chore(deps): bump rack and sinatra in /buildpacks/buildpack-multi/tests/multi

[dependabot]

Bumps rack and sinatra. These dependencies needed to be updated together.
Updates rack from 2.2.8 to 3.0.8

Release notes

Sourced from rack's releases.

v3.0.8

What's Changed

• Backport "Fix some unused variable verbose warnings" by @​skipkayhil in rack/rack#2084

New Contributors

• @​skipkayhil made their first contribution in rack/rack#2084

Full Changelog: rack/rack@v3.0.7...v3.0.8

v3.0.7

What's Changed

• Backport "Make query parameters without = have nil values". by @​jeremyevans in rack/rack#2060

Full Changelog: rack/rack@v3.0.6.1...v3.0.7

v3.0.6.1

No release notes provided.

v3.0.4.1

Full Changelog: rack/rack@v3.0.4...v3.0.4.1

v3.0.4

Full Changelog: rack/rack@v3.0.3...v3.0.4

v3.0.3

What's Changed

• Release v3.0.3 by @​ioquatix in rack/rack#2000

Full Changelog: rack/rack@v3.0.2...v3.0.3

v3.0.2

Full Changelog: rack/rack@v3.0.1...v3.0.2

Changelog

Sourced from rack's changelog.

[3.0.8] - 2023-06-14

• Fix some unused variable verbose warnings. (#2084, [@​jeremyevans], @​skipkayhil)

[3.0.7] - 2023-03-16

• Make query parameters without = have nil values. (#2059, [@​jeremyevans])

[3.0.6.1] - 2023-03-13

• [CVE-2023-27539] Avoid ReDoS in header parsing

[3.0.6] - 2023-03-13

• Add QueryParser#missing_value for handling missing values + tests. (#2052, [@​ioquatix])

[3.0.5] - 2023-03-13

• Split form/query parsing into two steps. (#2038, @​matthewd)

[3.0.4.2] - 2023-03-02

• [CVE-2023-27530] Introduce multipart_total_part_limit to limit total parts

[3.0.4.1] - 2023-01-17

• [CVE-2022-44571] Fix ReDoS vulnerability in multipart parser
• [CVE-2022-44570] Fix ReDoS in Rack::Utils.get_byte_ranges
• [CVE-2022-44572] Forbid control characters in attributes (also ReDoS)

[3.0.4] - 2023-01-17

• Rack::Request#POST should consistently raise errors. Cache errors that occur when invoking Rack::Request#POST so they can be raised again later. (#2010, [@​ioquatix])
• Fix Rack::Lint error message for HTTP_CONTENT_TYPE and HTTP_CONTENT_LENGTH. (#2007, @​byroot)
• Extend Rack::MethodOverride to handle QueryParser::ParamsTooDeepError error. (#2006, @​byroot)

[3.0.3] - 2022-12-27

Fixed

• Rack::URLMap uses non-deprecated form of Regexp.new. (#1998, @​weizheheng)

[3.0.2] -2022-12-05

Fixed

• Utils.build_nested_query URL-encodes nested field names including the square brackets.
• Allow Rack::Response to pass through streaming bodies. (#1993, [@​ioquatix])

[3.0.1] - 2022-11-18

... (truncated)

Commits

• d28c464 Bump patch verison.
• 32736d2 Fix some unused variable verbose warnings (#2084)
• 2429b7b Bump patch version.
• 94dd78b Update changelog.
• d38b456 Make query parameters without = have nil values (#2059) (#2060)
• 51e7a0f Merge branch '3-0-sec' into 3-0-stable
• 098d8e1 bump version
• 231ef36 Avoid ReDoS problem
• 54a9ed2 Update changelog.
• e9e9ae6 Bump patch version.
• Additional commits viewable in compare view

Updates sinatra from 3.1.0 to 1.0

Changelog

Sourced from sinatra's changelog.

3.1.0 / 2023-08-07

• New: Add sass support via sass-embedded #1911 by なつき

• New: Add start and stop callbacks #1913 by Jevin Sew

• New: Warn on dropping sessions #1900 by Jonathan del Strother

• New: Make Puma the default server #1924 by Patrik Ragnarsson

• Fix: Remove use of Tilt::Cache #1922 by Jeremy Evans (allows use of Tilt 2.2.0 without deprecation warning)

• Fix: rack-protection: specify rack version requirement #1932 by Patrik Ragnarsson

#1911: sinatra/sinatra#1911 #1913: sinatra/sinatra#1913 #1900: sinatra/sinatra#1900 #1924: sinatra/sinatra#1924 #1922: sinatra/sinatra#1922 #1932: sinatra/sinatra#1932

3.0.6 / 2023-04-11

• Fix: Add support to keep open streaming connections with Puma #1858 by Jordan Owens

• Fix: Avoid crash in uri helper on Integer input #1890 by Patrik Ragnarsson

• Fix: Rescue RuntimeError when trying to use SecureRandom #1888 by Stefan Sundin

3.0.5 / 2022-12-16

• Fix: Add Zeitwerk compatibility. #1831 by Dawid Janczak

• Fix: Allow CALLERS_TO_IGNORE to be overridden

3.0.4 / 2022-11-25

• Fix: Escape filename in the Content-Disposition header. #1841 by Kunpei Sakai

3.0.3 / 2022-11-11

• Fix: fixed ReDoS for Rack::Protection::IPSpoofing. #1823 by @​ooooooo-q

3.0.2 / 2022-10-01

• New: Add Haml 6 support. #1820 by Jordan Owens

3.0.1 / 2022-09-26

• Fix: Revert removal of rack-protection.rb. #1814 by Olle Jonsson

... (truncated)

Commits

• c496254 1.0
• e1638a4 skip haml / sass tests when they fail to load due to stupid bullshit
• 8a7dd92 mention pass blocks in CHANGES
• ccb66b0 get rid of backtrace cleaning
• b6701db 1.0.b release
• f5efc37 add a note about template compilation to CHANGES
• b72eb59 bring bundled tilt up to 0.8 for jruby fixes and cleaner APIs
• 754f116 README: better links to project website and mailing list
• 19efdf8 Merge branch 'compiling-tilt' into master
• ae34a6f work around ruby >= 1.8.7-p248 segfault bug #2781
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)