sinatra 3.2.0 → 4.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6eddf8c0c677b8b8b7f15bb03834147034ead41bc6310bf773ac84712bb43a14
-  data.tar.gz: c35de3457f199d57a3c8a4419bd0ad113df38ba071cfffbcc79311db910bc1cb
+  metadata.gz: 931652dc91884a733d4cab3fd2679533de8a78d80a9c7d19d2cecf2798a678c6
+  data.tar.gz: b6b633d00b67e7318547f5b066aeee0956ecd8b448f910f829d2cf33cb2d208c
 SHA512:
-  metadata.gz: 33e0785425af5a32c7e09d95e2d11e02d83cdda1d907b34197c63642bfec81cd04a40ffc2e25486fe45af66d9a681f57c41d083d7bc56f24b69f1cf4b3a478f6
-  data.tar.gz: 6aa65f3b65c819171bcadb61a3a43c3ff7af748d29a9177dbd02549229e3b9fa64b338d0404383b97615e74aa5381dd8a4c997edbf86ca0e8a2970e0213b2ece
+  metadata.gz: 8181093ece483ffdde4f660feb8c9bfe821260fa7af456820a0ecbafcd74a2932a835f7bee35b79d070755bb36b75d14077aa3e9fbf9ee8a33eebd92f13195ba
+  data.tar.gz: 280db78b6907477f15d9bdb9def5985f6ef62a70e697c61f85d00dc35a0e21397656d5ab862ee17fbafe05ff5e45c1eac1d14dfa73d75cb1e4f5d4e91f81001b

data/CHANGELOG.md

@@ -1,6 +1,54 @@
-## Unreleased
+## 4.0.1 / 2025-05-24
 
-* _Your new feature here._
+* Rack 3.1 compatibility ([#2035])
+
+* Fix malformed Content-Type headers ([#2081])
+
+* Avoid crash for integer values in `content_type` parameters ([#2078])
+
+* Fix compatibility with --enable-frozen-string-literal ([#2033])
+
+* Declare missing dependencies for Ruby 3.5 ([#2032])
+
+* Fix warning about Hash construction. ([#2028])
+
+* Support Zeitwerk 2.7.0+ ([#2050])
+
+* Address URI depreciation ([#2060])
+
+[#2035]: https://github.com/sinatra/sinatra/pull/2035
+[#2081]: https://github.com/sinatra/sinatra/pull/2081
+[#2078]: https://github.com/sinatra/sinatra/pull/2078
+[#2033]: https://github.com/sinatra/sinatra/pull/2033
+[#2032]: https://github.com/sinatra/sinatra/pull/2032
+[#2028]: https://github.com/sinatra/sinatra/pull/2028
+[#2050]: https://github.com/sinatra/sinatra/pull/2050
+[#2060]: https://github.com/sinatra/sinatra/pull/2060
+
+## 4.0.0. / 2024-01-19
+
+* New: Add support for Rack 3 ([#1857])
+  * Note: you may want to read the [Rack 3 Upgrade Guide]
+
+* Require Ruby 2.7.8 as minimum Ruby version ([#1993])
+
+* Breaking change: Drop support for Rack 2 ([#1857])
+  * Note: when using Sinatra to start the web server, you now need the `rackup` gem installed
+
+* Breaking change: Remove the `IndifferentHash` initializer ([#1982])
+
+* Breaking change: Disable `session_hijacking` protection by default ([#1984])
+
+* Breaking change: Remove `Rack::Protection::EncryptedCookie` ([#1989])
+  * Note: cookies are still encrypted (by [`Rack::Session::Cookie`])
+
+[#1857]: https://github.com/sinatra/sinatra/pull/1857
+[#1993]: https://github.com/sinatra/sinatra/pull/1993
+[#1982]: https://github.com/sinatra/sinatra/pull/1982
+[#1984]: https://github.com/sinatra/sinatra/pull/1984
+[#1989]: https://github.com/sinatra/sinatra/pull/1989
+[`Rack::Session::Cookie`]: https://github.com/rack/rack-session
+[Rack 3 Upgrade Guide]: https://github.com/rack/rack/blob/main/UPGRADE-GUIDE.md
 
