[rust] update reqwest to 0.13

[titusfortner]

🔗 Related Issues

This is the last suggested update from #13964

💥 What does this PR do?

Bump reqwest and run update on it

[qodo-code-review]

Review Summary by Qodo

Update reqwest dependency to 0.13.3

✨ Enhancement

Walkthroughs

Description

• Update reqwest dependency from 0.12.23 to 0.13.3
• Change rustls feature from "rustls-tls" to "rustls"
• Remove deprecated use_rustls_tls() method call

Diagram

flowchart LR
  A["reqwest 0.12.23<br/>rustls-tls feature"] -- "upgrade" --> B["reqwest 0.13.3<br/>rustls feature"]
  C["use_rustls_tls()<br/>method call"] -- "remove" --> D["implicit TLS config"]

Loading

File Changes

1. rust/Cargo.toml Dependencies +1/-1

Update reqwest dependency and feature flag

• Bump reqwest version from 0.12.23 to 0.13.3
• Update feature flag from "rustls-tls" to "rustls"

rust/Cargo.toml

---

2. rust/src/lib.rs ✨ Enhancement +0/-1

Remove deprecated TLS configuration method

• Remove deprecated use_rustls_tls() method call from HTTP client builder
• TLS configuration now handled implicitly by reqwest 0.13 with rustls feature

rust/src/lib.rs

---

[qodo-code-review]

Code Review by Qodo

🐞 Bugs (1) 📘 Rule violations (0) 📎 Requirement gaps (0)

Context used

✅ Tickets: 🎫 Instance ChroneDriver Error: ConnectFailure 🎫 2.48 doesn't trigger javascript in link's href on click()

1. Dual reqwest majors included 🐞 Bug ⚙ Maintainability

Description

Updating the direct dependency to reqwest 0.13.3 still leaves a transitive dependency chain pulling
reqwest 0.12.28, so the build includes both reqwest 0.12.x and 0.13.x simultaneously. This increases
compile time/binary size and means older reqwest code remains in the final artifact despite the
bump.

Code

rust/Cargo.toml[21]

+reqwest = { version = "0.13.3", default-features = false, features = ["rustls"] }

Evidence

The PR updates the direct reqwest dependency to 0.13.3, while the lockfile shows that a transitive
dependency (apple-xar, via apple-flat-package) still requires reqwest 0.12.28, and the
lockfile contains entries for both reqwest versions. This demonstrates that the final build includes
both majors concurrently.

rust/Cargo.toml[14-24]
rust/Cargo.lock[85-128]
rust/Cargo.lock[1709-1782]
rust/Cargo.lock[2001-2035]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
The dependency graph currently pulls in both `reqwest 0.13.3` (direct) and `reqwest 0.12.28` (transitive via `apple-xar`/`apple-flat-package`). This keeps an older reqwest major in the final build and adds duplicate networking/TLS stacks.

### Issue Context
- `selenium-manager` depends on `reqwest 0.13.3`, but `apple-xar` (pulled by `apple-flat-package`) still depends on `reqwest 0.12.28`.

### Fix Focus Areas
- rust/Cargo.toml[14-24]
- rust/Cargo.lock[85-128]
- rust/Cargo.lock[1709-1782]
- rust/Cargo.lock[2001-2035]

### Suggested fix
- Prefer upgrading `apple-flat-package` (and/or its transitive `apple-xar`) to a version compatible with `reqwest 0.13.x` so the graph converges on a single reqwest major.
- If an upgrade is not available, evaluate whether `apple-flat-package` can be replaced or whether its reqwest usage can be feature-gated/disabled to avoid pulling reqwest 0.12.x.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---