Bump rack from 2.0.4 to 2.0.8

[brad-lewis]

Automated security updates showed these alerts:
`
Dependency Version Upgrade to
rack >= 2.0.0 ~> 2.0.6
< 2.0.6

Vulnerabilities
CVE-2019-16782 Low severity
CVE-2018-16471 Moderate severity
CVE-2018-16470 Moderate severity
`
Could we bump to 2.0.6?

[repeatedly]

I'm not sure what you say because td-agent, this is 3.5.1, doesn't include rack.

$ ls  
addressable-2.7.0        elasticsearch-transport-6.8.0           hirb-0.7.3             nokogiri-1.10.5          sigdump-0.2.4
aws-eventstream-1.0.3    excon-0.68.0                            http_parser.rb-0.6.0   ohai-6.20.0              strptime-0.2.3
aws-partitions-1.230.0   faraday-0.17.0                          httpclient-2.8.2.4     oj-3.7.12                systemu-2.5.2
aws-sdk-core-3.72.0      ffi-1.11.1                              ipaddress-0.8.3        parallel-1.18.0          td-0.16.5
aws-sdk-kms-1.25.0       fluent-config-regexp-type-1.0.0         jmespath-1.4.0         power_assert-0.4.1       td-client-1.0.7
aws-sdk-s3-1.52.0        fluent-logger-0.8.2                     ltsv-0.1.2             prometheus-client-0.9.0  td-logger-0.3.27
aws-sdk-sqs-1.23.0       fluent-plugin-elasticsearch-3.5.5       mini_portile2-2.4.0    public_suffix-4.0.1      test-unit-3.2.3
aws-sigv4-1.1.0          fluent-plugin-kafka-0.12.1              minitest-5.10.1        quantile-0.2.1           tzinfo-2.0.0
bundler-1.16.6           fluent-plugin-prometheus-1.7.0          mixlib-cli-1.7.0       rake-12.0.0              tzinfo-data-1.2019.3
concurrent-ruby-1.1.5    fluent-plugin-record-modifier-2.0.1     mixlib-config-2.2.4    rake-12.3.3              webhdfs-0.8.0
cool.io-1.5.4            fluent-plugin-rewrite-tag-filter-2.2.0  mixlib-log-1.7.1       rdkafka-0.7.0            xmlrpc-0.2.1
did_you_mean-1.1.0       fluent-plugin-s3-1.2.0                  mixlib-shellout-2.2.7  rdoc-5.0.1               yajl-ruby-1.4.1
dig_rb-1.0.1             fluent-plugin-td-1.0.0                  msgpack-1.2.9          ruby-kafka-0.7.10        zip-zip-0.3
digest-crc-0.4.1         fluent-plugin-td-monitoring-0.2.4       multi_json-1.14.1      ruby-progressbar-1.10.1
elasticsearch-6.8.0      fluent-plugin-webhdfs-1.2.4             multipart-post-2.1.1   rubyzip-2.0.0
elasticsearch-api-6.8.0  fluentd-1.7.4                           net-telnet-0.1.1       serverengine-2.1.1

[brad-lewis]

For my understanding then, what is the purpose of these references to rack?

$ git grep rack Gemfile.lock
Gemfile.lock: rack (~> 2.0)
Gemfile.lock: rack (2.0.4)

[repeatedly]

chef-zero has rack dependency for internal server but it is used for only td-agent building.
It is different from td-agent package.

[repeatedly]

We sometimes update build tool dependency, so rack will be updated together.