dependabot[bot] opened a new pull request, #2810: URL: https://github.com/apache/iceberg-rust/pull/2810
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.12.28 to 0.13.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/releases">reqwest's releases</a>.</em></p> <blockquote> <h2>v0.13.4</h2> <h2>tl;dr</h2> <ul> <li>Add <code>ClientBuilder::tls_sslkeylogfile(bool)</code> option to allow using the related environment variable.</li> <li>Add <code>ClientBuilder::http2_keep_alive_*</code> options for the <code>blocking</code> client.</li> <li>Add TLS 1.3 support when using <code>native-tls</code> backend.</li> <li>Fix redirect handling to strip sensitive headers when the scheme changes.</li> <li>Fix HTTP/3 happy-eyeball connection creation.</li> <li>Upgrade hickory-resolver to 0.26.</li> </ul> <h2>What's Changed</h2> <ul> <li>fix(tls): improve rustls-no-provider panic message and add module docs by <a href="https://github.com/smythg4"><code>@smythg4</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/3021">seanmonstar/reqwest#3021</a></li> <li>fix: do not lose the url in error when decoding json by <a href="https://github.com/Dushistov"><code>@Dushistov</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/3026">seanmonstar/reqwest#3026</a></li> <li>Add tls_sslkeylogfile builder method by <a href="https://github.com/passcod"><code>@passcod</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2923">seanmonstar/reqwest#2923</a></li> <li>fix(redirect): strip sensitive headers on scheme change across redirects by <a href="https://github.com/SAY-5"><code>@SAY-5</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/3034">seanmonstar/reqwest#3034</a></li> <li>chore: upgrade MSRV to 1.85 by <a href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/3038">seanmonstar/reqwest#3038</a></li> <li>chore: clean up minimal-versions CI job by <a href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/3039">seanmonstar/reqwest#3039</a></li> <li>fix(http3): use happy eyeballs for h3 connect by <a href="https://github.com/lyuzichong"><code>@lyuzichong</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/3030">seanmonstar/reqwest#3030</a></li> <li>fix: update hickory-resolver to 0.26 and adjust code accordingly by <a href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/3040">seanmonstar/reqwest#3040</a></li> <li>fix: remove unwrap in hickory initialization by <a href="https://github.com/mat813"><code>@mat813</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/3041">seanmonstar/reqwest#3041</a></li> <li>feat(https): support TLS 1.3 as min version under native-tls 🎉 by <a href="https://github.com/AverageHelper"><code>@AverageHelper</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2975">seanmonstar/reqwest#2975</a></li> <li>Expose keep alive configurations in blocking client by <a href="https://github.com/aeb-dev"><code>@aeb-dev</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/3043">seanmonstar/reqwest#3043</a></li> <li>Prepare v0.13.4 by <a href="https://github.com/seanmonstar"><code>@seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/3046">seanmonstar/reqwest#3046</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/smythg4"><code>@smythg4</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/3021">seanmonstar/reqwest#3021</a></li> <li><a href="https://github.com/Dushistov"><code>@Dushistov</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/3026">seanmonstar/reqwest#3026</a></li> <li><a href="https://github.com/SAY-5"><code>@SAY-5</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/3034">seanmonstar/reqwest#3034</a></li> <li><a href="https://github.com/mat813"><code>@mat813</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/3041">seanmonstar/reqwest#3041</a></li> <li><a href="https://github.com/AverageHelper"><code>@AverageHelper</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2975">seanmonstar/reqwest#2975</a></li> <li><a href="https://github.com/aeb-dev"><code>@aeb-dev</code></a> made their first contribution in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/3043">seanmonstar/reqwest#3043</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/seanmonstar/reqwest/compare/v0.13.3...v0.13.4">https://github.com/seanmonstar/reqwest/compare/v0.13.3...v0.13.4</a></p> <h2>v0.13.3</h2> <h2>tl;dr</h2> <ul> <li>Fix CertificateRevocationList parsing of PEM values.</li> <li>Fix logging in resolver to only show host, not full URL.</li> <li>Fix hickory-dns to fallback to a default if <code>/etc/resolv.conf</code> fails.</li> <li>Fix HTTP/3 to handle <code>STOP_SENDING</code> as not an error.</li> <li>Fix HTTP/3 pool to remove timed out QUIC connections.</li> <li>Fix HTTP/3 connection establishment picking IPv4 and IPv6.</li> <li>Upgrade rustls-platform-verifier.</li> <li>(wasm) Only use wasm-bindgen on unknown-* targets.</li> </ul> <h2>What's Changed</h2> <ul> <li>Update docs.rs Features by <a href="https://github.com/JamesWiresmith"><code>@JamesWiresmith</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2961">seanmonstar/reqwest#2961</a></li> <li>fix: fallback to hickory_resolver's default config if reading /etc/resolv.conf fails by <a href="https://github.com/monosans"><code>@monosans</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2797">seanmonstar/reqwest#2797</a></li> <li>fix: remove timeout con by <a href="https://github.com/cuiweixie"><code>@cuiweixie</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2967">seanmonstar/reqwest#2967</a></li> <li>http3: handle stop_sending without error by <a href="https://github.com/anuraaga"><code>@anuraaga</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2978">seanmonstar/reqwest#2978</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md">reqwest's changelog</a>.