From e3c195f6db687cccddf2bd3dcd07b873e853b197 Mon Sep 17 00:00:00 2001
From: Stan Hu <stanhu@gmail.com>
Date: Wed, 5 Jan 2022 16:02:45 -0800
Subject: [PATCH] Update Nokogiri to v1.12.5

This addresses a CVE that is only relevant to JRuby users
(https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md), but
this gem is still flagged by security scanners.

Some other dependency updates:

* ruby-magic https://my.diffend.io/gems/ruby-magic/0.4.0/0.5.3
* racc diff: https://my.diffend.io/gems/racc/1.5.2/1.6.0
* mini_portile2: https://my.diffend.io/gems/mini_portile2/2.5.0/2.6.1

Changelog: changed
---
 Gemfile      |  4 ++--
 Gemfile.lock | 16 ++++++++--------
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/Gemfile b/Gemfile
index 6be591ce6ebd3..d782a99bc664e 100644
--- a/Gemfile
+++ b/Gemfile
@@ -170,7 +170,7 @@ gem 'asciidoctor-kroki', '~> 0.5.0', require: false
 gem 'rouge', '~> 3.27.0'
 gem 'truncato', '~> 0.7.11'
 gem 'bootstrap_form', '~> 4.2.0'
-gem 'nokogiri', '~> 1.11.4'
+gem 'nokogiri', '~> 1.12'
 gem 'escape_utils', '~> 1.1'
 
 # Calendar rendering
@@ -277,7 +277,7 @@ gem 'licensee', '~> 9.14.1'
 gem 'charlock_holmes', '~> 0.7.7'
 
 # Detect mime content type from content
-gem 'ruby-magic', '~> 0.4'
+gem 'ruby-magic', '~> 0.5'
 
 # Faster blank
 gem 'fast_blank'
diff --git a/Gemfile.lock b/Gemfile.lock
index 645a38e155b2d..542a033398d4b 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -754,7 +754,7 @@ GEM
     mini_histogram (0.3.1)
     mini_magick (4.10.1)
     mini_mime (1.1.1)
-    mini_portile2 (2.5.3)
+    mini_portile2 (2.6.1)
     minitest (5.11.3)
     mixlib-cli (2.1.8)
     mixlib-config (3.0.9)
@@ -792,8 +792,8 @@ GEM
     netrc (0.11.0)
     nio4r (2.5.8)
     no_proxy_fix (0.1.2)
-    nokogiri (1.11.7)
-      mini_portile2 (~> 2.5.0)
+    nokogiri (1.12.5)
+      mini_portile2 (~> 2.6.1)
       racc (~> 1.4)
     nokogumbo (2.0.2)
       nokogiri (~> 1.8, >= 1.8.4)
@@ -954,7 +954,7 @@ GEM
       puma (>= 2.7)
     pyu-ruby-sasl (0.0.3.3)
     raabro (1.1.6)
-    racc (1.5.2)
+    racc (1.6.0)
     rack (2.2.3)
     rack-accept (0.4.5)
       rack (>= 0.4)
@@ -1126,8 +1126,8 @@ GEM
       rubocop-ast (>= 0.7.1)
     ruby-fogbugz (0.2.1)
       crack (~> 0.4)
-    ruby-magic (0.4.0)
-      mini_portile2 (~> 2.5.0)
+    ruby-magic (0.5.3)
+      mini_portile2 (~> 2.6)
     ruby-prof (1.3.1)
     ruby-progressbar (1.11.0)
     ruby-saml (1.13.0)
@@ -1549,7 +1549,7 @@ DEPENDENCIES
   net-ldap (~> 0.16.3)
   net-ntp
   net-ssh (~> 6.0)
-  nokogiri (~> 1.11.4)
+  nokogiri (~> 1.12)
   oauth2 (~> 1.4)
   octokit (~> 4.15)
   ohai (~> 16.10)
@@ -1617,7 +1617,7 @@ DEPENDENCIES
   rspec_junit_formatter
   rspec_profiling (~> 0.0.6)
   ruby-fogbugz (~> 0.2.1)
-  ruby-magic (~> 0.4)
+  ruby-magic (~> 0.5)
   ruby-prof (~> 1.3.0)
   ruby-progressbar (~> 1.10)
   ruby-saml (~> 1.13.0)
-- 
GitLab