Bump sanitize from 4.6.6 to 5.0.0 (#9140)

Gemfile

@@ -72,7 +72,7 @@ gem 'rails-settings-cached', '~> 0.6'
 gem 'redis', '~> 4.0', require: ['redis', 'redis/connection/hiredis']
 gem 'mario-redis-lock', '~> 1.2', require: 'redis_lock'
 gem 'rqrcode', '~> 0.10'
-gem 'sanitize', '~> 4.6'
+gem 'sanitize', '~> 5.0'
 gem 'sidekiq', '~> 5.2'
 gem 'sidekiq-scheduler', '~> 3.0'
 gem 'sidekiq-unique-jobs', '~> 5.0'

Gemfile.lock

@@ -360,8 +360,8 @@ GEM
     nio4r (2.3.1)
     nokogiri (1.8.5)
       mini_portile2 (~> 2.3.0)
-    nokogumbo (1.5.0)
-      nokogiri
+    nokogumbo (2.0.0)
+      nokogiri (~> 1.8, >= 1.8.4)
     nsa (0.2.4)
       activesupport (>= 4.2, < 6)
       concurrent-ruby (~> 1.0.0)
@@ -543,10 +543,10 @@ GEM
     rufus-scheduler (3.5.2)
       fugit (~> 1.1, >= 1.1.5)
     safe_yaml (1.0.4)
-    sanitize (4.6.6)
+    sanitize (5.0.0)
       crass (~> 1.0.2)
-      nokogiri (>= 1.4.4)
-      nokogumbo (~> 1.4)
+      nokogiri (>= 1.8.0)
+      nokogumbo (~> 2.0)
     sass (3.6.0)
       sass-listen (~> 4.0.0)
     sass-listen (4.0.0)
@@ -749,7 +749,7 @@ DEPENDENCIES
   rspec-rails (~> 3.8)
   rspec-sidekiq (~> 3.0)
   rubocop (~> 0.60)
-  sanitize (~> 4.6)
+  sanitize (~> 5.0)
   scss_lint (~> 0.57)
   sidekiq (~> 5.2)
   sidekiq-bulk (~> 0.1.1)

spec/lib/formatter_spec.rb

@@ -514,7 +514,7 @@ RSpec.describe Formatter do
     subject { Formatter.instance.sanitize(html, Sanitize::Config::MASTODON_STRICT) }
 
     it 'sanitizes' do
-      is_expected.to eq 'alert("Hello")'
+      is_expected.to eq ''
     end
   end
 end