 ## 3.2.0 / 2023-12-29
 
@@ -23,7 +71,7 @@
 [#1949]: https://github.com/sinatra/sinatra/pull/1949
 [#1952]: https://github.com/sinatra/sinatra/pull/1952
 [#1960]: https://github.com/sinatra/sinatra/pull/1960
-[#1975]: https://github.com/sinatra/sinatra/pull/1960
+[#1975]: https://github.com/sinatra/sinatra/pull/1975
 
 ## 3.1.0 / 2023-08-07
 

data/Gemfile

@@ -1,13 +1,5 @@
 # frozen_string_literal: true
 
-# Why use bundler?
-# Well, not all development dependencies install on all rubies. Moreover, `gem
-# install sinatra --development` doesn't work, as it will also try to install
-# development dependencies of our dependencies, and those are not conflict free.
-# So, here we are, `bundle install`.
-#
-# If you have issues with a gem: `bundle install --without-coffee-script`.
-
 source 'https://rubygems.org'
 gemspec
 
@@ -18,11 +10,22 @@ rack_version = nil if rack_version.empty? || (rack_version == 'stable')
 rack_version = { github: 'rack/rack' } if rack_version == 'head'
 gem 'rack', rack_version
 
+rack_session_version = ENV['rack_session'].to_s
+rack_session_version = nil if rack_session_version.empty? || (rack_session_version == 'stable')
+rack_session_version = { github: 'rack/rack-session' } if rack_session_version == 'head'
+gem 'rack-session', rack_session_version
+
+gem 'rackup'
+
 puma_version = ENV['puma'].to_s
 puma_version = nil if puma_version.empty? || (puma_version == 'stable')
 puma_version = { github: 'puma/puma' } if puma_version == 'head'
 gem 'puma', puma_version
 
+zeitwerk_version = ENV['zeitwerk'].to_s
+zeitwerk_version = nil if zeitwerk_version.empty? || (zeitwerk_version == 'stable')
+gem 'zeitwerk', zeitwerk_version
+
 gem 'minitest', '~> 5.0'
 gem 'rack-test'
 gem 'rubocop', '~> 1.32.0', require: false
@@ -31,15 +34,9 @@ gem 'yard' # used by rake doc
 gem 'rack-protection', path: 'rack-protection'
 gem 'sinatra-contrib', path: 'sinatra-contrib'
 
-# traces 0.10.0 started to use Ruby 2.7 syntax without specifying required Ruby version
-# https://github.com/socketry/traces/pull/8#discussion_r1237988182
-# async-http 0.60.2 added traces 0.10.0 as dependency
-# https://github.com/socketry/async-http/pull/124/files#r1237988899
-gem 'traces', '< 0.10.0' if RUBY_VERSION >= '2.6.0' && RUBY_VERSION < '2.7.0'
-
 gem 'asciidoctor'
 gem 'builder'
-gem 'childprocess'
+gem 'childprocess', '>= 5'
 gem 'commonmarker', '~> 0.23.4', platforms: [:ruby]
 gem 'erubi'
 gem 'eventmachine'
@@ -47,25 +44,22 @@ gem 'falcon', '~> 0.40', platforms: [:ruby]
 gem 'haml', '~> 6'
 gem 'kramdown'
 gem 'liquid'
-# markaby 0.9.1 introduced Ruby 2.7 syntax in https://github.com/markaby/markaby/pull/44
-# and does not specify required_ruby_version
-if RUBY_VERSION >= '2.6.0' && RUBY_VERSION < '2.7.0'
-  gem 'markaby', '< 0.9.1'
-else
-  gem 'markaby'
-end
+gem 'markaby'
 gem 'nokogiri', '> 1.5.0'
+gem 'ostruct'
 gem 'pandoc-ruby', '~> 2.0.2'
 gem 'rabl'
-if RUBY_ENGINE == 'truffleruby'
-  gem 'rdiscount', '< 2.2.7.2' # https://github.com/oracle/truffleruby/issues/3362
-else
-  gem 'rdiscount', platforms: [:ruby]
-end
+gem 'rdiscount', platforms: [:ruby]
 gem 'rdoc'
 gem 'redcarpet', platforms: [:ruby]
-gem 'sass-embedded', '~> 1.54'
 gem 'simplecov', require: false
-gem 'slim', '~> 4'
+gem 'slim', '~> 5'
 gem 'yajl-ruby', platforms: [:ruby]
-gem 'zeitwerk'
+
+# sass-embedded depends on google-protobuf
+# which fails to be installed on JRuby and TruffleRuby under aarch64
+# https://github.com/jruby/jruby/issues/8062
+# https://github.com/protocolbuffers/protobuf/issues/11935
+java    = %w(jruby truffleruby).include?(RUBY_ENGINE)
+aarch64 = RbConfig::CONFIG["target_cpu"] == 'aarch64'
+gem 'sass-embedded', '~> 1.54' unless java && aarch64

