OTWO-5708: Upgrade nokogiri to address vulnerability

sparklemotion/nokogiri#1892 We had to downgrade bundler as rails 4.2 depends on bundler <2
blackducksoftware · Aug 19, 2019 · df0024c · df0024c
1 parent 0e16669
commit df0024c
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 6 deletions.
diff --git a/Gemfile b/Gemfile
@@ -20,7 +20,7 @@ gem 'jquery-ui-rails', '~> 5.0.5'
 gem 'jwt'
 gem 'mini_magick', '~> 4.1.1'
 gem 'newrelic_rpm'
-gem 'nokogiri', '~> 1.8.5'
+gem 'nokogiri', '~> 1.10.3'
 gem 'oh_delegator'
 gem 'ohloh_scm', '2.4.0'
 gem 'open4'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -321,7 +321,7 @@ GEM
     mimemagic (0.3.3)
     mini_magick (4.1.1)
     mini_mime (1.0.1)
-    mini_portile2 (2.3.0)
+    mini_portile2 (2.4.0)
     minitest (5.11.3)
     minitest-rails (2.2.1)
       minitest (~> 5.7)
@@ -335,8 +335,8 @@ GEM
       net-ssh (>= 2.6.5, < 6.0.0)
     net-ssh (5.2.0)
     newrelic_rpm (6.2.0.354)
-    nokogiri (1.8.5)
-      mini_portile2 (~> 2.3.0)
+    nokogiri (1.10.4)
+      mini_portile2 (~> 2.4.0)
     notiffany (0.1.1)
       nenv (~> 0.1)
       shellany (~> 0.0)
@@ -612,7 +612,7 @@ DEPENDENCIES
   minitest-rails
   mocha
   newrelic_rpm
-  nokogiri (~> 1.8.5)
+  nokogiri (~> 1.10.3)
   oh_delegator
   ohloh_scm (= 2.4.0)
   open4
@@ -658,4 +658,4 @@ DEPENDENCIES
   will_paginate-bootstrap
 
 BUNDLED WITH
-   2.0.1
+   1.17.3