diff --git a/Gemfile b/Gemfile
index 159ea52..b85cb7c 100644
--- a/Gemfile
+++ b/Gemfile
@@ -31,7 +31,7 @@ gem "task_list"
 gem "rinku",              "~> 1.7",   :require => false
 gem "gemoji",             "~> 2.0",   :require => false
 gem "github-markdown",    "~> 0.5",   :require => false
-gem "sanitize",           "~> 4.0",   :require => false
+gem "sanitize",           "~> 5.2",   :require => false
 gem "escape_utils",       "~> 1.0",   :require => false
 gem "github-linguist",    "~> 4.5",  :require => false
 
diff --git a/Gemfile.lock b/Gemfile.lock
index 88c1eb9..55d02d9 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -62,7 +62,7 @@ GEM
       rack (>= 0.9.0)
     binding_of_caller (0.7.2)
       debug_inspector (>= 0.0.1)
-    builder (3.2.2)
+    builder (3.2.4)
     byebug (5.0.0)
       columnize (= 0.9.0)
     charlock_holmes (0.7.3)
@@ -70,9 +70,10 @@ GEM
     coercible (1.0.0)
       descendants_tracker (~> 0.0.1)
     columnize (0.9.0)
+    concurrent-ruby (1.1.6)
     crack (0.4.2)
       safe_yaml (~> 1.0.0)
-    crass (1.0.2)
+    crass (1.0.6)
     debug_inspector (0.0.2)
     descendants_tracker (0.0.4)
       thread_safe (~> 0.3, >= 0.3.1)
@@ -90,31 +91,36 @@ GEM
       mime-types (>= 1.19)
       rugged (~> 0.23.0b1)
     github-markdown (0.6.8)
-    globalid (0.3.5)
-      activesupport (>= 4.1.0)
+    globalid (0.4.2)
+      activesupport (>= 4.2.0)
     html-pipeline (1.11.0)
       activesupport (>= 2)
       nokogiri (~> 1.4)
     httparty (0.13.3)
       json (~> 1.8)
       multi_xml (>= 0.5.2)
-    i18n (0.7.0)
+    i18n (0.9.5)
+      concurrent-ruby (~> 1.0)
     ice_nine (0.11.1)
-    json (1.8.3)
-    loofah (2.0.2)
+    json (1.8.6)
+    loofah (2.6.0)
+      crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
-    mail (2.6.3)
-      mime-types (>= 1.16, < 3)
-    mime-types (2.6.1)
-    mini_portile (0.6.2)
-    minitest (5.7.0)
+    mail (2.7.1)
+      mini_mime (>= 0.1.1)
+    mime-types (3.3.1)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2020.0512)
+    mini_mime (1.0.2)
+    mini_portile2 (2.4.0)
+    minitest (5.12.0)
     multi_xml (0.5.5)
     multipart-post (2.0.0)
     newrelic_rpm (3.11.2.286)
-    nokogiri (1.6.6.2)
-      mini_portile (~> 0.6.0)
-    nokogumbo (1.4.1)
-      nokogiri
+    nokogiri (1.9.1)
+      mini_portile2 (~> 2.4.0)
+    nokogumbo (2.0.2)
+      nokogiri (~> 1.8, >= 1.8.4)
     octokit (3.8.0)
       sawyer (~> 0.6.0, >= 0.5.3)
     pg (0.18.2)
@@ -124,7 +130,7 @@ GEM
     pygments.rb (0.6.3)
       posix-spawn (~> 0.3.6)
       yajl-ruby (~> 1.2.0)
-    rack (1.6.1)
+    rack (1.6.13)
     rack-protection (1.5.3)
       rack
     rack-test (0.6.3)
@@ -142,12 +148,12 @@ GEM
       sprockets-rails
     rails-deprecated_sanitizer (1.0.3)
       activesupport (>= 4.2.0.alpha)
-    rails-dom-testing (1.0.6)
-      activesupport (>= 4.2.0.beta, < 5.0)
-      nokogiri (~> 1.6.0)
+    rails-dom-testing (1.0.9)
+      activesupport (>= 4.2.0, < 5.0)
+      nokogiri (~> 1.6)
       rails-deprecated_sanitizer (>= 1.0.1)
-    rails-html-sanitizer (1.0.2)
-      loofah (~> 2.0)
+    rails-html-sanitizer (1.3.0)
+      loofah (~> 2.3)
     rails_12factor (0.0.3)
       rails_serve_static_assets
       rails_stdout_logging
@@ -183,10 +189,10 @@ GEM
     rspec-support (3.3.0)
     rugged (0.23.0b2)
     safe_yaml (1.0.4)
-    sanitize (4.0.0)
+    sanitize (5.2.1)
       crass (~> 1.0.2)
-      nokogiri (>= 1.4.4)
-      nokogumbo (= 1.4.1)
+      nokogiri (>= 1.8.0)
+      nokogumbo (~> 2.0)
     sass (3.4.14)
     sawyer (0.6.0)
       addressable (~> 2.3.5)
@@ -215,9 +221,9 @@ GEM
       html-pipeline
     temple (0.7.6)
     thor (0.19.1)
-    thread_safe (0.3.5)
+    thread_safe (0.3.6)
     tilt (2.0.1)
-    tzinfo (1.2.2)
+    tzinfo (1.2.7)
       thread_safe (~> 0.1)
     virtus (1.0.5)
       axiom-types (~> 0.1)
@@ -252,7 +258,7 @@ DEPENDENCIES
   raygun4ruby
   rinku (~> 1.7)
   rspec-rails (~> 3.0)
-  sanitize (~> 4.0)
+  sanitize (~> 5.2)
   sass-rails!
   sinatra
   slim-rails (~> 3.0.1)