Bump nokogiri to 1.10.4

This pulls in fix for CVE-2019-5477, where usage of Nokogiri::CSS::Tokenizer#load_file leads to potential command injection.

Bump nokogiri to 1.10.4
This pulls in fix for CVE-2019-5477, where usage of Nokogiri::CSS::Tokenizer#load_file leads to potential command injection.
2d58eba1 · Thong Kuah · 7daf1f41 · 2d58eba1 · 2d58eba1 · 2d58eba1
Commit 2d58eba1 authored Aug 12, 2019 by Thong Kuah
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 7 deletions

Gemfile Gemfile +1 -1

Gemfile.lock Gemfile.lock +2 -2

qa/Gemfile qa/Gemfile +1 -1

qa/Gemfile.lock qa/Gemfile.lock +3 -3

No files found.
--- a/Gemfile
+++ b/Gemfile
@@ -137,7 +137,7 @@ gem 'asciidoctor-plantuml', '0.0.9'
 gem 'rouge', '~> 3.7'
 gem 'truncato', '~> 0.7.11'
 gem 'bootstrap_form', '~> 4.2.0'
-gem 'nokogiri', '~> 1.10.3'
+gem 'nokogiri', '~> 1.10.4'
 gem 'escape_utils', '~> 1.1'

 # Calendar rendering

--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -541,7 +541,7 @@ GEM
    net-ssh (5.2.0)
    netrc (0.11.0)
    nio4r (2.3.1)
-    nokogiri (1.10.3)
+    nokogiri (1.10.4)
      mini_portile2 (~> 2.4.0)
    nokogumbo (1.5.0)
      nokogiri
@@ -1148,7 +1148,7 @@ DEPENDENCIES
  nakayoshi_fork (~> 0.0.4)
  net-ldap
  net-ssh (~> 5.2)
-  nokogiri (~> 1.10.3)
+  nokogiri (~> 1.10.4)
  oauth2 (~> 1.4)
  octokit (~> 4.9)
  omniauth (~> 1.8)

--- a/qa/Gemfile
+++ b/qa/Gemfile
@@ -8,7 +8,7 @@ gem 'rake', '~> 12.3.0'
 gem 'rspec', '~> 3.7'
 gem 'selenium-webdriver', '~> 3.12'
 gem 'airborne', '~> 0.2.13'
-gem 'nokogiri', '~> 1.10.3'
+gem 'nokogiri', '~> 1.10.4'
 gem 'rspec-retry', '~> 0.6.1'
 gem 'rspec_junit_formatter', '~> 0.4.1'
 gem 'faker', '~> 1.6', '>= 1.6.6'

--- a/qa/Gemfile.lock
+++ b/qa/Gemfile.lock
@@ -52,7 +52,7 @@ GEM
    mini_portile2 (2.4.0)
    minitest (5.11.1)
    netrc (0.11.0)
-    nokogiri (1.10.3)
+    nokogiri (1.10.4)
      mini_portile2 (~> 2.4.0)
    parallel (1.17.0)
    parallel_tests (2.29.0)
@@ -112,13 +112,13 @@ DEPENDENCIES
  faker (~> 1.6, >= 1.6.6)
  gitlab-qa
  knapsack (~> 1.17)
-  nokogiri (~> 1.10.3)
+  nokogiri (~> 1.10.4)
  parallel_tests (~> 2.29)
  pry-byebug (~> 3.5.1)
  rake (~> 12.3.0)
  rspec (~> 3.7)
  rspec-retry (~> 0.6.1)
-  rspec_junit_formatter (~> 0.4.1) 
+  rspec_junit_formatter (~> 0.4.1)
  selenium-webdriver (~> 3.12)

 BUNDLED WITH