Skip to content

cargo(deps): bump the http-web group with 5 updates #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

cargo(deps): bump the http-web group with 5 updates #2

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Jun 3, 2025
edited
Loading

Bumps the http-web group with 5 updates:

Package From To
reqwest 0.11.27 0.12.19
http 0.2.12 1.3.1
http-body 0.4.6 1.0.1
hyper 0.14.32 1.6.0
hyper-tls 0.5.0 0.6.0

Updates reqwest from 0.11.27 to 0.12.19

Release notes

Sourced from reqwest's releases.

v0.12.19

What's Changed

Full Changelog: seanmonstar/reqwest@v0.12.18...v0.12.19

v0.12.18

What's Changed

  • Fix compilation when socks enabled without TLS.

v0.12.17

What's Changed

v0.12.16

Highlights

  • Add ClientBuilder::http3_congestion_bbr() to enable BBR congestion control.
  • Add ClientBuilder::http3_send_grease() to configure whether to send use QUIC grease.
  • Add ClientBuilder::http3_max_field_section_size() to configure the maximum response headers.
  • Add ClientBuilder::tcp_keepalive_interval() to configure TCP probe interval.
  • Add ClientBuilder::tcp_keepalive_retries() to configure TCP probe count.
  • Add Proxy::headers() to add extra headers that should be sent to a proxy.
  • Fix redirect::Policy::limit() which had an off-by-1 error, allowing 1 more redirect than specified.
  • Fix HTTP/3 to support streaming request bodies.
  • (wasm) Fix null bodies when calling Response::bytes_stream().

What's Changed

... (truncated)

Changelog

Sourced from reqwest's changelog.

v0.12.19

  • Fix redirect that changes the method to GET should remove payload headers.
  • Fix redirect to only check the next scheme if the policy action is to follow.
  • (wasm) Fix compilation error if cookies feature is enabled (by the way, it's a noop feature in wasm).

v0.12.18

  • Fix compilation when socks enabled without TLS.

v0.12.17

  • Fix compilation on macOS.

v0.12.16

  • Add ClientBuilder::http3_congestion_bbr() to enable BBR congestion control.
  • Add ClientBuilder::http3_send_grease() to configure whether to send use QUIC grease.
  • Add ClientBuilder::http3_max_field_section_size() to configure the maximum response headers.
  • Add ClientBuilder::tcp_keepalive_interval() to configure TCP probe interval.
  • Add ClientBuilder::tcp_keepalive_retries() to configure TCP probe count.
  • Add Proxy::headers() to add extra headers that should be sent to a proxy.
  • Fix redirect::Policy::limit() which had an off-by-1 error, allowing 1 more redirect than specified.
  • Fix HTTP/3 to support streaming request bodies.
  • (wasm) Fix null bodies when calling Response::bytes_stream().

v0.12.15

  • Fix Windows to support both ProxyOverride and NO_PROXY.
  • Fix http3 to support streaming response bodies.
  • Fix http3 dependency from public API misuse.

v0.12.14

  • Fix missing fetch_mode_no_cors(), marking as deprecated when not on WASM.

v0.12.13

  • Add Form::into_reader() for blocking multipart forms.
  • Add Form::into_stream() for async multipart forms.
  • Add support for SOCKS4a proxies.
  • Fix decoding responses with multiple zstd frames.
  • Fix RequestBuilder::form() from overwriting a previously set Content-Type header, like the other builder methods.
  • Fix cloning of request timeout in blocking::Request.
  • Fix http3 synchronization of connection creation, reducing unneccesary extra connections.
  • Fix Windows system proxy to use ProxyOverride as a NO_PROXY value.
  • Fix blocking read to correctly reserve and zero read buffer.
  • (wasm) Add support for request timeouts.
  • (wasm) Fix Error::is_timeout() to return true when from a request timeout.

... (truncated)

Commits
  • 8cf142b v0.12.19
  • 35b6c83 fix(redirect): Using tower-http patch to fix invalid content-length heade...
  • a54c4cf disable util::add_cookie_header on wasm targets
  • a7a2db1 ci: check cookies feature on wasm target
  • 522638d fix: only check scheme after redirect Policy return follow (#2710)
  • 2fde244 ci: apparently dependabot doesn't understand increase-if-necessary
  • 35a6601 refactor: report custom reason phrase in error message (#2697)
  • 5e03d04 chore(ci): make dependabot tell us of breaking changes we could upgrade to (#...
  • 595c80b v0.12.18
  • f279ad1 fix compilation if socks is enabled without tls
  • Additional commits viewable in compare view

Updates http from 0.2.12 to 1.3.1

Release notes

Sourced from http's releases.

v1.3.1

What's Changed

Full Changelog: hyperium/http@v1.3.0...v1.3.1

v1.3.0

What's Changed

  • Allow most UTF-8 characters in URI path and query. (hyperium/http#715)
    • This means paring Uris with previously illegal characters according the original RFC will now be accepted. They used to be rejected in the name of spec purity, but many operators were using a fork of http because reality is that most characters are seen in the real world.
  • Fix HeaderMap::reserve() to allocate sufficient capacity.

