Disable default features on `http-types` crate

http-rs / surf

Fast and friendly HTTP client framework for async Rust

https://docs.rs/surf

Apache License 2.0

1.46k stars 119 forks source link

Disable default features on `http-types` crate #332

Open link2xt opened 2 years ago

link2xt commented 2 years ago

By default http-types includes cookie-secure feature and pulls in cookie, aes-gcm, aead and probably other crates. This looks unnecessary when you just want to do some HTTPS GET/POST requests and drop any cookies.

Swatinem commented 2 years ago

Worth mentioning: The problem with those crates is that they have active RUSTSEC advisories (or their transitive dependencies have) and this is blocking to have a passing cargo audit.