Actions
Patch #30137
closedRemove rails-html-sanitizer from Gemfile
Description
Redmine installs rails-html-sanitizer to ensure that not to use vulnerable versions prior to 1.0.3.
But it is not necessary any longer because Rails actionview 5.2.2 requires rails-html-sanitizer 1.0.3 or later.
Index: Gemfile
===================================================================
--- Gemfile (revision 17706)
+++ Gemfile (working copy)
@@ -17,9 +17,6 @@
gem "nokogiri", "~> 1.8.0"
gem "i18n", "~> 0.7.0"
-# Request at least rails-html-sanitizer 1.0.3 because of security advisories
-gem "rails-html-sanitizer", ">= 1.0.3"
-
# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
gem 'tzinfo-data', platforms: [:mingw, :x64_mingw, :mswin]
gem "rbpdf", "~> 1.19.6"
Actions