From d237459a2ace79ec788916a77c2a77286a50a84e Mon Sep 17 00:00:00 2001
From: "dependabot-preview[bot]"
 <27856297+dependabot-preview[bot]@users.noreply.github.com>
Date: Thu, 20 Aug 2020 11:34:34 +0000
Subject: [PATCH] [Security] Bump rails-html-sanitizer from 1.0.2 to 1.3.0

Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.0.2 to 1.3.0. **This update includes security fixes.**
- [Release notes](https://github.com/rails/rails-html-sanitizer/releases)
- [Changelog](https://github.com/rails/rails-html-sanitizer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/rails-html-sanitizer/compare/v1.0.2...v1.3.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
---
 Gemfile.lock | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 268829a..eefbb7f 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -45,6 +45,7 @@ GEM
     arel (6.0.3)
     builder (3.2.2)
     concurrent-ruby (1.0.5)
+    crass (1.0.6)
     database_cleaner (1.4.1)
     diff-lcs (1.2.5)
     erubis (2.7.0)
@@ -52,17 +53,18 @@ GEM
       activesupport (>= 4.2.0)
     i18n (0.7.0)
     json (1.8.2)
-    loofah (2.0.2)
+    loofah (2.6.0)
+      crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.6.6)
       mime-types (>= 1.16, < 4)
     mime-types (3.1)
       mime-types-data (~> 3.2015)
     mime-types-data (3.2016.0521)
-    mini_portile (0.6.2)
+    mini_portile2 (2.1.0)
     minitest (5.6.1)
-    nokogiri (1.6.6.2)
-      mini_portile (~> 0.6.0)
+    nokogiri (1.6.8.1)
+      mini_portile2 (~> 2.1.0)
     pg (0.18.2)
     rack (1.6.1)
     rack-test (0.6.3)
@@ -84,8 +86,8 @@ GEM
       activesupport (>= 4.2.0.beta, < 5.0)
       nokogiri (~> 1.6.0)
       rails-deprecated_sanitizer (>= 1.0.1)
-    rails-html-sanitizer (1.0.2)
-      loofah (~> 2.0)
+    rails-html-sanitizer (1.3.0)
+      loofah (~> 2.3)
     railties (4.2.1)
       actionpack (= 4.2.1)
       activesupport (= 4.2.1)