Bump nokogiri to 1.10.4bump-nokogiri-1.10.4

This pulls in fix for CVE-2019-5477, where usage of Nokogiri::CSS::Tokenizer#load_file leads to potential command injection.
author: Thong Kuah <tkuah@gitlab.com> 2019-08-12 12:18:06 +1200
committer: Thong Kuah <tkuah@gitlab.com> 2019-08-12 12:25:15 +1200
commit: 2d58eba11134d2f3013d2ab45d93ae0581893be7 (patch)
tree: cd92bab4c0b0eb1d4c9f37226b24920acaa6ef94 /qa/Gemfile.lock
parent: 7daf1f41bee701b17a2f276b41f2f96a364cf03d (diff)
download: gitlab-ce-2d58eba11134d2f3013d2ab45d93ae0581893be7.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/qa/Gemfile.lock b/qa/Gemfile.lock
index 7d19366f83b..bf051a115b5 100644
--- a/qa/Gemfile.lock
+++ b/qa/Gemfile.lock
@@ -52,7 +52,7 @@ GEM
     mini_portile2 (2.4.0)
     minitest (5.11.1)
     netrc (0.11.0)
-    nokogiri (1.10.3)
+    nokogiri (1.10.4)
       mini_portile2 (~> 2.4.0)
     parallel (1.17.0)
     parallel_tests (2.29.0)
@@ -112,13 +112,13 @@ DEPENDENCIES
   faker (~> 1.6, >= 1.6.6)
   gitlab-qa
   knapsack (~> 1.17)
-  nokogiri (~> 1.10.3)
+  nokogiri (~> 1.10.4)
   parallel_tests (~> 2.29)
   pry-byebug (~> 3.5.1)
   rake (~> 12.3.0)
   rspec (~> 3.7)
   rspec-retry (~> 0.6.1)
-  rspec_junit_formatter (~> 0.4.1) 
+  rspec_junit_formatter (~> 0.4.1)
   selenium-webdriver (~> 3.12)
 
 BUNDLED WITH
author	Thong Kuah <tkuah@gitlab.com>	2019-08-12 12:18:06 +1200
committer	Thong Kuah <tkuah@gitlab.com>	2019-08-12 12:25:15 +1200
commit	2d58eba11134d2f3013d2ab45d93ae0581893be7 (patch)
tree	cd92bab4c0b0eb1d4c9f37226b24920acaa6ef94 /qa/Gemfile.lock
parent	7daf1f41bee701b17a2f276b41f2f96a364cf03d (diff)
download	gitlab-ce-2d58eba11134d2f3013d2ab45d93ae0581893be7.tar.gz