Bump rack from 3.0.8 to 3.0.10

[dependabot]

Bumps rack from 3.0.8 to 3.0.10.

Release notes

Sourced from rack's releases.

v3.0.9.1

What's Changed

• Fixed ReDoS in Accept header parsing [CVE-2024-26146]
• Fixed ReDoS in Content Type header parsing [CVE-2024-25126]
• Reject Range headers which are too large [CVE-2024-26141]

Full Changelog: rack/rack@v3.0.9...v3.0.9.1

v3.0.9

What's Changed

• Fix content-length calcuation in Rack:Response#write #2150

Full Changelog: rack/rack@v3.0.8...v3.0.9

Changelog

Sourced from rack's changelog.

[3.0.10] - 2024-03-21

• Backport #2104 to 3-0-stable: Return empty when parsing a multi-part POST with only one end delimiter. (#2164, @​JoeDupuis)

[3.0.9] - 2024-01-31

• Fix incorrect content-length header that was emitted when Rack::Response#write was used in some situations. (#2150, @​mattbrictson)

Commits

• d3c545e Bump patch version.
• f856dbd Backport #2104 to 3-0-stable
• a4bc5e0 bump version
• 6efb2ce Avoid 2nd degree polynomial regexp in MediaType
• 4849132 Return an empty array when ranges are too large
• a227cd7 Fixing ReDoS in header parsing
• 0b3f997 Bump patch version.
• d3d415e Update Ruby versions for external tests: drop v2.7 and add v3.2 and v3.3. (#2...
• c8b977f Fix content-length calcuation in Rack:Response#write (#2150)
• 8d1bf99 Update CHANGELOG for 3.0.8 (#2086)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[cloudflare-workers-and-pages]

Deploying muddle with    Cloudflare Pages

Latest commit:	3099064
Status:	✅  Deploy successful!
Preview URL:	https://70bbed4e.muddle.pages.dev
Branch Preview URL:	https://dependabot-bundler-rack-3-0-p91e.muddle.pages.dev

View logs

[Gyarbij]

@dependabot rebase

[dependabot]

Looks like this PR is already up-to-date with main! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[dependabot]

Superseded by #21.