New Contributors

Thanks!

Full Changelog: hyperium/http@v1.2.0...v1.3.0

v1.2.0

What's Changed

  • Add StatusCode::TOO_EARLY constant for 425 status. (#725)
  • Loosen TryFrom<HashMap> for HeaderMap to work with any state generic. (#729)
  • Change Builder methods to use TryInto instead of TryFrom arguments. (#730)
  • Make StatusCode::as_u16 a const function. (#680)
  • Fix Method parsing to allow #$%&' characters. (#713)
  • Fix HeaderName parsing to reject " characters. (#716)
  • Fix off by 1 error in Method::from_bytes that could cause extra allocations. (#708)
  • Fix HeaderMap capacity calculation in some cases (#710)

New Contributors

... (truncated)

Changelog

Sourced from http's changelog.

1.3.1 (March 11, 2025)

  • Fix validation that all characters are UTF-8 in URI path and query.

1.3.0 (March 11, 2025)

  • Allow most UTF-8 characters in URI path and query.
  • Fix HeaderMap::reserve() to allocate sufficient capacity.

1.2.0 (December 3, 2024)

  • Add StatusCode::TOO_EARLY constant for 425 status.
  • Loosen TryFrom<HashMap> for HeaderMap to work with any state generic.
  • Change Builder methods to use TryInto instead of TryFrom arguments.
  • Make StatusCode::as_u16 a const function.
  • Fix Method parsing to allow #$%&' characters.
  • Fix HeaderName parsing to reject " characters.
  • Fix off by 1 error in Method::from_bytes that could cause extra allocations.

1.1.0 (March 4, 2024)

  • Add methods to allow trying to allocate in the HeaderMap, returning an error if oversize instead of panicking.
  • Add Extensions::get_or_insert() method.
  • Implement From<Uri> for uri::Builder.
  • Fix HeaderName::from_lowercase that could allow NUL bytes in some cases.

1.0.0 (November 15, 2023)

  • Implement Clone for Request, Response, and Extensions. This breaking change requires that all extensions now implement Clone.
  • Add a default-on std feature. Disabling it currently is not supported.
  • Fix MIRI warnings in HeaderMap::iter().

0.2.10 (November 10, 2023)

  • Fix parsing of Authority to handle square brackets in incorrect order.
  • Fix HeaderMap::with_capacity() to handle arithmetic overflow.

0.2.9 (February 17, 2023)

  • Add HeaderName constants for cache-status and cdn-cache-control.
  • Implement Hash for PathAndQuery.
  • Re-export HeaderName at crate root.

0.2.8 (June 6, 2022)

  • Fix internal usage of uninitialized memory to use MaybeUninit inside HeaderName.

0.2.7 (April 28, 2022)

... (truncated)

Commits
  • 8c1fb20 v1.3.1
  • 6637a72 fix: validate path bytes are at least utf8 (#756)
  • d0dd91e v1.3.0
  • 64bd92b docs: Fixed encryption/compression typo for 'accept-encoding: identity'. (#695)
  • b03ed6a chore: use range.contains in StatusCode methods (#748)
  • a463fb5 chore(ci): use yq to get rust-version in manifest (#746)
  • 68845bd fix: HeaderMap::reserve allocates insufficient capacity (#741)
  • 4e02046 refactor(header): remove BytesMut inline optimization when creating (#738)
  • 091ee9a feat(uri): allow utf8 char, not rfc 3986 compliant, in path and query (#715)
  • a912445 v1.2.0
  • Additional commits viewable in compare view

Updates http-body from 0.4.6 to 1.0.1

Commits
  • 69e80eb v1.0.1
  • 17451a8 update year of license
  • 482c349 http-body-util: v0.1.2
  • 60c6383 refactor(ci): small refactoring (#113)
  • 23212f1 feat(util): add BodyDataStream (#117)
  • fe8aa7e refactor: replace deprecated std::u64 with primitive type
  • 6a85548 include license files in published crates
  • 46c54fb chore(util): resolve duplicate import
  • b5c769d http-body-util: v0.1.1
  • 76b19e6 perf: improve BufList::copy_to_bytes if len == remaining
  • Additional commits viewable in compare view

Updates hyper from 0.14.32 to 1.6.0

Release notes

Sourced from hyper's releases.

v1.6.0

Features

  • ext: add ext::on_informational() callback extension (#3818) (8ce1fcfa, closes #2565)
  • server: add http1::Builder::ignore_invalid_headers(bool) option (#3824) (3817a79b)

