Merge branch 'sh-update-nokogiri' into 'master'

Update Nokogiri to v1.12.5

See merge request gitlab-org/gitlab!77631

Gemfile

@@ -170,7 +170,7 @@ gem 'asciidoctor-kroki', '~> 0.5.0', require: false
 gem 'rouge', '~> 3.27.0'
 gem 'truncato', '~> 0.7.11'
 gem 'bootstrap_form', '~> 4.2.0'
-gem 'nokogiri', '~> 1.11.4'
+gem 'nokogiri', '~> 1.12'
 gem 'escape_utils', '~> 1.1'
 
 # Calendar rendering
@@ -264,7 +264,7 @@ gem 'ruby-fogbugz', '~> 0.2.1'
 gem 'kubeclient', '~> 4.9.2'
 
 # Sanitize user input
-gem 'sanitize', '~> 5.2.1'
+gem 'sanitize', '~> 6.0'
 gem 'babosa', '~> 1.0.4'
 
 # Sanitizes SVG input
@@ -277,7 +277,7 @@ gem 'licensee', '~> 9.14.1'
 gem 'charlock_holmes', '~> 0.7.7'
 
 # Detect mime content type from content
-gem 'ruby-magic', '~> 0.4'
+gem 'ruby-magic', '~> 0.5'
 
 # Faster blank
 gem 'fast_blank'

Gemfile.lock

@@ -754,7 +754,7 @@ GEM
     mini_histogram (0.3.1)
     mini_magick (4.10.1)
     mini_mime (1.1.1)
-    mini_portile2 (2.5.3)
+    mini_portile2 (2.6.1)
     minitest (5.11.3)
     mixlib-cli (2.1.8)
     mixlib-config (3.0.9)
@@ -792,11 +792,9 @@ GEM
     netrc (0.11.0)
     nio4r (2.5.8)
     no_proxy_fix (0.1.2)
-    nokogiri (1.11.7)
-      mini_portile2 (~> 2.5.0)
+    nokogiri (1.12.5)
+      mini_portile2 (~> 2.6.1)
       racc (~> 1.4)
-    nokogumbo (2.0.2)
-      nokogiri (~> 1.8, >= 1.8.4)
     notiffany (0.1.3)
       nenv (~> 0.1)
       shellany (~> 0.0)
@@ -954,7 +952,7 @@ GEM
       puma (>= 2.7)
     pyu-ruby-sasl (0.0.3.3)
     raabro (1.1.6)
-    racc (1.5.2)
+    racc (1.6.0)
     rack (2.2.3)
     rack-accept (0.4.5)
       rack (>= 0.4)
@@ -1126,8 +1124,8 @@ GEM
       rubocop-ast (>= 0.7.1)
     ruby-fogbugz (0.2.1)
       crack (~> 0.4)
-    ruby-magic (0.4.0)
-      mini_portile2 (~> 2.5.0)
+    ruby-magic (0.5.3)
+      mini_portile2 (~> 2.6)
     ruby-prof (1.3.1)
     ruby-progressbar (1.11.0)
     ruby-saml (1.13.0)
@@ -1144,10 +1142,9 @@ GEM
     safe_yaml (1.0.4)
     safety_net_attestation (0.4.0)
       jwt (~> 2.0)
-    sanitize (5.2.1)
+    sanitize (6.0.0)
       crass (~> 1.0.2)
-      nokogiri (>= 1.8.0)
-      nokogumbo (~> 2.0)
+      nokogiri (>= 1.12.0)
     sass (3.5.5)
       sass-listen (~> 4.0.0)
     sass-listen (4.0.0)
@@ -1549,7 +1546,7 @@ DEPENDENCIES
   net-ldap (~> 0.16.3)
   net-ntp
   net-ssh (~> 6.0)
-  nokogiri (~> 1.11.4)
+  nokogiri (~> 1.12)
   oauth2 (~> 1.4)
   octokit (~> 4.15)
   ohai (~> 16.10)
@@ -1617,14 +1614,14 @@ DEPENDENCIES
   rspec_junit_formatter
   rspec_profiling (~> 0.0.6)
   ruby-fogbugz (~> 0.2.1)
-  ruby-magic (~> 0.4)
+  ruby-magic (~> 0.5)
   ruby-prof (~> 1.3.0)
   ruby-progressbar (~> 1.10)
   ruby-saml (~> 1.13.0)
   ruby_parser (~> 3.15)
   rubyzip (~> 2.0.0)
   rugged (~> 1.2)
-  sanitize (~> 5.2.1)
+  sanitize (~> 6.0)
   sassc-rails (~> 2.1.0)
   sd_notify (~> 0.1.0)
   seed-fu (~> 2.3.7)

lib/banzai/filter/base_sanitization_filter.rb

@@ -42,7 +42,7 @@ module Banzai
           # Allow any protocol in `a` elements
           # and then remove links with unsafe protocols
           allowlist[:protocols].delete('a')
-          allowlist[:transformers].push(self.class.method(:remove_unsafe_links))
+          allowlist[:transformers].push(self.class.method(:sanitize_unsafe_links))
 
           # Remove `rel` attribute from `a` elements
           allowlist[:transformers].push(self.class.remove_rel)

lib/gitlab/utils/sanitize_node_link.rb

@@ -8,6 +8,12 @@ module Gitlab
       UNSAFE_PROTOCOLS  = %w(data javascript vbscript).freeze
       ATTRS_TO_SANITIZE = %w(href src data-src data-canonical-src).freeze
 
+      # sanitize 6.0 requires only a context argument. Do not add any default
+      # arguments to this method.
+      def sanitize_unsafe_links(env)
+        remove_unsafe_links(env)
+      end
+
       def remove_unsafe_links(env, remove_invalid_links: true)
         node = env[:node]