diff options
| author | Zeger-Jan van de Weg <git@zjvandeweg.nl> | 2018-09-04 19:22:14 +0300 |
|---|---|---|
| committer | Zeger-Jan van de Weg <git@zjvandeweg.nl> | 2018-09-04 19:27:07 +0300 |
| commit | 3c7a6e900083ba15adf6f0e9c1f80b904e5d8073 (patch) | |
| tree | 01ef475b819909ee4b7c3360702c41b9b5e27b25 | |
| parent | 9990bdd440e360d49e5fb3ad56641bdf1e7e719d (diff) | |
Update the sanitize gem to at least 4.6.6
The Gitaly Security dashboard pointed us to the gem that required an
update. The gem in question is pulled in as a dependency, but could be
bumped.
Closes https://gitlab.com/gitlab-org/gitaly/issues/1322
| -rw-r--r-- | changelogs/unreleased/zj-update-sanitize.yml | 5 | ||||
| -rw-r--r-- | ruby/Gemfile.lock | 8 |
2 files changed, 9 insertions, 4 deletions
diff --git a/changelogs/unreleased/zj-update-sanitize.yml b/changelogs/unreleased/zj-update-sanitize.yml new file mode 100644 index 000000000..99d22bcad --- /dev/null +++ b/changelogs/unreleased/zj-update-sanitize.yml @@ -0,0 +1,5 @@ +--- +title: Update the sanitize gem to at least 4.6.6 +merge_request: 876 +author: +type: security diff --git a/ruby/Gemfile.lock b/ruby/Gemfile.lock index 8b13769c3..862d278cd 100644 --- a/ruby/Gemfile.lock +++ b/ruby/Gemfile.lock @@ -33,7 +33,7 @@ GEM gollum-grit_adapter (~> 1.0) nokogiri (>= 1.6.1, < 2.0) rouge (~> 3.1) - sanitize (~> 4.6.4) + sanitize (~> 4.6.6) stringex (~> 2.6) gitlab-gollum-rugged_adapter (0.4.4.1) mime-types (>= 1.15) @@ -75,9 +75,9 @@ GEM little-plugger (~> 1.1) multi_json (~> 1.10) memoist (0.16.0) - mime-types (3.1) + mime-types (3.2.2) mime-types-data (~> 3.2015) - mime-types-data (3.2016.0521) + mime-types-data (3.2018.0812) mini_portile2 (2.3.0) minitest (5.9.1) multi_json (1.13.1) @@ -162,4 +162,4 @@ DEPENDENCIES sentry-raven (~> 2.7.2) BUNDLED WITH - 1.16.3 + 1.16.4 |