Allow thor 1.4 to fix a security issue

[andreavocado]

Thor < 1.4 has a security issue, see: GHSA-mqcp-p2hv-vw6x

gush should widen its dependency, so all clients are able to get this security fix.

[btihen]

The following PR #131 allows the usage of Thor 1.4
Feel free to try it at https://github.com/btihen/gush/tree/address_security_flaw_allow_thor_1_4 if you are in a rush

[adurgin]

Is there a reason why this update cannot be made?