[Security] Bump rails-html-sanitizer from 1.0.3 to 1.3.0

Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.0.3 to 1.3.0. **This update includes a security fix.** - [Release notes](https://github.com/rails/rails-html-sanitizer/releases) - [Changelog](https://github.com/rails/rails-html-sanitizer/blob/master/CHANGELOG.md) - [Commits](rails/rails-html-sanitizer@v1.0.3...v1.3.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
artkirienko · Apr 1, 2020 · ca82c27 · ca82c27
1 parent b77e3da
commit ca82c27
Showing 1 changed file with 8 additions and 6 deletions.
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -62,6 +62,7 @@ GEM
       execjs
     coffee-script-source (1.12.2)
     concurrent-ruby (1.0.5)
+    crass (1.0.6)
     diff-lcs (1.3)
     erubi (1.6.1)
     erubis (2.7.0)
@@ -82,20 +83,21 @@ GEM
       rb-fsevent (~> 0.9, >= 0.9.4)
       rb-inotify (~> 0.9, >= 0.9.7)
       ruby_dep (~> 1.2)
-    loofah (2.0.3)
+    loofah (2.4.0)
+      crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.6.6)
       mime-types (>= 1.16, < 4)
     method_source (0.8.2)
     mime-types (3.1)
       mime-types-data (~> 3.2015)
     mime-types-data (3.2016.0521)
-    mini_portile2 (2.2.0)
+    mini_portile2 (2.4.0)
     minitest (5.10.3)
     multi_json (1.12.1)
     nio4r (2.1.0)
-    nokogiri (1.8.0)
-      mini_portile2 (~> 2.2.0)
+    nokogiri (1.10.9)
+      mini_portile2 (~> 2.4.0)
     pg (0.21.0)
     puma (3.10.0)
     rack (2.0.3)
@@ -116,8 +118,8 @@ GEM
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.0.3)
-      loofah (~> 2.0)
+    rails-html-sanitizer (1.3.0)
+      loofah (~> 2.3)
     rails_12factor (0.0.3)
       rails_serve_static_assets
       rails_stdout_logging