Turnout is using an outdated Rack version
skreib opened this issue · comments
As for now turnout.gemspec contains the following Rack dependency:
s.add_dependency('rack', '>= 1.3', '< 3')
However, according to Snyk, Rack version 2.* has known security vulnerabilities, such as Web Cache Poisoning.
Is it possible to update this Rack dependency to use version 3.0 and above?