizer/releases * https://github.com/flavorjones/loofah/releases
This commit is contained in:
parent
5c36e1b96a
commit
6e7064dc8a
2
Gemfile
2
Gemfile
|
@ -231,7 +231,7 @@ gem 'sanitize', '~> 2.0'
|
|||
gem 'babosa', '~> 1.0.2'
|
||||
|
||||
# Sanitizes SVG input
|
||||
gem 'loofah', '~> 2.0.3'
|
||||
gem 'loofah', '~> 2.2'
|
||||
|
||||
# Working with license
|
||||
gem 'licensee', '~> 8.9'
|
||||
|
|
10
Gemfile.lock
10
Gemfile.lock
|
@ -143,6 +143,7 @@ GEM
|
|||
connection_pool (2.2.1)
|
||||
crack (0.4.3)
|
||||
safe_yaml (~> 1.0.0)
|
||||
crass (1.0.3)
|
||||
creole (0.5.0)
|
||||
css_parser (1.5.0)
|
||||
addressable
|
||||
|
@ -485,7 +486,8 @@ GEM
|
|||
actionpack (>= 4, < 5.2)
|
||||
activesupport (>= 4, < 5.2)
|
||||
railties (>= 4, < 5.2)
|
||||
loofah (2.0.3)
|
||||
loofah (2.2.2)
|
||||
crass (~> 1.0.2)
|
||||
nokogiri (>= 1.5.9)
|
||||
mail (2.7.0)
|
||||
mini_mime (>= 0.1.1)
|
||||
|
@ -679,8 +681,8 @@ GEM
|
|||
activesupport (>= 4.2.0, < 5.0)
|
||||
nokogiri (~> 1.6)
|
||||
rails-deprecated_sanitizer (>= 1.0.1)
|
||||
rails-html-sanitizer (1.0.3)
|
||||
loofah (~> 2.0)
|
||||
rails-html-sanitizer (1.0.4)
|
||||
loofah (~> 2.2, >= 2.2.2)
|
||||
rails-i18n (4.0.9)
|
||||
i18n (~> 0.7)
|
||||
railties (~> 4.0)
|
||||
|
@ -1093,7 +1095,7 @@ DEPENDENCIES
|
|||
license_finder (~> 3.1)
|
||||
licensee (~> 8.9)
|
||||
lograge (~> 0.5)
|
||||
loofah (~> 2.0.3)
|
||||
loofah (~> 2.2)
|
||||
mail_room (~> 0.9.1)
|
||||
method_source (~> 0.8)
|
||||
minitest (~> 5.7.0)
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Bump rails-html-sanitizer to 1.0.4
|
||||
merge_request:
|
||||
author:
|
||||
type: security
|
Loading…
Reference in New Issue