build: bump rack from 2.0.4 to 2.0.5

[dependabot-preview]

Bumps rack from 2.0.4 to 2.0.5.

Changelog

Sourced from rack's changelog.

Sun Dec 4 18:48:03 2015 Jeremy Daer jeremydaer@gmail.com

• First-party "SameSite" cookies. Browsers omit SameSite cookies
  from third-party requests, closing the door on many CSRF attacks.

Pass same_site: true (or :strict) to enable:
response.set_cookie 'foo', value: 'bar', same_site: true
or same_site: :lax to use Lax enforcement:
response.set_cookie 'foo', value: 'bar', same_site: :lax

Based on version 7 of the Same-site Cookies internet draft:
https://tools.ietf.org/html/draft-west-first-party-cookies-07

Thanks to Ben Toews (mastahyeti) and Bob Long (bobjflong) for
updating to drafts 5 and 7.

Tue Nov 3 16:17:26 2015 Aaron Patterson tenderlove@ruby-lang.org

• Add Rack::Events middleware for adding event based middleware:
  middleware that does not care about the response body, but only cares
  about doing work at particular points in the request / response
  lifecycle.

Thu Oct 8 14:58:46 2015 Aaron Patterson tenderlove@ruby-lang.org

• Add Rack::Request#authority to calculate the authority under which
  the response is being made (this will be handy for h2 pushes).

Tue Oct 6 13:19:04 2015 Aaron Patterson tenderlove@ruby-lang.org

• Add Rack::Response::Helpers#cache_control and cache_control=.
  Use this for setting cache control headers on your response objects.

Tue Oct 6 13:12:21 2015 Aaron Patterson tenderlove@ruby-lang.org

• Add Rack::Response::Helpers#etag and etag=. Use this for
  setting etag values on the response.

Sun Oct 3 18:25:03 2015 Jeremy Daer jeremydaer@gmail.com

• Introduce Rack::Response::Helpers#add_header to add a value to a
  multi-valued response header. Implemented in terms of other
  Response#*_header methods, so it's available to any response-like
  class that includes the Helpers module.

• Add Rack::Request#add_header to match.

Fri Sep 4 18:34:53 2015 Aaron Patterson tenderlove@ruby-lang.org

• Rack::Session::Abstract::ID IS DEPRECATED. Please switch to

... (truncated)

Commits

• decd976 Bump version for release
• 957f596 Merge pull request #1268 from eileencodes/forwardport-pr-1249-to-2-0-stable
• 00e109e Merge pull request #1249 from mclark/handle-invalid-method-parameters
• 27c33b0 Stick with a passing version of Rubygems and bundler
• d4283e4 Leahize
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot ignore this [minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use [this|these] label[s] will set the current labels as the default for future PRs for this repo and language

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)

Finally, you can contact us by mentioning @dependabot.