From d28bb003322da6adc349f0e8246e91f1f3d1ad8f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 16 Apr 2018 10:01:31 +0000
Subject: [PATCH] [Security] Bump rails-html-sanitizer from 1.0.3 to 1.0.4

Bumps [rails-html-sanitizer](https://github.com/rails/rails-html-sanitizer) from 1.0.3 to 1.0.4. **This update includes security fixes.**
- [Release notes](https://github.com/rails/rails-html-sanitizer/releases)
- [Changelog](https://github.com/rails/rails-html-sanitizer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rails/rails-html-sanitizer/compare/v1.0.3...v1.0.4)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 Gemfile.lock | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 9b2701f..ced1a2f 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -60,7 +60,7 @@ GEM
       execjs
     coffee-script-source (1.12.2)
     concurrent-ruby (1.0.5)
-    crass (1.0.3)
+    crass (1.0.4)
     diff-lcs (1.3)
     erubis (2.7.0)
     execjs (2.7.0)
@@ -79,7 +79,7 @@ GEM
     json (1.8.6)
     levenshtein-ffi (1.1.0)
       ffi (~> 1.9)
-    loofah (2.1.1)
+    loofah (2.2.2)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.0)
@@ -90,7 +90,7 @@ GEM
     minitest (5.11.1)
     multi_json (1.13.1)
     nio4r (2.2.0)
-    nokogiri (1.8.1)
+    nokogiri (1.8.2)
       mini_portile2 (~> 2.3.0)
     public_suffix (3.0.1)
     rack (2.0.3)
@@ -112,8 +112,8 @@ GEM
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.0.3)
-      loofah (~> 2.0)
+    rails-html-sanitizer (1.0.4)
+      loofah (~> 2.2, >= 2.2.2)
     railties (5.0.6)
       actionpack (= 5.0.6)
       activesupport (= 5.0.6)