[Security] Bump rails-html-sanitizer from 1.0.3 to 1.0.4 in /src/api

Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.0.3 to 1.0.4. **This update includes security fixes.** - [Release notes](https://github.com/rails/rails-html-sanitizer/releases) - [Changelog](https://github.com/rails/rails-html-sanitizer/blob/master/CHANGELOG.md) - [Commits](rails/rails-html-sanitizer@v1.0.3...v1.0.4) Signed-off-by: dependabot[bot] <support@dependabot.com>
openSUSE · Sep 5, 2018 · 4bb6438 · 4bb6438
1 parent a72f301
commit 4bb6438
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/src/api/Gemfile.lock b/src/api/Gemfile.lock
@@ -89,7 +89,7 @@ GEM
       tins (~> 1.6)
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
-    crass (1.0.2)
+    crass (1.0.4)
     cssmin (1.0.3)
     daemons (1.2.4)
     dalli (2.7.6)
@@ -222,8 +222,8 @@ GEM
     rails-dom-testing (2.0.2)
       activesupport (>= 4.2.0, < 6.0)
       nokogiri (~> 1.6)
-    rails-html-sanitizer (1.0.3)
-      loofah (~> 2.0)
+    rails-html-sanitizer (1.0.4)
+      loofah (~> 2.2, >= 2.2.2)
     rails_tokeninput (1.7.0)
       railties (>= 3.1.0)
     railties (5.0.1)