data/README.md

@@ -1922,7 +1922,7 @@ set :protection, :except => :path_traversal
 You can also hand in an array in order to disable a list of protections:
 
 ```ruby
-set :protection, :except => [:path_traversal, :session_hijacking]
+set :protection, :except => [:path_traversal, :remote_token]
 ```
 
 By default, Sinatra will only set up session based protection if `:sessions`
@@ -2820,30 +2820,24 @@ uses a threaded model of concurrency.
 
 The following Ruby versions are officially supported:
 <dl>
-  <dt>Ruby 2.6</dt>
+  <dt>Ruby</dt>
   <dd>
-    2.6 is fully supported and recommended. There are currently no plans to
-    drop official support for it.
+    <a href="https://www.ruby-lang.org/en/downloads/">The stable releases</a> are fully supported and recommended.
   </dd>
 
-  <dt>Rubinius</dt>
+  <dt>TruffleRuby</dt>
   <dd>
-    Rubinius is officially supported (Rubinius >= 2.x). It is recommended to
-    <tt>gem install puma</tt>.
+    The latest stable release of TruffleRuby is supported.
   </dd>
 
   <dt>JRuby</dt>
   <dd>
-    The latest stable release of JRuby is officially supported. It is not
-    recommended to use C extensions with JRuby. It is recommended to
-    <tt>gem install trinidad</tt>.
+    The latest stable release of JRuby is supported. It is not
+    recommended to use C extensions with JRuby.
   </dd>
 </dl>
 
-Versions of Ruby before 2.6 are no longer supported as of Sinatra 3.0.0.
-
-We also keep an eye on upcoming Ruby versions. Expect upcoming
-3.x releases to be fully supported.
+Versions of Ruby before 2.7.8 are no longer supported as of Sinatra 4.0.0.
 
 Sinatra should work on any operating system supported by the chosen Ruby
 implementation.

data/VERSION

@@ -1 +1 @@
-3.2.0
+4.0.1

data/lib/sinatra/base.rb

@@ -2,8 +2,13 @@
 
 # external dependencies
 require 'rack'
+begin
+  require 'rackup'
+rescue LoadError
+end
 require 'tilt'
 require 'rack/protection'
+require 'rack/session'
 require 'mustermann'
 require 'mustermann/sinatra'
 require 'mustermann/regular'
@@ -17,6 +22,8 @@ require 'sinatra/indifferent_hash'
 require 'sinatra/show_exceptions'
 require 'sinatra/version'
 
+require_relative 'middleware/logger'
+
 module Sinatra
   # The request object. See Rack::Request for more info:
   # https://rubydoc.info/github/rack/rack/main/Rack/Request
@@ -176,8 +183,8 @@ module Sinatra
       result = body
 
       if drop_content_info?
-        headers.delete 'Content-Length'
-        headers.delete 'Content-Type'
+        headers.delete 'content-length'
+        headers.delete 'content-type'
       end
 
       if drop_body?
@@ -186,9 +193,9 @@ module Sinatra
       end
 
       if calculate_content_length?
-        # if some other code has already set Content-Length, don't muck with it
+        # if some other code has already set content-length, don't muck with it
         # currently, this would be the static file-handler
-        headers['Content-Length'] = body.map(&:bytesize).reduce(0, :+).to_s
+        headers['content-length'] = body.map(&:bytesize).reduce(0, :+).to_s
       end
 
