refactor(dependencies): Move webrick to be a pure development dependency.

[trammel]

Webrick was originally part of the pact application, but is now purely used to support testing.

Also, to quote Jeremy Evans ruby/webrick#145 (comment)

Webrick has not been part of Ruby since the release of Ruby 3.0, over three years ago. While this repository is under the ruby organization on GitHub, it is no longer considered part of Ruby.

Webrick should not be used in production. It is only still maintained because there are other gems relying it, most of which do so only for testing, and only because it is a pure ruby implementation and it was shipped with Ruby in the past.

As Webrick has recently seen a number of CVEs, pulling Webrick in to other codebases unecessarily causes security related maintenance.

It's still fine for testing.

[YOU54F]

makes sense Jonathon, cheers for the PR and reference link

[YOU54F]

Pretty sure webrick will still be pulled in however,

pact-ruby requires pact_mock-service here

webrick is a runtime dep in pact_mock-service here and used in a few places (search)

[trammel]

Oh well. It probably won't make much of a difference immediately, but if pact_mock-service ever switches to an alternative, then there's a little less cleanup in the future here.

Thanks for triple-checking the PR 😁

[YOU54F]

Agreed! Hopefully we may be able to, especially as we move towards leveraging the FFI for the rust based core.

What is the go to replacement for webrick these days? Might be worth adding an issue to track its removal over in pact_mock-service

Thanks for triple-checking the PR 😁

Pleasure dude!

[YOU54F]

Released as https://github.com/pact-foundation/pact-ruby/releases/tag/v1.65.2