Bug Fixes

Breaking Changes

  • http2::Builder::max_local_error_reset_streams() now takes &mut self and returns &mut Self. In practice, this shouldn't break almost anyone. It was the wrong receiver and return types. (e981a91e)

New Contributors

Thanks

Full Changelog: hyperium/hyper@v1.5.2...v1.6.0

v1.5.2

Bug Fixes

Features

New Contributors

Thanks

Full Changelog: hyperium/hyper@v1.5.1...v1.5.2

... (truncated)

Changelog

Sourced from hyper's changelog.

v1.6.0 (2025-01-28)

Bug Fixes

Features

  • ext: add ext::on_informational() callback extension (#3818) (8ce1fcfa, closes #2565)
  • server: add http1::Builder::ignore_invalid_headers(bool) option (#3824) (3817a79b)

Breaking Changes

  • http2::Builder::max_local_error_reset_streams() now takes &mut self and returns &mut Self. In practice, this shouldn't break almost anyone. It was the wrong receiver and return types. (e981a91e)

v1.5.2 (2024-12-16)

Bug Fixes

Features

v1.5.1 (2024-11-19)

Bug Fixes

  • http2:
    • pass proper value to h2 max_local_error_reset_streams (4a20147a)
    • improve graceful shutdown during handshake (#3729) (13b05943)

v1.5.0 (2024-10-15)

... (truncated)

Commits
  • 621d8e4 v1.6.0
  • 83f4588 chore(LICENSE): update copyright year
  • 10b09ff fix(server): start http1 header read timeout when conn is idle (#3828)
  • 8ce1fcf feat(ext): add ext::on_informational() callback extension (#3818)
  • de28b0e chore(ci): use msrv aware dependency resolver (#3831)
  • 5baf537 chore(ci): use yq to get rust-version in manifest (#3829)
  • 3817a79 feat(server): add http1::Builder::ignore_invalid_headers(bool) option (#3824)
  • e981a91 fix(server): change max_local_error_reset_streams function to &mut self (...
  • 30f2961 v1.5.2
  • a131111 fix(http1): fix intermitent panic parsing partial headers (#3812)
  • Additional commits viewable in compare view

Updates hyper-tls from 0.5.0 to 0.6.0

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jun 3, 2025
@dependabot dependabot bot force-pushed the dependabot/cargo/main/http-web-639eb76252 branch 7 times, most recently from b066447 to 8718037 Compare June 9, 2025 09:41
@dependabot
cargo(deps): bump the http-web group with 5 updates
83a1533 
Bumps the http-web group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [reqwest](https://github.com/seanmonstar/reqwest) | `0.11.27` | `0.12.19` |
| [http](https://github.com/hyperium/http) | `0.2.12` | `1.3.1` |
| [http-body](https://github.com/hyperium/http-body) | `0.4.6` | `1.0.1` |
| [hyper](https://github.com/hyperium/hyper) | `0.14.32` | `1.6.0` |
| [hyper-tls](https://github.com/hyperium/hyper-tls) | `0.5.0` | `0.6.0` |


Updates `reqwest` from 0.11.27 to 0.12.19
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](seanmonstar/reqwest@v0.11.27...v0.12.19)

Updates `http` from 0.2.12 to 1.3.1
- [Release notes](https://github.com/hyperium/http/releases)
- [Changelog](https://github.com/hyperium/http/blob/master/CHANGELOG.md)
- [Commits](hyperium/http@v0.2.12...v1.3.1)

Updates `http-body` from 0.4.6 to 1.0.1
- [Release notes](https://github.com/hyperium/http-body/releases)
- [Commits](hyperium/http-body@v0.4.6...v1.0.1)

Updates `hyper` from 0.14.32 to 1.6.0
- [Release notes](https://github.com/hyperium/hyper/releases)
- [Changelog](https://github.com/hyperium/hyper/blob/master/CHANGELOG.md)
- [Commits](hyperium/hyper@v0.14.32...v1.6.0)

Updates `hyper-tls` from 0.5.0 to 0.6.0
- [Commits](hyperium/hyper-tls@v0.5.0...v0.6.0)

---
updated-dependencies:
- dependency-name: reqwest
  dependency-version: 0.12.19
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: http-web
- dependency-name: http
  dependency-version: 1.3.1
  dependency-type: indirect
  update-type: version-update:semver-major
  dependency-group: http-web
- dependency-name: http-body
  dependency-version: 1.0.1
  dependency-type: indirect
  update-type: version-update:semver-major
  dependency-group: http-web
- dependency-name: hyper
  dependency-version: 1.6.0
  dependency-type: indirect
  update-type: version-update:semver-major
  dependency-group: http-web
- dependency-name: hyper-tls
  dependency-version: 0.6.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: http-web
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/cargo/main/http-web-639eb76252 branch from 8718037 to 83a1533 Compare August 25, 2025 18:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant