Skip to content

chore(deps): bump reqwest from 0.12.28 to 0.13.3#22

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/cargo/reqwest-0.13.3
Closed

chore(deps): bump reqwest from 0.12.28 to 0.13.3#22
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/cargo/reqwest-0.13.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 3, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps reqwest from 0.12.28 to 0.13.3.

Release notes

Sourced from reqwest's releases.

v0.13.3

tl;dr

  • Fix CertificateRevocationList parsing of PEM values.
  • Fix logging in resolver to only show host, not full URL.
  • Fix hickory-dns to fallback to a default if /etc/resolv.conf fails.
  • Fix HTTP/3 to handle STOP_SENDING as not an error.
  • Fix HTTP/3 pool to remove timed out QUIC connections.
  • Fix HTTP/3 connection establishment picking IPv4 and IPv6.
  • Upgrade rustls-platform-verifier.
  • (wasm) Only use wasm-bindgen on unknown-* targets.

What's Changed

New Contributors

Full Changelog: seanmonstar/reqwest@v0.13.2...v0.13.3

v0.13.2

tl;dr

  • Fix HTTP/2 and native-tls ALPN feature combinations.
  • Fix HTTP/3 to send h3 ALPN.
  • (wasm) fix RequestBuilder::json() from override previously set content-type.

What's Changed

... (truncated)

Changelog

Sourced from reqwest's changelog.

v0.13.3

  • Fix CertificateRevocationList parsing of PEM values.
  • Fix logging in resolver to only show host, not full URL.
  • Fix hickory-dns to fallback to a default if /etc/resolv.conf fails.
  • Fix HTTP/3 to handle STOP_SENDING as not an error.
  • Fix HTTP/3 pool to remove timed out QUIC connections.
  • Fix HTTP/3 connection establishment picking IPv4 and IPv6.
  • Upgrade rustls-platform-verifier.
  • (wasm) Only use wasm-bindgen on unknown-* targets.

v0.13.2

  • Fix HTTP/2 and native-tls ALPN feature combinations.
  • Fix HTTP/3 to send h3 ALPN.
  • (wasm) fix RequestBuilder::json() from override previously set content-type.

v0.13.1

  • Fixes compiling with rustls on Android targets.

v0.13.0

  • Breaking changes:
    • rustls is now the default TLS backend, instead of native-tls.
    • rustls crypto provider defaults to aws-lc instead of ring. (rustls-no-provider exists if you want a different crypto provider)
    • rustls-tls has been renamed to rustls.
    • rustls roots features removed, rustls-platform-verifier is used by default.
      • To use different roots, call tls_certs_only(your_roots).
    • native-tls now includes ALPN. To disable, use native-tls-no-alpn.
    • query and form are now crate features, disabled by default.
    • Long-deprecated methods and crate features have been removed (such as trust-dns, which was renamed hickory-dns a while ago).
  • Many TLS-related methods renamed to improve autocompletion and discovery, but previous name left in place with a "soft" deprecation. (just documented, no warnings)
    • For example, prefer tls_backend_rustls() over use_rustls_tls().
Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jun 3, 2026
claude[bot]
claude Bot reviewed Jun 3, 2026
View reviewed changes

@claude claude Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Claude Code Review

This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.

Tip: disable this comment in your organization's Code Review settings.

@dependabot dependabot Bot force-pushed the dependabot/cargo/reqwest-0.13.3 branch 2 times, most recently from e7a433b to 299d312 Compare June 25, 2026 04:10
@dependabot
chore(deps): bump reqwest from 0.12.28 to 0.13.3
fec6d23 
Bumps [reqwest](https://github.com/seanmonstar/reqwest) from 0.12.28 to 0.13.3.
- [Release notes](https://github.com/seanmonstar/reqwest/releases)
- [Changelog](https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md)
- [Commits](seanmonstar/reqwest@v0.12.28...v0.13.3)

---
updated-dependencies:
- dependency-name: reqwest
  dependency-version: 0.13.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/cargo/reqwest-0.13.3 branch from 299d312 to fec6d23 Compare June 25, 2026 16:07
@cortexuvula

cortexuvula commented Jun 25, 2026

Copy link
Copy Markdown
Owner

Closing for now: reqwest 0.13 switches to aws-lc-rs/aws-lc-sys (new C build dep requiring cmake), changes the TLS backend from native-tls to rustls, and touches 114 call sites across 8 crates. reqwest 0.13 already coexists in Cargo.lock transitively (via Tauri 2.11.3) so there's no urgency to unify. Will revisit when the ecosystem stabilizes on 0.13.

@cortexuvula cortexuvula deleted the dependabot/cargo/reqwest-0.13.3 branch June 25, 2026 16:13
@dependabot @github

dependabot Bot commented on behalf of github Jun 25, 2026

Copy link
Copy Markdown
Contributor Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@claude claude[bot] claude[bot] left review comments

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@cortexuvula