fix(deps): update all

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
actix-cors (source)	dependencies	minor	0.6.4 -> 0.7.0
actix-files (source)	dependencies	patch	0.6.2 -> 0.6.6
actix-multipart (source)	dependencies	minor	0.6.0 -> 0.7.0
actix-web (source)	dependencies	minor	4.3.1 -> 4.9.0
async-std (source)	dependencies	minor	1.12.0 -> 1.13.0
env_logger	dependencies	minor	0.10.0 -> 0.11.0
ffprobe	dependencies	minor	0.3.3 -> 0.4.0
image	dependencies	minor	0.24.7 -> 0.25.0
imagesize	dependencies	minor	0.12.0 -> 0.13.0
lazy_static	dependencies	minor	1.4.0 -> 1.5.0
log	dependencies	patch	0.4.20 -> 0.4.22
mongodb (source)	dependencies	minor	2.6.1 -> 2.8.2
once_cell	dependencies	minor	1.18.0 -> 1.20.2
regex	dependencies	minor	1.9.3 -> 1.11.1
reqwest	dependencies	minor	0.11.18 -> 0.12.0
rust-s3	dependencies	minor	0.33.0 -> 0.35.0
scraper	dependencies	minor	0.17.1 -> 0.21.0
serde_json	dependencies	patch	1.0.105 -> 1.0.132
tempfile (source)	dependencies	minor	3.7.1 -> 3.13.0
toml	dependencies	minor	0.7.6 -> 0.8.0
tree_magic_mini	dependencies	minor	3.0.3 -> 3.1.6
ulid	dependencies	minor	1.0.0 -> 1.1.3
validator	dependencies	minor	0.16.1 -> 0.19.0
webp	dependencies	minor	0.2.6 -> 0.3.0

---

Release Notes

actix/actix-extras (actix-cors)

v0.7.0

• Cors is now marked #[must_use].
• Default for Cors::block_on_origin_mismatch is now false.
• Minimum supported Rust version (MSRV) is now 1.75.

v0.6.5

• Fix Vary header when Private Network Access is enabled.
• Minimum supported Rust version (MSRV) is now 1.68.

actix/actix-web (actix-files)

v0.6.6: Actix web 0.6.6

Compare Source

Changes

• Panic during middleware execution #​226

• Add support for listen_tls/listen_ssl #​224

• Ranges header support for NamedFile #​60

• Implement extractor for Session

v0.6.5: Actix web 0.6.5

Compare Source

Changes

• Fix error handling during request decoding #​222

v0.6.4: Actix web 0.6.4

Compare Source

Changes

• Fix segfault in ServerSettings::get_response_builder()

async-rs/async-std (async-std)

v1.13.0

Compare Source

Added

• IO Safety traits implementations

Changed

• Various dependencies updates
• Export BufReadExt and SeekExt from async_std::io

rust-cli/env_logger (env_logger)

v0.11.5

Compare Source

v0.11.4

Compare Source

v0.11.3

Compare Source

Features

• Experimental support for key-value logging behind unstable-kv

v0.11.2

Compare Source

v0.11.1

Compare Source

Fixes

• Allow styling with Target::Pipe

v0.11.0

Compare Source

Migration Guide

env_logger::fmt::Style:
The bespoke styling API, behind color, was removed, in favor of accepting any
ANSI styled string and adapting it to the target stream's capabilities.

Possible styling libraries include:

• anstyle is a minimal, runtime string styling API and is re-exported as env_logger::fmt::style
• owo-colors is a feature rich runtime string styling API
• color-print for feature-rich compile-time styling API

custom_format.rs
uses anstyle via
Formatter::default_level_style

Breaking Change

• Removed bespoke styling API
  • env_logger::fmt::Formatter::style
  • env_logger::fmt::Formatter::default_styled_level
  • env_logger::fmt::Style
  • env_logger::fmt::Color
  • env_logger::fmt::StyledValue
• Removed env_logger::filter in favor of env_filter

Compatibility

MSRV changed to 1.71

Features

• Automatically adapt ANSI escape codes in logged messages to the current terminal's capabilities
• Add support for NO_COLOR and CLICOLOR_FORCE, see https://bixense.com/clicolors/

Fixes

• Print colors when is_test(true)

v0.10.2

Compare Source

Performance

• Avoid extra UTF-8 validation performed in some cases

Fixes

• Ensure custom pipes/stdout get flushed
• Don't panic on broken pipes when color is disabled

v0.10.1

Compare Source

Performance

• Avoid hashing directives and accessing RNG on startup

Documentation

• Tweak RUST_LOG documentation

theduke/ffprobe-rs (ffprobe)

v0.4.0

Compare Source

• Allow customizing the ffprobe binary path
  #​22 by @​lovesegfault
• Add StreamTags::{reel_name/timecode} fields
• Add Default impl for ConfigBuilder
• Add extra field to FormatTags #​13 by @​imLinguin

image-rs/image (image)

v0.25.5

Compare Source

Features:

• Added support for decoding 10-bit and 12-bit AVIF
• Initial, opt-in serde support for an enum. This may be extended to other types in the future.

