search

DataDog / datadog-static-analyzer

Datadog Static Analyzer
https://docs.datadoghq.com/static_analysis/
Apache License 2.0
100 stars 12 forks source link

Update reqwest requirement from 0.11 to 0.12 #496

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Updates the requirements on reqwest to permit the latest version.

Release notes

Sourced from reqwest's releases.

v0.12.6

What's Changed

  • Add support for danger_accept_invalid_hostnames for rustls.
  • Add impl Service<http::Request<Body>> for Client and &'_ Client.
  • Add support for !Sync bodies in Body::wrap_stream().
  • Enable happy eyeballs when hickory-dns is used.
  • Fix Proxy so that HTTP(S)_PROXY values take precendence over ALL_PROXY.
  • Fix blocking::RequestBuilder::header() from unsetting sensitive on passed header values.

New Contributors

Thanks again

Full Changelog: https://github.com/seanmonstar/reqwest/compare/v0.12.5...v0.12.6

Changelog

Sourced from reqwest's changelog.

v0.12.6

  • Add support for danger_accept_invalid_hostnames for rustls.
  • Add impl Service<http::Request<Body>> for Client and &'_ Client.
  • Add support for !Sync bodies in Body::wrap_stream().
  • Enable happy eyeballs when hickory-dns is used.
  • Fix Proxy so that HTTP(S)_PROXY values take precendence over ALL_PROXY.
  • Fix blocking::RequestBuilder::header() from unsetting sensitive on passed header values.

v0.12.5

  • Add blocking::ClientBuilder::dns_resolver() method to change DNS resolver in blocking client.
  • Add http3 feature back, still requiring reqwest_unstable.
  • Add rustls-tls-no-provider Cargo feature to use rustls without a crypto provider.
  • Fix Accept-Encoding header combinations.
  • Fix http3 resolving IPv6 addresses.
  • Internal: upgrade to rustls 0.23.

v0.12.4

  • Add zstd support, enabled with zstd Cargo feature.
  • Add ClientBuilder::read_timeout(Duration), which applies the duration for each read operation. The timeout resets after a successful read.

v0.12.3

  • Add FromStr for dns::Name.
  • Add ClientBuilder::built_in_webpki_certs(bool) to enable them separately.
  • Add ClientBuilder::built_in_native_certs(bool) to enable them separately.
  • Fix sending content-length: 0 for GET requests.
  • Fix response body content_length() to return value when timeout is configured.
  • Fix ClientBuilder::resolve() to use lowercase domain names.

v0.12.2

  • Fix missing ALPN when connecting to socks5 proxy with rustls.
  • Fix TLS version limits with rustls.
  • Fix not detected ALPN h2 from server with native-tls.

v0.12.1

  • Fix ClientBuilder::interface() when no TLS is enabled.
  • Fix TlsInfo::peer_certificate() being truncated with rustls.
  • Fix panic if http2 feature disabled but TLS negotiated h2 in ALPN.
  • Fix Display for Error to not include its source error.

v0.12.0

  • Upgrade to hyper, http, and http-body v1.
  • Add better support for converting to and from http::Request and http::Response.
  • Add http2 optional cargo feature, default on.

... (truncated)

Commits
  • b2a28f5 v0.12.6
  • 522216e feat: Add impl Service\<http::Request<Body>> for Client and &'_ Client (...
  • 646b1f8 chore: update macOS system-configuration dep (#2368)
  • 85dd6da dns: improve error message for hickory-dns and warn in docs (#2389)
  • bfd31be docs: Improve RequestBuilder::multipart's documentation (#2388)
  • 8c7f338 chore: bump dev-dependency libflate (#2382)
  • dddf877 chore: bump h3 dependency
  • a53c944 chore: fix some comments
  • dd036db chore: suppress wasm web-sys deprecation warnings (#2386)
  • 86a18a3 Enable happy eyeballs when using hickory-dns (#2378)
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 month ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.