Bump nokogiri to 1.10.4 (!1415) · Merge requests · GitLab.org / gitaly

Thong Kuah requested to merge bump_nokogiri-1.10.4 into master Aug 12, 2019

This pulls in fix for CVE-2019-5477, where usage of Nokogiri::CSS::Tokenizer#load_file leads to potential command injection.

Edited Oct 29, 2021 by 🤖 GitLab Bot 🤖

Bump nokogiri to 1.10.4