Project

General

Profile

Actions
Copy link

Patch #30137

closed

Remove rails-html-sanitizer from Gemfile

Added by Go MAEDA about 6 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Go MAEDA
Category:
Code cleanup/refactoring
Target version:
4.0.0
Start date:
Due date:
% Done:

0%

Estimated time:

Description

Redmine installs rails-html-sanitizer to ensure that not to use vulnerable versions prior to 1.0.3.

But it is not necessary any longer because Rails actionview 5.2.2 requires rails-html-sanitizer 1.0.3 or later.

Index: Gemfile
===================================================================
--- Gemfile    (revision 17706)
+++ Gemfile    (working copy)
@@ -17,9 +17,6 @@
 gem "nokogiri", "~> 1.8.0" 
 gem "i18n", "~> 0.7.0" 

-# Request at least rails-html-sanitizer 1.0.3 because of security advisories
-gem "rails-html-sanitizer", ">= 1.0.3" 
-
 # Windows does not include zoneinfo files, so bundle the tzinfo-data gem
 gem 'tzinfo-data', platforms: [:mingw, :x64_mingw, :mswin]
 gem "rbpdf", "~> 1.19.6"
Actions
Copy link
 #1

Updated by Go MAEDA about 6 years ago

It was introduced in r15105.

Actions
Copy link
 #2

Updated by Go MAEDA about 6 years ago

  • Status changed from New to Closed
  • Assignee set to Go MAEDA

Committed.

Actions
Copy link
 #3

Updated by Jean-Philippe Lang about 6 years ago

  • Target version changed from 4.1.0 to 4.0.0
Actions
Copy link

Also available in: Atom PDF