Skip to content

Commit

Permalink
dep: bump dependency on loofah
Browse files Browse the repository at this point in the history 
v2.19.1 has the new methods we're using:

- Loofah::HTML5::Scrub.cdata_needs_escaping?
- Loofah::HTML5::Scrub.cdata_escape
- Loofah::HTML5::Scrub.scrub_uri_attribute
- Loofah::HTML5::Scrub.scrub_attribute_that_allows_local_ref

avoiding code duplication in this gem.
  • Loading branch information
@flavorjones
flavorjones committed Dec 12, 2022
1 parent 0713caf commit 48ae90a
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion rails-html-sanitizer.gemspec
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ Gem::Specification.new do |spec|

# NOTE: There's no need to update this dependency for Loofah CVEs
# in minor releases when users can simply run `bundle update loofah`.
spec.add_dependency "loofah", "~> 2.3"
spec.add_dependency "loofah", "~> 2.19", ">= 2.19.1"

spec.add_development_dependency "bundler", ">= 1.3"
spec.add_development_dependency "rake"
Expand Down

0 comments on commit 48ae90a

Please sign in to comment.