Commit 6f9b7bbf authored Mar 23, 2018 by Robert Speicher Committed by Mayra Cabrera Mar 23, 2018

Merge branch 'sh-update-loofah' into 'master'

Bump loofah to 2.2.2 and rails-html-sanitizer to 1.0.4

Closes #44554

See merge request gitlab-org/gitlab-ce!17945

parent 626c64d2

Gemfile

+1 −1

Original line number	Diff line number	Diff line
		@@ -218,7 +218,7 @@ gem 'sanitize', '~> 2.0'
		gem 'babosa', '~> 1.0.2'

		# Sanitizes SVG input
		gem 'loofah', '~> 2.0.3'
		gem 'loofah', '~> 2.2'

		# Working with license
		gem 'licensee', '~> 8.7.0'

Gemfile.lock

+6 −4

Original line number	Diff line number	Diff line
		@@ -142,6 +142,7 @@ GEM
		connection_pool (2.2.1)
		crack (0.4.3)
		safe_yaml (~> 1.0.0)
		crass (1.0.3)
		creole (0.5.0)
		css_parser (1.5.0)
		addressable
		@@ -488,7 +489,8 @@ GEM
		actionpack (>= 4, < 5.2)
		activesupport (>= 4, < 5.2)
		railties (>= 4, < 5.2)
		loofah (2.0.3)
		loofah (2.2.2)
		crass (~> 1.0.2)
		nokogiri (>= 1.5.9)
		mail (2.7.0)
		mini_mime (>= 0.1.1)
		@@ -685,8 +687,8 @@ GEM
		activesupport (>= 4.2.0.beta, < 5.0)
		nokogiri (~> 1.6)
		rails-deprecated_sanitizer (>= 1.0.1)
		rails-html-sanitizer (1.0.3)
		loofah (~> 2.0)
		rails-html-sanitizer (1.0.4)
		loofah (~> 2.2, >= 2.2.2)
		rails-i18n (4.0.9)
		i18n (~> 0.7)
		railties (~> 4.0)
		@@ -1100,7 +1102,7 @@ DEPENDENCIES
		license_finder (~> 3.1)
		licensee (~> 8.7.0)
		lograge (~> 0.5)
		loofah (~> 2.0.3)
		loofah (~> 2.2)
		mail_room (~> 0.9.1)
		method_source (~> 0.8)
		minitest (~> 5.7.0)

changelogs/unreleased/sh-update-loofah.yml

0 → 100644

+5 −0

Original line number	Diff line number	Diff line
		---
		title: Bump rails-html-sanitizer to 1.0.4
		merge_request:
		author:
		type: security