upgrade nokogiri for CVE-2019-5477 (#106)

see sparklemotion/nokogiri#1915
railslink · Aug 15, 2019 · b9acc9e · b9acc9e
1 parent 8dc4c3e
commit b9acc9e
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/Gemfile b/Gemfile
@@ -34,7 +34,7 @@ gem 'slim-rails'                                                   # slim templa
 gem "sprockets", "~> 3.7.2"                                        # sprockets is a rack-based asset packaging system that concatenates and serves javascript, scss, etc
 gem 'sucker_punch', '~> 2.0'                                       # asynchronous processing library
 gem 'uglifier', '>= 1.3.0'                                         # compressor for javascript assets
-gem 'nokogiri', '~> 1.10.3'                                        # a HTML, XML, SAX, and Reader parser
+gem 'nokogiri', '~> 1.10.4'                                        # a HTML, XML, SAX, and Reader parser
 
 group :development, :test do
   gem 'rspec-rails', '~> 3.7'                                      # testing framework

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -113,7 +113,7 @@ GEM
     multi_xml (0.6.0)
     multipart-post (2.0.0)
     nio4r (2.3.1)
-    nokogiri (1.10.3)
+    nokogiri (1.10.4)
       mini_portile2 (~> 2.4.0)
     oauth2 (1.4.0)
       faraday (>= 0.8, < 0.13)
@@ -283,7 +283,7 @@ DEPENDENCIES
   kramdown (~> 2.1.0)
   listen (>= 3.0.5, < 3.2)
   marginalia (~> 1.6.0)
-  nokogiri (~> 1.10.3)
+  nokogiri (~> 1.10.4)
   oj (~> 2.16.1)
   omniauth (= 1.8.1)
   omniauth-slack (= 2.3.0)