       [status, headers, result]
@@ -197,7 +204,7 @@ module Sinatra
     private
 
     def calculate_content_length?
-      headers['Content-Type'] && !headers['Content-Length'] && (Array === body)
+      headers['content-type'] && !headers['content-length'] && (Array === body)
     end
 
     def drop_content_info?
@@ -289,10 +296,8 @@ module Sinatra
         def block.each; yield(call) end
         response.body = block
       elsif value
-        # Rack 2.0 returns a Rack::File::Iterator here instead of
-        # Rack::File as it was in the previous API.
-        unless request.head? || value.is_a?(Rack::Files::Iterator) || value.is_a?(Stream)
-          headers.delete 'Content-Length'
+        unless request.head? || value.is_a?(Rack::Files::BaseIterator) || value.is_a?(Stream)
+          headers.delete 'content-length'
         end
         response.body = value
       else
@@ -302,7 +307,10 @@ module Sinatra
 
     # Halt processing and redirect to the URI provided.
     def redirect(uri, *args)
-      if (env['HTTP_VERSION'] == 'HTTP/1.1') && (env['REQUEST_METHOD'] != 'GET')
+      # SERVER_PROTOCOL is required in Rack 3, fall back to HTTP_VERSION
+      # for servers not updated for Rack 3 (like Puma 5)
+      http_version = env['SERVER_PROTOCOL'] || env['HTTP_VERSION']
+      if (http_version == 'HTTP/1.1') && (env['REQUEST_METHOD'] != 'GET')
         status 303
       else
         status 302
@@ -372,10 +380,10 @@ module Sinatra
       Base.mime_type(type)
     end
 
-    # Set the Content-Type of the response body given a media type or file
+    # Set the content-type of the response body given a media type or file
     # extension.
     def content_type(type = nil, params = {})
-      return response['Content-Type'] unless type
+      return response['content-type'] unless type
 
       default = params.delete :default
       mime_type = mime_type(type) || default
@@ -387,13 +395,13 @@ module Sinatra
       end
       params.delete :charset if mime_type.include? 'charset'
       unless params.empty?
-        mime_type << (mime_type.include?(';') ? ', ' : ';')
+        mime_type << ';'
         mime_type << params.map do |key, val|
-          val = val.inspect if val =~ /[";,]/
+          val = val.inspect if val.to_s =~ /[";,]/
           "#{key}=#{val}"
-        end.join(', ')
+        end.join(';')
       end
-      response['Content-Type'] = mime_type
+      response['content-type'] = mime_type
     end
 
     # https://html.spec.whatwg.org/#multipart-form-data
@@ -412,12 +420,12 @@ module Sinatra
       params = format('; filename="%s"', File.basename(filename).gsub(/["\r\n]/, MULTIPART_FORM_DATA_REPLACEMENT_TABLE))
       response['Content-Disposition'] << params
       ext = File.extname(filename)
-      content_type(ext) unless response['Content-Type'] || ext.empty?
+      content_type(ext) unless response['content-type'] || ext.empty?
     end
 
     # Use the contents of the file at +path+ as the response body.
     def send_file(path, opts = {})
-      if opts[:type] || !response['Content-Type']
+      if opts[:type] || !response['content-type']
         content_type opts[:type] || File.extname(path), default: 'application/octet-stream'
       end
 
@@ -433,7 +441,7 @@ module Sinatra
       result = file.serving(request, path)
 
       result[1].each { |k, v| headers[k] ||= v }
-      headers['Content-Length'] = result[1]['Content-Length']
+      headers['content-length'] = result[1]['content-length']
       opts[:status] &&= Integer(opts[:status])
       halt (opts[:status] || result[0]), result[2]
     rescue Errno::ENOENT
@@ -966,7 +974,7 @@ module Sinatra
     include Helpers
     include Templates
 
-    URI_INSTANCE = URI::Parser.new
+    URI_INSTANCE = defined?(URI::RFC2396_PARSER) ? URI::RFC2396_PARSER : URI::RFC2396_Parser.new
 
     attr_accessor :app, :env, :request, :response, :params
     attr_reader   :template_cache
@@ -995,7 +1003,7 @@ module Sinatra
       invoke { dispatch! }
       invoke { error_block!(response.status) } unless @env['sinatra.error']
 