</em></p> <blockquote> <h2>v0.13.4</h2> <ul> <li>Add <code>ClientBuilder::tls_sslkeylogfile(bool)</code> option to allow using the related environment variable.</li> <li>Add <code>ClientBuilder::http2_keep_alive_*</code> options for the <code>blocking</code> client.</li> <li>Add TLS 1.3 support when using <code>native-tls</code> backend.</li> <li>Fix redirect handling to strip sensitive headers when the scheme changes.</li> <li>Fix HTTP/3 happy-eyeball connection creation.</li> <li>Upgrade hickory-resolver to 0.26.</li> </ul> <h2>v0.13.3</h2> <ul> <li>Fix CertificateRevocationList parsing of PEM values.</li> <li>Fix logging in resolver to only show host, not full URL.</li> <li>Fix hickory-dns to fallback to a default if <code>/etc/resolv.conf</code> fails.</li> <li>Fix HTTP/3 to handle <code>STOP_SENDING</code> as not an error.</li> <li>Fix HTTP/3 pool to remove timed out QUIC connections.</li> <li>Fix HTTP/3 connection establishment picking IPv4 and IPv6.</li> <li>Upgrade rustls-platform-verifier.</li> <li>(wasm) Only use wasm-bindgen on unknown-* targets.</li> </ul> <h2>v0.13.2</h2> <ul> <li>Fix HTTP/2 and native-tls ALPN feature combinations.</li> <li>Fix HTTP/3 to send h3 ALPN.</li> <li>(wasm) fix <code>RequestBuilder::json()</code> from override previously set content-type.</li> </ul> <h2>v0.13.1</h2> <ul> <li>Fixes compiling with rustls on Android targets.</li> </ul> <h1>v0.13.0</h1> <ul> <li><strong>Breaking changes</strong>: <ul> <li><code>rustls</code> is now the default TLS backend, instead of <code>native-tls</code>.</li> <li><code>rustls</code> crypto provider defaults to aws-lc instead of <em>ring</em>. (<code>rustls-no-provider</code> exists if you want a different crypto provider)</li> <li><code>rustls-tls</code> has been renamed to <code>rustls</code>.</li> <li>rustls roots features removed, <code>rustls-platform-verifier</code> is used by default. <ul> <li>To use different roots, call <code>tls_certs_only(your_roots)</code>.</li> </ul> </li> <li><code>native-tls</code> now includes ALPN. To disable, use <code>native-tls-no-alpn</code>.</li> <li><code>query</code> and <code>form</code> are now crate features, disabled by default.</li> <li>Long-deprecated methods and crate features have been removed (such as <code>trust-dns</code>, which was renamed <code>hickory-dns</code> a while ago).</li> </ul> </li> <li>Many TLS-related methods renamed to improve autocompletion and discovery, but previous name left in place with a "soft" deprecation. (just documented, no warnings) <ul> <li>For example, prefer <code>tls_backend_rustls()</code> over <code>use_rustls_tls()</code>.</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/seanmonstar/reqwest/commit/11489b34eda6d32b15ad4033e62beba2ee401350"><code>11489b3</code></a> v0.13.4</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/d31ffbbf84ee718eb543fa203f25b9f78d02b5cd"><code>d31ffbb</code></a> feat: Expose HTTP2 keep alive configurations in blocking client (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/3043">#3043</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/79ed0d712b4f9f00ffecb5103593cbf460f5bfa5"><code>79ed0d7</code></a> feat: support TLS 1.3 as min version under native-tls 🎉 (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2975">#2975</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/fb7bf6ae6dace30613b964425cf2b6039e9d388f"><code>fb7bf6a</code></a> fix: remove unwrap in hickory initialization (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/3041">#3041</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/3da616fd4b5987e5b1f5f7e9f07d14b2cd603254"><code>3da616f</code></a> fix: update hickory-resolver to 0.26 and adjust code accordingly (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/3040">#3040</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/c77e7b2de5b706ec35629e0302feff8e82969d7d"><code>c77e7b2</code></a> fix(http3): use happy eyeballs for h3 connect (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/3030">#3030</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/9cbb65b3d3cd4ab05a859366bbb70e47bec7dc8c"><code>9cbb65b</code></a> chore: clean up minimal-versions CI job (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/3039">#3039</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/17a7dc5a893b64509ed2d539892fe35f5feee255"><code>17a7dc5</code></a> chore: upgrade MSRV to 1.85 (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/3038">#3038</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/03db63a48f35135c2f2c8b7aaa578217d5f678fe"><code>03db63a</code></a> fix(redirect): strip sensitive headers on scheme change across redirects (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/3034">#3034</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/4b813a89dcd97a4b283fda02bd458d44339850c7"><code>4b813a8</code></a> feat: add tls_sslkeylogfile builder method (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2923">#2923</a>)</li> <li>Additional commits viewable in <a href="https://github.com/seanmonstar/reqwest/compare/v0.12.28...v0.13.4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
