Shrine 3.8.0

Security

The file_system storage now prevents path traversal outside of the storage directory. Previously, an id containing ../ sequences (e.g. coming from attacker-controlled data) could resolve to a location outside of the configured storage directory. Now Shrine::Error is raised whenever an id would resolve outside of the storage directory:
```
storage = Shrine::Storage::FileSystem.new("uploads")
storage.open("../../etc/passwd") #~> Shrine::Error
```

The derivatives plugin now forwards options passed to Attacher#promote into Attacher#upload_derivatives. This means options such as upload options reach the derivatives upload as well, not just the main file.
```
attacher.promote(upload_options: { acl: "public-read" })
# the same options are now forwarded when uploading derivatives
```

The s3 storage again uses single-request uploads for smaller files, instead of always using multipart uploads. In Shrine 3.7.0, when a TransferManager was available, it was used for uploads of any size, but TransferManager uploads via multipart unconditionally, which is inefficient for smaller files. Now files at or below the multipart threshold (:upload, 15MB by default) are uploaded in a single request, and only larger files use multipart upload via the TransferManager (falling back to the older API when it's not available).