From 2fe6b151bfb5247a4989d0c95b3e1f0d50d3e103 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Wed, 9 Jun 2021 05:16:33 +0000 Subject: [PATCH] [Security] Bump loofah from 2.2.3 to 2.10.0 Bumps [loofah](https://github.com/flavorjones/loofah) from 2.2.3 to 2.10.0. **This update includes a security fix.** - [Release notes](https://github.com/flavorjones/loofah/releases) - [Changelog](https://github.com/flavorjones/loofah/blob/main/CHANGELOG.md) - [Commits](https://github.com/flavorjones/loofah/compare/v2.2.3...v2.10.0) Signed-off-by: dependabot-preview[bot] --- Gemfile.lock | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 07cf239..e9712c9 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -98,7 +98,7 @@ GEM execjs coffee-script-source (1.12.2) concurrent-ruby (1.1.5) - crass (1.0.4) + crass (1.0.6) devise (4.6.2) bcrypt (~> 3.0) orm_adapter (~> 0.1) @@ -140,7 +140,7 @@ GEM activerecord kaminari-core (= 1.1.1) kaminari-core (1.1.1) - loofah (2.2.3) + loofah (2.10.0) crass (~> 1.0.2) nokogiri (>= 1.5.9) mail (2.7.1) @@ -148,16 +148,21 @@ GEM marcel (0.3.3) mimemagic (~> 0.3.2) method_source (0.9.2) - mimemagic (0.3.3) + mimemagic (0.3.10) + nokogiri (~> 1) + rake mini_mime (1.0.2) - mini_portile2 (2.4.0) + mini_portile2 (2.5.3) minitest (5.11.3) multi_json (1.13.1) nio4r (2.4.0) - nokogiri (1.10.3) - mini_portile2 (~> 2.4.0) - nokogiri (1.10.3-x86-mingw32) - mini_portile2 (~> 2.4.0) + nokogiri (1.11.7) + mini_portile2 (~> 2.5.0) + racc (~> 1.4) + nokogiri (1.11.7-x86-mingw32) + racc (~> 1.4) + nokogiri (1.11.7-x86_64-linux) + racc (~> 1.4) orm_adapter (0.5.0) pg (1.1.4) pg (1.1.4-x86-mingw32) @@ -167,6 +172,7 @@ GEM nio4r (~> 2.0) pundit (2.0.1) activesupport (>= 3.0.0) + racc (1.5.2) rack (2.0.7) rack-cors (1.0.3) rack-test (1.1.0)