Bug fixes:

• Multiple bug fixes in AVIF decoding
• The rayon feature now correctly toggles the use of rayon when encoding AVIF. (Previously it would be either always on or always off depending on the version of the ravif crate in your dependency tree.)
• "jfif" file extension for JPEG images is now recognized

v0.25.4

Compare Source

Features:

• Much faster decoding of lossless WebP due to a variety of optimizations. Our benchmarks show 2x to 2.5x improvement.
• Added support for orientation metadata, so that e.g. smartphone camera images could be displayed correctly:
  • Added ImageDecoder::orientation() and implemented orientation metadata extraction for JPEG, WebP and TIFF formats
  • Added DynamicImage::apply_orientation() to apply the orientation to an image
• Added support for extracting Exif metadata from images via ImageDecoder::exif_metadata(), and implemented it for JPEG and WebP formats
• Added ImageEncoder::set_icc_profile() and implemented it for WebP format. Pull requests with implementations for other formats are welcome.
• Added DynamicImage::fast_blur() for a linear-time approximation of Gaussian blur, which is much faster at larger blur radii

Bug fixes:

• Fixed some APNG images being decoded incorrectly
• Fixed the iterator over animated WebP frames to return None instead of an error when the end of the animation is reached

v0.25.3

Compare Source

Yanked! This version accidentally missed a commit that should have been
included with the release. The Orientation struct should be in the
appropriate module instead of the top-level. This release won't be supported.

v0.25.2

Compare Source

Features:

• Added the HDR encoder to supported formats in generic write methods with the
  hdr feature enabled. Supports 32-bit float RGB color only, for now.
• When cloning ImageBuffer, DynamicImage and Frame the existing buffer
  will now be reused if possible.
• Added image::ImageReader as an alias.
• Implement ImageEncoder for HdrEncoder.

Structural changes

• Switch from byteorder to byteorder-lite, consolidating some casting
  unsafety to bytemuck.
• Many methods on DynamicImage and buffers gained #[must_use] indications.

Bug fixes:

• Removed test data included in the crate archive.
• The WebP animation decoder stops when reaching the indicate frame count.
• Fixed bugs in the bmp decoder.
• Format support gated on the exr feature now compiles in isolation.

v0.25.1

Compare Source

Bug fixes:

• Fixed corrupt JPEG output when attempting to encode images containing an alpha
  channel.
• Only accept ".ff" file extension for farbfeld images.
• Correct farbfeld feature flag for ImageFormat::{reading_enabled, writing_enabled}.
• Disable strict mode for JPEG decoder.
• Add nasm feature to optionally enable faster AVIF encoding.

v0.25.0

Compare Source

Breaking changes:

• Added BufRead + Seek bound on many decoders.
• Use ExtendedColorType instead of ColorType when encoding.
• Removed ImageOutputFormat, GenericImageView::bounds, and several other
  deprecated items.
• Removed incremental decoding support and changed ImageDecoder so the trait
  is object safe.
• Pixel types are now repr(transparent) rather than repr(C).
• Made color_quant dependency optional.
• Renamed some feature flags.

Structural changes:

• Increased MSRV to 1.67.1

Codec changes:

• Switched to image-webp for WebP encoding.
• Switched to zune-jpeg for JPEG decoding.
• Made the HDR decoder produce f32 images.
• Removed DXT encoding and decoding support.

v0.24.9

Compare Source

Structural changes:

• Relicense to MIT OR Apache-2.0
• Increase MSRV 1.63.0

New features:

• Support limits in PNG animation decoding.
• Added offsets to SubImage to compensate for the now-deprecated bounds call
  from GenericImageView.

Bug fixes:

• Correct limit tests for TIFF.
• Avoid overflow in gif::Decoder::buffer_size.
• Return error instead of using asssertion for Avif decoder unsupported or
  invalid bit depth.

v0.24.8

Compare Source

New features:

• Added pure-Rust lossless WebP encoding.
• Added DynamicImage::new method.
• Added PngDecoder::gamma_value method.
• Added ImageFormat::{reading_enabled, writing_enabled, all}.
• TGA encoder now supports RLE encoding.
• Add rayon parallel iterators behind an optional rayon feature.
• Support CMYK TIFF images.
• Implement From<DynamicImage> for all image types.

Bug fixes:

• Fix decoding pngs with invalid text chunks.
• Handle non-fatal error dav1d::Error::Again.
• Do not round floats in interpolate.
• PNM decoder now scales samples according to specified maximum.
• Fix wrong implementation of unsharpen filter.
• