dependabot[bot] opened a new pull request, #7119: URL: https://github.com/apache/opendal/pull/7119
Updates the requirements on [reqwest](https://github.com/seanmonstar/reqwest), [rand](https://github.com/rust-random/rand) and [reqsign](https://github.com/apache/opendal-reqsign) to permit the latest version. Updates `reqwest` to 0.12.28 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/releases";>reqwest's releases</a>.</em></p> <blockquote> <h2>v0.12.28</h2> <h2>What's Changed</h2> <ul> <li>fix: correctly import TokioIo on Windows by <a href="https://github.com/seanmonstar";><code>@seanmonstar</code></a> in <a href="https://redirect.github.com/seanmonstar/reqwest/pull/2896";>seanmonstar/reqwest#2896</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/seanmonstar/reqwest/compare/v0.12.27...v0.12.28";>https://github.com/seanmonstar/reqwest/compare/v0.12.27...v0.12.28</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/seanmonstar/reqwest/blob/master/CHANGELOG.md";>reqwest's changelog</a>.</em></p> <blockquote> <h2>v0.12.28</h2> <ul> <li>Fix compiling on Windows if TLS and SOCKS features are not enabled.</li> </ul> <h2>v0.12.27</h2> <ul> <li>Add <code>ClientBuilder::windows_named_pipe(name)</code> option that will force all requests over that Windows Named Piper.</li> </ul> <h2>v0.12.26</h2> <ul> <li>Fix sending <code>Accept-Encoding</code> header only with values configured with reqwest, regardless of underlying tower-http config.</li> </ul> <h2>v0.12.25</h2> <ul> <li>Add <code>Error::is_upgrade()</code> to determine if the error was from an HTTP upgrade.</li> <li>Fix sending <code>Proxy-Authorization</code> if only username is configured.</li> <li>Fix sending <code>Proxy-Authorization</code> to HTTPS proxies when the target is HTTP.</li> <li>Refactor internal decompression handling to use tower-http.</li> </ul> <h2>v0.12.24</h2> <ul> <li>Refactor cookie handling to an internal middleware.</li> <li>Refactor internal random generator.</li> <li>Refactor base64 encoding to reduce a copy.</li> <li>Documentation updates.</li> </ul> <h2>v0.12.23</h2> <ul> <li>Add <code>ClientBuilder::unix_socket(path)</code> option that will force all requests over that Unix Domain Socket.</li> <li>Add <code>ClientBuilder::retry(policy)</code> and <code>reqwest::retry::Builder</code> to configure automatic retries.</li> <li>Add <code>ClientBuilder::dns_resolver2()</code> with more ergonomic argument bounds, allowing more resolver implementations.</li> <li>Add <code>http3_*</code> options to <code>blocking::ClientBuilder</code>.</li> <li>Fix default TCP timeout values to enabled and faster.</li> <li>Fix SOCKS proxies to default to port 1080</li> <li>(wasm) Add cache methods to <code>RequestBuilder</code>.</li> </ul> <h2>v0.12.22</h2> <ul> <li>Fix socks proxies when resolving IPv6 destinations.</li> </ul> <h2>v0.12.21</h2> <ul> <li>Fix socks proxy to use <code>socks4a://</code> instead of <code>socks4h://</code>.</li> <li>Fix <code>Error::is_timeout()</code> to check for hyper and IO timeouts too.</li> <li>Fix request <code>Error</code> to again include URLs when possible.</li> <li>Fix socks connect error to include more context.</li> <li>(wasm) implement <code>Default</code> for <code>Body</code>.</li> </ul> <h2>v0.12.20</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/seanmonstar/reqwest/commit/d97859910c357827ad5993d37ce750ad595f4fff";><code>d978599</code></a> v0.12.28</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/ef2768a823b28bf00e23e218e034be035b08d770";><code>ef2768a</code></a> fix: correctly import TokioIo on Windows (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2896";>#2896</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/1bf6441b68c3e908d2588a3bb4f2043ceed737bf";><code>1bf6441</code></a> v0.12.27</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/4967b1b4e25c2e9cc9f4f2cb0f4e4181f13366ba";><code>4967b1b</code></a> feat: add windows_named_pipe() option to client builder (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2789";>#2789</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/ef5b239cbaa5e93607415bcf943c8f571da13e42";><code>ef5b239</code></a> chore: Use http_body_util::BodyDataStream (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2892";>#2892</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/a8100047976e138483e2128ee0ea004931ceead0";><code>a810004</code></a> chore: Disable unused tokio-util codec feature (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2893";>#2893</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/01f03a4c01fb13e2262a513ed21e2b84b5186f46";><code>01f03a4</code></a> v0.12.26</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/e908f57f67d95a814466fc7422655478b983894c";><code>e908f57</code></a> fix(http3): correct compression defaults (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2890";>#2890</a>)</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/509c9048b426f93bac2f643b1538b1d70e0dc830";><code>509c904</code></a> fix: disable default compression from tower-http if not enabled in reqwest (#...</li> <li><a href="https://github.com/seanmonstar/reqwest/commit/896aaeab612865bb37bc48d18faa53d7b65036f1";><code>896aaea</code></a> deps: update cookie_store to 0.22 (<a href="https://redirect.github.com/seanmonstar/reqwest/issues/2886";>#2886</a>)</li> <li>Additional commits viewable in <a href="https://github.com/seanmonstar/reqwest/compare/v0.12.24...v0.12.28";>compare view</a></li> </ul> </details> <br /> Updates `rand` to 0.9.2 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/rust-random/rand/blob/master/CHANGELOG.md";>rand's changelog</a>.</em></p> <blockquote> <h2>[0.9.2] - 2025-07-20</h2> <h3>Deprecated</h3> <ul> <li>Deprecate <code>rand::rngs::mock</code> module and <code>StepRng</code> generator (<a href="https://redirect.github.com/rust-random/rand/issues/1634";>#1634</a>)</li> </ul> <h3>Additions</h3> <ul> <li>Enable <code>WeightedIndex<usize></code> (de)serialization (<a href="https://redirect.github.com/rust-random/rand/issues/1646";>#1646</a>)</li> </ul> <h2>[0.9.1] - 2025-04-17</h2> <h3>Security and unsafe</h3> <ul> <li>Revise "not a crypto library" policy again (<a href="https://redirect.github.com/rust-random/rand/issues/1565";>#1565</a>)</li> <li>Remove <code>zerocopy</code> dependency from <code>rand</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1579";>#1579</a>)</li> </ul> <h3>Fixes</h3> <ul> <li>Fix feature <code>simd_support</code> for recent nightly rust (<a href="https://redirect.github.com/rust-random/rand/issues/1586";>#1586</a>)</li> </ul> <h3>Changes</h3> <ul> <li>Allow <code>fn rand::seq::index::sample_weighted</code> and <code>fn IndexedRandom::choose_multiple_weighted</code> to return fewer than <code>amount</code> results (<a href="https://redirect.github.com/rust-random/rand/issues/1623";>#1623</a>), reverting an undocumented change (<a href="https://redirect.github.com/rust-random/rand/issues/1382";>#1382</a>) to the previous release.</li> </ul> <h3>Additions</h3> <ul> <li>Add <code>rand::distr::Alphabetic</code> distribution. (<a href="https://redirect.github.com/rust-random/rand/issues/1587";>#1587</a>)</li> <li>Re-export <code>rand_core</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1604";>#1604</a>)</li> </ul> <h2>[0.9.0] - 2025-01-27</h2> <h3>Security and unsafe</h3> <ul> <li>Policy: "rand is not a crypto library" (<a href="https://redirect.github.com/rust-random/rand/issues/1514";>#1514</a>)</li> <li>Remove fork-protection from <code>ReseedingRng</code> and <code>ThreadRng</code>. Instead, it is recommended to call <code>ThreadRng::reseed</code> on fork. (<a href="https://redirect.github.com/rust-random/rand/issues/1379";>#1379</a>)</li> <li>Use <code>zerocopy</code> to replace some <code>unsafe</code> code (<a href="https://redirect.github.com/rust-random/rand/issues/1349";>#1349</a>, <a href="https://redirect.github.com/rust-random/rand/issues/1393";>#1393</a>, <a href="https://redirect.github.com/rust-random/rand/issues/1446";>#1446</a>, <a href="https://redirect.github.com/rust-random/rand/issues/1502";>#1502</a>)</li> </ul> <h3>Dependencies</h3> <ul> <li>Bump the MSRV to 1.63.0 (<a href="https://redirect.github.com/rust-random/rand/issues/1207";>#1207</a>, <a href="https://redirect.github.com/rust-random/rand/issues/1246";>#1246</a>, <a href="https://redirect.github.com/rust-random/rand/issues/1269";>#1269</a>, <a href="https://redirect.github.com/rust-random/rand/issues/1341";>#1341</a>, <a href="https://redirect.github.com/rust-random/rand/issues/1416";>#1416</a>, <a href="https://redirect.github.com/rust-random/rand/issues/1536";>#1536</a>); note that 1.60.0 may work for dependents when using <code>--ignore-rust-version</code></li> <li>Update to <code>rand_core</code> v0.9.0 (<a href="https://redirect.github.com/rust-random/rand/issues/1558";>#1558</a>)</li> </ul> <h3>Features</h3> <ul> <li>Support <code>std</code> feature without <code>getrandom</code> or <code>rand_chacha</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1354";>#1354</a>)</li> <li>Enable feature <code>small_rng</code> by default (<a href="https://redirect.github.com/rust-random/rand/issues/1455";>#1455</a>)</li> <li>Remove implicit feature <code>rand_chacha</code>; use <code>std_rng</code> instead. (<a href="https://redirect.github.com/rust-random/rand/issues/1473";>#1473</a>)</li> <li>Rename feature <code>serde1</code> to <code>serde</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1477";>#1477</a>)</li> <li>Rename feature <code>getrandom</code> to <code>os_rng</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1537";>#1537</a>)</li> <li>Add feature <code>thread_rng</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1547";>#1547</a>)</li> </ul> <h3>API changes: rand_core traits</h3> <ul> <li>Add fn <code>RngCore::read_adapter</code> implementing <code>std::io::Read</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1267";>#1267</a>)</li> <li>Add trait <code>CryptoBlockRng: BlockRngCore</code>; make <code>trait CryptoRng: RngCore</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1273";>#1273</a>)</li> <li>Add traits <code>TryRngCore</code>, <code>TryCryptoRng</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1424";>#1424</a>, <a href="https://redirect.github.com/rust-random/rand/issues/1499";>#1499</a>)</li> <li>Rename <code>fn SeedableRng::from_rng</code> -> <code>try_from_rng</code> and add infallible variant <code>fn from_rng</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1424";>#1424</a>)</li> <li>Rename <code>fn SeedableRng::from_entropy</code> -> <code>from_os_rng</code> and add fallible variant <code>fn try_from_os_rng</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1424";>#1424</a>)</li> <li>Add bounds <code>Clone</code> and <code>AsRef</code> to associated type <code>SeedableRng::Seed</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1491";>#1491</a>)</li> </ul> <h3>API changes: Rng trait and top-level fns</h3> <ul> <li>Rename fn <code>rand::thread_rng()</code> to <code>rand::rng()</code> and remove from the prelude (<a href="https://redirect.github.com/rust-random/rand/issues/1506";>#1506</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rust-random/rand/commit/d3dd4157052e5431ce42e157b544968560a68b95";><code>d3dd415</code></a> Prepare rand_core 0.9.2 (<a href="https://redirect.github.com/rust-random/rand/issues/1605";>#1605</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/99fabd20e9b39d0af7c2ed6c31dbcad83a1703fd";><code>99fabd2</code></a> Prepare rand_core 0.9.2</li> <li><a href="https://github.com/rust-random/rand/commit/c7fe1c43b5ba53aacad5fbac94a8b88788564049";><code>c7fe1c4</code></a> rand: re-export <code>rand_core</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1604";>#1604</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/db2b1e0bb41b0a1435b9fecaa1b7bdb531183204";><code>db2b1e0</code></a> rand: re-export <code>rand_core</code></li> <li><a href="https://github.com/rust-random/rand/commit/ee1d96f9f527dbe6f873c8a5ccf47d60a6b8f7b7";><code>ee1d96f</code></a> rand_core: implement reborrow for <code>UnwrapMut</code> (<a href="https://redirect.github.com/rust-random/rand/issues/1595";>#1595</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/e0eb2ee0fcc0b07afb901465f4a8ba7f07128f87";><code>e0eb2ee</code></a> rand_core: implement reborrow for <code>UnwrapMut</code></li> <li><a href="https://github.com/rust-random/rand/commit/975f602f5dbbdab0a024e0c5e8b527907426bd8c";><code>975f602</code></a> fixup clippy 1.85 warnings</li> <li><a href="https://github.com/rust-random/rand/commit/775b05be1b8a4fdef17c6601cd223551fbf67edc";><code>775b05b</code></a> Relax <code>Sized</code> requirements for blanket impls (<a href="https://redirect.github.com/rust-random/rand/issues/1593";>#1593</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/ec6d5c06a5384c14563a2164bb4a038100a5bb78";><code>ec6d5c0</code></a> Prepare rand_core v0.9.1 (<a href="https://redirect.github.com/rust-random/rand/issues/1591";>#1591</a>)</li> <li><a href="https://github.com/rust-random/rand/commit/6a06056e8a892bfa181ec24a8ea16aa9f2fe97d3";><code>6a06056</code></a> rand_core: introduce an UnwrapMut wrapper (<a href="https://redirect.github.com/rust-random/rand/issues/1589";>#1589</a>)</li> <li>Additional commits viewable in <a href="https://github.com/rust-random/rand/compare/0.8.0...rand_core-0.9.2";>compare view</a></li> </ul> </details> <br /> Updates `reqsign` to 0.18.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/apache/opendal-reqsign/releases";>reqsign's releases</a>.</em></p> <blockquote> <h2>v0.18.1</h2> <h2>What's Changed</h2> <ul> <li>ci: fix up release workflow by <a href="https://github.com/tisonkun";><code>@tisonkun</code></a> in <a href="https://redirect.github.com/apache/opendal-reqsign/pull/650";>apache/opendal-reqsign#650</a></li> <li>fix(services-aws-v4): Ensure token has been trimmed and encoded by <a href="https://github.com/Xuanwo";><code>@Xuanwo</code></a> in <a href="https://redirect.github.com/apache/opendal-reqsign/pull/653";>apache/opendal-reqsign#653</a></li> <li>feat(context-file-read-tokio): Allow file read tokio been built on wasm by <a href="https://github.com/Xuanwo";><code>@Xuanwo</code></a> in <a href="https://redirect.github.com/apache/opendal-reqsign/pull/654";>apache/opendal-reqsign#654</a></li> <li>feat: Return credential_invalid while no credential found by <a href="https://github.com/Xuanwo";><code>@Xuanwo</code></a> in <a href="https://redirect.github.com/apache/opendal-reqsign/pull/655";>apache/opendal-reqsign#655</a></li> <li>feat: Make http-send-reqwest available on wasm by <a href="https://github.com/Xuanwo";><code>@Xuanwo</code></a> in <a href="https://redirect.github.com/apache/opendal-reqsign/pull/656";>apache/opendal-reqsign#656</a></li> <li>Bump version to 0.18.1 by <a href="https://github.com/Xuanwo";><code>@Xuanwo</code></a> in <a href="https://redirect.github.com/apache/opendal-reqsign/pull/659";>apache/opendal-reqsign#659</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/apache/opendal-reqsign/compare/v0.18.0...v0.18.1";>https://github.com/apache/opendal-reqsign/compare/v0.18.0...v0.18.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/opendal-reqsign/commit/3ae0ec8919f242bb75e71398f2eced57a8597c55";><code>3ae0ec8</code></a> Bump version to 0.18.1 (<a href="https://redirect.github.com/apache/opendal-reqsign/issues/659";>#659</a>)</li> <li><a href="https://github.com/apache/opendal-reqsign/commit/4997eef7616e600e2ae509af64b60dfa861ad7eb";><code>4997eef</code></a> feat: Make http-send-reqwest available on wasm (<a href="https://redirect.github.com/apache/opendal-reqsign/issues/656";>#656</a>)</li> <li><a href="https://github.com/apache/opendal-reqsign/commit/125362c6ef4e116ed70c6e76260de3b47980985f";><code>125362c</code></a> feat: Return credential_invalid while no credential found (<a href="https://redirect.github.com/apache/opendal-reqsign/issues/655";>#655</a>)</li> <li><a href="https://github.com/apache/opendal-reqsign/commit/c7953e52e3daf8ed328dec2d34b5f89df9b6643a";><code>c7953e5</code></a> feat(context-file-read-tokio): Allow file read tokio been built on wasm (<a href="https://redirect.github.com/apache/opendal-reqsign/issues/654";>#654</a>)</li> <li><a href="https://github.com/apache/opendal-reqsign/commit/1744efcc7b4a0e817eb36956864e990179843902";><code>1744efc</code></a> fix(services-aws-v4): Ensure token has been trimmed and encoded (<a href="https://redirect.github.com/apache/opendal-reqsign/issues/653";>#653</a>)</li> <li><a href="https://github.com/apache/opendal-reqsign/commit/60d1ca93bbc84e1344d14b5c47bb4ab870196911";><code>60d1ca9</code></a> ci: fix up release workflow (<a href="https://redirect.github.com/apache/opendal-reqsign/issues/650";>#650</a>)</li> <li><a href="https://github.com/apache/opendal-reqsign/commit/077a866f5c179bb1f2e9c05a4f8adc2f384bd39b";><code>077a866</code></a> chore: use the official license template (<a href="https://redirect.github.com/apache/opendal-reqsign/issues/649";>#649</a>)</li> <li><a href="https://github.com/apache/opendal-reqsign/commit/84823db10adfd439b22fd4a63c7cccea43df7752";><code>84823db</code></a> chore: add NOTICE file (<a href="https://redirect.github.com/apache/opendal-reqsign/issues/647";>#647</a>)</li> <li><a href="https://github.com/apache/opendal-reqsign/commit/54de7a2c0df10714573decb3f631ef77f333b313";><code>54de7a2</code></a> chore: metadata and release workflow (<a href="https://redirect.github.com/apache/opendal-reqsign/issues/645";>#645</a>)</li> <li><a href="https://github.com/apache/opendal-reqsign/commit/873fac195c1b678fa0f47f59d26f32e9015e419a";><code>873fac1</code></a> chore: bump major version and encapsulate Timestamp (<a href="https://redirect.github.com/apache/opendal-reqsign/issues/643";>#643</a>)</li> <li>Additional commits viewable in <a href="https://github.com/apache/opendal-reqsign/compare/v0.16.5...v0.18.1";>compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
