Bump nokogiri version

Jeremy Lawrence · facebook-github-bot · commit 16df6cb220b4 · 2019-10-30T12:22:57.000-07:00
Summary: We don't use nokogiri directly in our library, but it found its was into our Gemfile.lock. I'm bumping the version in the Gemfile.lock because the version it's calling for has a security vuln: sparklemotion/nokogiri#1915. When I tried setting up this library from a github clone, so I imagine others may be running into this and wasting time on it as well. Another solution here would just be to remove nokogiri from our Gemfile.lock entirely. I don't think we use it directly anywhere, and was just included in the lock because it happened to be in someone's environment at the time of the lock file creation. Reviewed By: joetam Differential Revision: D18046184 fbshipit-source-id: de6263bb24783988545a77cb67ee66c9697820de
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -89,7 +89,7 @@ GEM
     nap (1.1.0)
     netrc (0.11.0)
     no_proxy_fix (0.1.2)
-    nokogiri (1.10.3)
+    nokogiri (1.10.4)
       mini_portile2 (~> 2.4.0)
     octokit (4.14.0)
       sawyer (~> 0.8.0, >= 0.5.3)
