Skip to content

chore(deps): update reqwest requirement from 0.11 to 0.12#76

Merged
iberi22 merged 2 commits intomainfrom
dependabot/cargo/reqwest-0.12
Dec 20, 2025
Merged

chore(deps): update reqwest requirement from 0.11 to 0.12#76
iberi22 merged 2 commits intomainfrom
dependabot/cargo/reqwest-0.12

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 11, 2025

Updates the requirements on reqwest to permit the latest version.

Release notes

Sourced from reqwest's releases.

v0.12.25

Highlights

  • Add Error::is_upgrade() to determine if the error was from an HTTP upgrade.
  • Fix sending Proxy-Authorization if only username is configured.
  • Fix sending Proxy-Authorization to HTTPS proxies when the target is HTTP.
  • Refactor internal decompression handling to use tower-http.

What's Changed

New Contributors

Full Changelog: seanmonstar/reqwest@v0.12.24...v0.12.25

Changelog

Sourced from reqwest's changelog.

v0.12.25

  • Add Error::is_upgrade() to determine if the error was from an HTTP upgrade.
  • Fix sending Proxy-Authorization if only username is configured.
  • Fix sending Proxy-Authorization to HTTPS proxies when the target is HTTP.
  • Refactor internal decompression handling to use tower-http.

v0.12.24

  • Refactor cookie handling to an internal middleware.
  • Refactor internal random generator.
  • Refactor base64 encoding to reduce a copy.
  • Documentation updates.

v0.12.23

  • Add ClientBuilder::unix_socket(path) option that will force all requests over that Unix Domain Socket.
  • Add ClientBuilder::retry(policy) and reqwest::retry::Builder to configure automatic retries.
  • Add ClientBuilder::dns_resolver2() with more ergonomic argument bounds, allowing more resolver implementations.
  • Add http3_* options to blocking::ClientBuilder.
  • Fix default TCP timeout values to enabled and faster.
  • Fix SOCKS proxies to default to port 1080
  • (wasm) Add cache methods to RequestBuilder.

v0.12.22

  • Fix socks proxies when resolving IPv6 destinations.

v0.12.21

  • Fix socks proxy to use socks4a:// instead of socks4h://.
  • Fix Error::is_timeout() to check for hyper and IO timeouts too.
  • Fix request Error to again include URLs when possible.
  • Fix socks connect error to include more context.
  • (wasm) implement Default for Body.

v0.12.20

  • Add ClientBuilder::tcp_user_timeout(Duration) option to set TCP_USER_TIMEOUT.
  • Fix proxy headers only using the first matched proxy.
  • (wasm) Fix re-adding Error::is_status().

v0.12.19

  • Fix redirect that changes the method to GET should remove payload headers.
  • Fix redirect to only check the next scheme if the policy action is to follow.
  • (wasm) Fix compilation error if cookies feature is enabled (by the way, it's a noop feature in wasm).

v0.12.18

... (truncated)

Commits
  • f156a9f v0.12.25
  • fc1ff4f fix(proxy): forward Proxy-Authorization header to HTTPS proxies for HTTP targ...
  • b7c3712 Use decompression from tower-http (#2840)
  • 74e6f84 feat(error): add is_upgrade method to detect protocol upgrade errors (#2822)
  • c0c06b7 fix: send proxy-authorization even with empty password (#2868)
  • a2aa5a3 chore: minor improvement for docs (#2862)
  • 9c4999d docs: document WASM client (#2859)
  • a97e195 docs: document connection pooling behavior (#2851)
  • e3093ed tests: fix wasm timeout test with uncached response (#2853)
  • b126ca4 v0.12.24
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): update reqwest requirement from 0.11 to 0.12
0a578c8 
Updates the requirements on [reqwest](https://github.com/seanmonstar/reqwest) to permit the latest version.
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](seanmonstar/reqwest@v0.11.0...v0.12.25)

---
updated-dependencies:
- dependency-name: reqwest
  dependency-version: 0.12.25
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Dependency updates from Dependabot quarantine Dependency in quarantine period labels Dec 11, 2025
@coderabbitai
Copy link

coderabbitai bot commented Dec 11, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions
Copy link
Contributor

github-actions bot commented Dec 11, 2025

🛡️ Dependency Sentinel Check

This dependency update has been received and will follow the Git-Core Protocol lifecycle:

📋 Quarantine Protocol (14 Days)

Phase Status Date
🔬 Quarantine Start NOW 2025-12-11
🧠 AI Analysis 🔄 Pending -
🔍 Community Monitoring 🔄 Active -
🎓 Graduation ⏳ Scheduled 2025-12-25

🤖 AI Analysis Queue

The following AI agents will analyze this update:

  • Gemini 3 Pro - Risk assessment, breaking changes
  • CodeRabbit - Code patterns, best practices
  • Copilot - Final meta-analysis (post-bots)

⚠️ Architecture Check

Before adoption, this update will be validated against:

  • .✨/ARCHITECTURE.md - Critical decisions
  • docs/agent-docs/RESEARCH_STACK_CONTEXT.md - Living context

📖 Protocol Reference

Dependency Quarantine Rule: Versions < 2 weeks old are in quarantine. Never use bleeding-edge dependencies in production.

Managed by Git-Core Protocol Dependency Sentinel

@iberi22 iberi22 merged commit ca6f11c into main Dec 20, 2025
4 of 5 checks passed
@iberi22 iberi22 deleted the dependabot/cargo/reqwest-0.12 branch December 20, 2025 17:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@iberi22 iberi22 iberi22 approved these changes

Assignees

No one assigned

Labels

dependencies Dependency updates from Dependabot quarantine Dependency in quarantine period

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@iberi22