Historically, the "rack" gem was not part of Rails LTS, simply because it was maintained and released separate from Ruby on Rails. However, since Rails cannot work without Rack, and since Rack did have a few minor security vulnerabilities, we've been maintaining forks of Rack on Github for a while.
This has now changed and Rack is now a core gem of Rails LTS. This means:
- We are committed to maintaining and patching Rack, and will make sure it works on the same Ruby versions that Rails LTS supports.
- We will serve rack over our gem server.
You are not forced to switch to the LTS version of rack, but we do recommend it. To do this, add rack to the appropriate section of your Gemfile:
source 'https://username:password@gems.railslts.com' do
gem 'rails', '~>x.x.x'
gem 'actionmailer', :require => false
# ...
gem 'rack', :require => false # <--- add this
end
Then run bundle update rack
.
Note on versions
We only maintain the newest supported Rack version for each version of Rails. Specifically:
- rack 1.4.7.x for Rails 2.3 LTS and Rails 3.2 LTS
- rack 1.6.13.x for Rails 4.2 LTS
- rack 2.2.9.x for Rails 5.2 LTS and Rails 6.2 LTS
For Rails 5.2 users this will potentially be a minor version update. We are not aware of changes that are likely to impact a Rails app. Ruby 2.2 users can use the LTS version of rack 2.2.9, even though the public version for rack 2.2.9 required a newer Ruby.