Security: Bump uri dependency to 1.0.3 to address CVE-2025-27221

Hello. We're currently using your gem (thank you!), and our Vanta account is flagging that in this repo's Gemfile.lock it is still using `uri` 1.0.2, which has an active CVE ([CVE-2025-27221](https://nvd.nist.gov/vuln/detail/CVE-2025-27221)). The fix was released in `uri` 1.0.3. Would you be so kind as to bump that dependency or would you be open to a PR that does so? Thank you for your time.