flavorjones / loofah

Ruby library for HTML/XML transformation and sanitization
MIT License
934 stars 138 forks source link

dep: require nokogiri >= 1.12.0 #267

Closed flavorjones closed 1 year ago

flavorjones commented 1 year ago

Closes #266

This PR updates the Nokogiri dependency to >= 1.12.0, and the Ruby dependency to >= 2.5.0 (which matches the requirement of Nokogiri 1.12.x).

baburdick commented 1 year ago

FYI: If you don't yank v2.21.1 and v2.21.0, bundler will still try to upgrade to them from v2.20.x, for those stuck on nokogiri < v1.12.0.

flavorjones commented 1 year ago

I'm not yanking these versions of the gem, as yanking tends to be more disruptive to the community. Please pin this dependency in your apps if you're on Ruby 2.4 or earlier, or consider upgrading. Apologies for the inconvenience.

baburdick commented 1 year ago

Fair enough. But we're on Ruby 2.7. Our OS is unable to upgrade nokogiri. We'll pin on our end. Thanks for the quick reply.