Bump rails-html-sanitizer to 1.6.1 (#38)

CompanyCam · Dec 5, 2024 · c2da029 · c2da029
1 parent acc5ff8
commit c2da029
Show file tree

Hide file tree

Showing 4 changed files with 36 additions and 18 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,10 @@
 ## [Unreleased]
 
+## [0.9.11] - 2024-09-19
+
+- Bump rails-html-sanitizer to 1.6.1 for CVE
+- Raise minimum version of ActionText to >= 7.0
+
 ## [0.9.9] - 2024-09-19
 
 - Added ordered_list to Document

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -1,57 +1,70 @@
 PATH
   remote: .
   specs:
-    tiptap-ruby (0.9.10)
-      actionview (>= 6.0)
+    tiptap-ruby (0.9.11)
+      actionview (>= 7.0)
       activesupport (>= 6.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    actionview (6.1.7.6)
-      activesupport (= 6.1.7.6)
+    actionview (7.1.5)
+      activesupport (= 7.1.5)
       builder (~> 3.1)
-      erubi (~> 1.4)
-      rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activesupport (6.1.7.6)
+      erubi (~> 1.11)
+      rails-dom-testing (~> 2.2)
+      rails-html-sanitizer (~> 1.6)
+    activesupport (7.1.5)
+      base64
+      benchmark (>= 0.3)
+      bigdecimal
       concurrent-ruby (~> 1.0, >= 1.0.2)
+      connection_pool (>= 2.2.5)
+      drb
       i18n (>= 1.6, < 2)
+      logger (>= 1.4.2)
       minitest (>= 5.1)
+      mutex_m
+      securerandom (>= 0.3)
       tzinfo (~> 2.0)
-      zeitwerk (~> 2.3)
     ast (2.4.2)
     base64 (0.1.1)
+    benchmark (0.4.0)
+    bigdecimal (3.1.8)
     builder (3.2.4)
     concurrent-ruby (1.2.2)
+    connection_pool (2.4.1)
     crass (1.0.6)
     diff-lcs (1.5.0)
+    drb (2.2.1)
     erubi (1.12.0)
     i18n (1.14.1)
       concurrent-ruby (~> 1.0)
     json (2.6.3)
     language_server-protocol (3.17.0.3)
     lint_roller (1.1.0)
-    loofah (2.21.4)
+    logger (1.6.2)
+    loofah (2.23.1)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
     minitest (5.20.0)
-    nokogiri (1.16.5-arm64-darwin)
+    mutex_m (0.3.0)
+    nokogiri (1.16.8-arm64-darwin)
       racc (~> 1.4)
-    nokogiri (1.16.5-x86_64-linux)
+    nokogiri (1.16.8-x86_64-linux)
       racc (~> 1.4)
     parallel (1.23.0)
     parser (3.2.2.4)
       ast (~> 2.4.1)
       racc
-    racc (1.8.0)
+    racc (1.8.1)
     rails-dom-testing (2.2.0)
       activesupport (>= 5.0.0)
       minitest
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.6.0)
+    rails-html-sanitizer (1.6.1)
       loofah (~> 2.21)
-      nokogiri (~> 1.14)
+      nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
     rainbow (3.1.1)
     rake (13.1.0)
     regexp_parser (2.8.2)
@@ -87,6 +100,7 @@ GEM
       rubocop (>= 1.7.0, < 2.0)
       rubocop-ast (>= 0.4.0)
     ruby-progressbar (1.13.0)
+    securerandom (0.4.0)
     standard (1.31.2)
       language_server-protocol (~> 3.17.0.2)
       lint_roller (~> 1.0)
@@ -102,7 +116,6 @@ GEM
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     unicode-display_width (2.5.0)
-    zeitwerk (2.6.12)
 
 PLATFORMS
   arm64-darwin-21

diff --git a/lib/tip_tap/version.rb b/lib/tip_tap/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module TipTap
-  VERSION = "0.9.10"
+  VERSION = "0.9.11"
 end
diff --git a/tiptap.gemspec b/tiptap.gemspec
@@ -21,6 +21,6 @@ Gem::Specification.new do |spec|
   spec.files = Dir["*.{md,txt}", "{lib}/**/*"]
   spec.require_paths = ["lib"]
 
-  spec.add_dependency "actionview", ">= 6.0"
+  spec.add_dependency "actionview", ">= 7.0"
   spec.add_dependency "activesupport", ">= 6.0"
 end