-      unless @response['Content-Type']
+      unless @response['content-type']
         if Array === body && body[0].respond_to?(:content_type)
           content_type body[0].content_type
         elsif (default = settings.default_content_type)
@@ -1058,7 +1066,7 @@ module Sinatra
       routes = base.routes[@request.request_method]
 
       routes&.each do |pattern, conditions, block|
-        response.delete_header('Content-Type') unless @pinned_response
+        response.delete_header('content-type') unless @pinned_response
 
         returned_pass_block = process_route(pattern, conditions) do |*args|
           env['sinatra.route'] = "#{@request.request_method} #{pattern}"
@@ -1179,7 +1187,7 @@ module Sinatra
       invoke do
         static! if settings.static? && (request.get? || request.head?)
         filter! :before do
-          @pinned_response = !response['Content-Type'].nil?
+          @pinned_response = !response['content-type'].nil?
         end
         route!
       end
@@ -1286,7 +1294,7 @@ module Sinatra
         /active_support/,                                   # active_support require hacks
         %r{bundler(/(?:runtime|inline))?\.rb},              # bundler require hacks
         /<internal:/,                                       # internal in ruby >= 1.9.2
-        %r{zeitwerk/kernel\.rb}                             # Zeitwerk kernel#require decorator
+        %r{zeitwerk/(core_ext/)?kernel\.rb}                 # Zeitwerk kernel#require decorator
       ].freeze
 
       attr_reader :routes, :filters, :templates, :errors, :on_start_callback, :on_stop_callback
@@ -1460,7 +1468,13 @@ module Sinatra
       #   mime_types :js   # => ['application/javascript', 'text/javascript']
       def mime_types(type)
         type = mime_type type
-        type =~ %r{^application/(xml|javascript)$} ? [type, "text/#{$1}"] : [type]
+        if type =~ %r{^application/(xml|javascript)$}
+          [type, "text/#{$1}"]
+        elsif type =~ %r{^text/(xml|javascript)$}
+          [type, "application/#{$1}"]
+        else
+          [type]
+        end
       end
 
       # Define a before filter; runs before all requests within the same
@@ -1589,10 +1603,27 @@ module Sinatra
       # Puma, Falcon, or WEBrick (in that order). If given a block, will call
       # with the constructed handler once we have taken the stage.
       def run!(options = {}, &block)
+        unless defined?(Rackup::Handler)
+          rackup_warning = <<~MISSING_RACKUP
+            Sinatra could not start, the "rackup" gem was not found!
+
+            Add it to your bundle with:
+
+                bundle add rackup
+
+            or install it with:
+
+                gem install rackup
+
+          MISSING_RACKUP
+          warn rackup_warning
+          exit 1
+        end
+
         return if running?
 
         set options
-        handler         = Rack::Handler.pick(server)
+        handler         = Rackup::Handler.pick(server)
         handler_name    = handler.name.gsub(/.*::/, '')
         server_settings = settings.respond_to?(:server_settings) ? settings.server_settings : {}
         server_settings.merge!(Port: port, Host: bind)
@@ -1724,7 +1755,7 @@ module Sinatra
         types.map! { |t| mime_types(t) }
         types.flatten!
         condition do
-          response_content_type = response['Content-Type']
+          response_content_type = response['content-type']
           preferred_type = request.preferred_type(types)
 
           if response_content_type
@@ -1806,7 +1837,7 @@ module Sinatra
       end
 
       def setup_null_logger(builder)
-        builder.use Rack::NullLogger
+        builder.use Sinatra::Middleware::Logger, ::Logger::FATAL
       end
 
       def setup_common_logger(builder)
@@ -1815,9 +1846,9 @@ module Sinatra
 
       def setup_custom_logger(builder)
         if logging.respond_to? :to_int
-          builder.use Rack::Logger, logging
+          builder.use Sinatra::Middleware::Logger, logging
         else
-          builder.use Rack::Logger
+          builder.use Sinatra::Middleware::Logger
         end
       end
 
@@ -1901,7 +1932,7 @@ module Sinatra
     set :dump_errors, proc { !test? }
     set :show_exceptions, proc { development? }
     set :sessions, false
-    set :session_store, Rack::Protection::EncryptedCookie
+    set :session_store, Rack::Session::Cookie
     set :logging, false
     set :protection, true
     set :method_override, false

data/lib/sinatra/indifferent_hash.rb

@@ -43,12 +43,6 @@ module Sinatra
       new.merge!(Hash[*args])
     end
 
-    def initialize(*args)
-      args.map!(&method(:convert_value))
-
-      super(*args)
-    end
-
     def default(*args)
       args.map!(&method(:convert_key))
 

