Oh and a security update

2018-04-27 11:06:50 -05:00 · 2018-04-27 11:06:50 -05:00 · 5d6d2815f1
parent 8a4c6fa8b1
commit 5d6d2815f1
2 changed files with 4 additions and 0 deletions
--- a/3
+++ b/3
@ -30,6 +30,9 @@ gem "thin"
 gem "tzinfo" # For validation of user selected timezone names
 gem "valid_url"
 gem "webpack-rails"
+# Probably safe to remove after next rails upgrade.
+# https://nvd.nist.gov/vuln/detail/CVE-2018-3741
+gem "rails-html-sanitizer", "~> 1.0.4"

 group :development, :test do
  gem "capybara"
--- a/Gemfile.lock
+++ b/Gemfile.lock
@ -377,6 +377,7 @@ DEPENDENCIES
  rack-cors
  rails
  rails-erd
+  rails-html-sanitizer (~> 1.0.4)
  rails_12factor
  request_store
  rollbar