data/lib/sinatra/middleware/logger.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+require 'logger'
+
+module Sinatra
+  module Middleware
+    class Logger
+      def initialize(app, level = ::Logger::INFO)
+        @app, @level = app, level
+      end
+
+      def call(env)
+        logger = ::Logger.new(env[Rack::RACK_ERRORS])
+        logger.level = @level
+
+        env[Rack::RACK_LOGGER] = logger
+        @app.call(env)
+      end
+    end
+  end
+end

data/lib/sinatra/show_exceptions.rb

@@ -38,8 +38,8 @@ module Sinatra
       [
         500,
         {
-          'Content-Type' => content_type,
-          'Content-Length' => body.bytesize.to_s
+          'content-type' => content_type,
+          'content-length' => body.bytesize.to_s
         },
         [body]
       ]

data/lib/sinatra/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Sinatra
-  VERSION = '3.2.0'
+  VERSION = '4.0.1'
 end

data/sinatra.gemspec

@@ -40,13 +40,16 @@ RubyGems 2.0 or newer is required to protect against public gem pushes. You can
     'homepage_uri' => 'http://sinatrarb.com/',
     'bug_tracker_uri' => 'https://github.com/sinatra/sinatra/issues',
     'mailing_list_uri' => 'http://groups.google.com/group/sinatrarb',
-    'documentation_uri' => 'https://www.rubydoc.info/gems/sinatra'
+    'documentation_uri' => 'https://www.rubydoc.info/gems/sinatra',
+    'rubygems_mfa_required' => 'true',
   }
 
-  s.required_ruby_version = '>= 2.6.0'
+  s.required_ruby_version = '>= 2.7.8'
 
+  s.add_dependency 'logger', '>= 1.6.0'
   s.add_dependency 'mustermann', '~> 3.0'
-  s.add_dependency 'rack', '~> 2.2', '>= 2.2.4'
+  s.add_dependency 'rack', '>= 3.0.0', '< 4'
   s.add_dependency 'rack-protection', version
+  s.add_dependency 'rack-session', '>= 2.0.0', '< 3'
   s.add_dependency 'tilt', '~> 2.0'
 end

metadata

@@ -1,18 +1,31 @@
 --- !ruby/object:Gem::Specification
 name: sinatra
 version: !ruby/object:Gem::Version
-  version: 3.2.0
+  version: 4.0.1
 platform: ruby
 authors:
 - Blake Mizerany
 - Ryan Tomayko
 - Simon Rozet
 - Konstantin Haase
-autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-12-29 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: logger
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.6.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.6.0
 - !ruby/object:Gem::Dependency
   name: mustermann
   requirement: !ruby/object:Gem::Requirement
@@ -31,36 +44,56 @@ dependencies:
   name: rack
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.2'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.2.4
+        version: 3.0.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '4'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.2'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 2.2.4
+        version: 3.0.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '4'
 - !ruby/object:Gem::Dependency
   name: rack-protection
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.2.0
+        version: 4.0.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 3.2.0
+        version: 4.0.1
+- !ruby/object:Gem::Dependency
+  name: rack-session
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3'
 - !ruby/object:Gem::Dependency
   name: tilt
   requirement: !ruby/object:Gem::Requirement
@@ -81,8 +114,8 @@ email: sinatrarb@googlegroups.com
 executables: []
 extensions: []
 extra_rdoc_files:
-- README.md
 - LICENSE
+- README.md
 files:
 - ".yardopts"
 - AUTHORS.md
@@ -105,6 +138,7 @@ files:
 - lib/sinatra/images/500.png
 - lib/sinatra/indifferent_hash.rb
 - lib/sinatra/main.rb
+- lib/sinatra/middleware/logger.rb
 - lib/sinatra/show_exceptions.rb
 - lib/sinatra/version.rb
 - sinatra.gemspec
@@ -118,7 +152,7 @@ metadata:
   bug_tracker_uri: https://github.com/sinatra/sinatra/issues
   mailing_list_uri: http://groups.google.com/group/sinatrarb
   documentation_uri: https://www.rubydoc.info/gems/sinatra
-post_install_message: 
+  rubygems_mfa_required: 'true'
 rdoc_options:
 - "--line-numbers"
 - "--title"
@@ -132,15 +166,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.6.0
+      version: 2.7.8
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.3
-signing_key: 
+rubygems_version: 3.6.7
 specification_version: 4
 summary: Classy web-development dressed in a DSL
 test_files: []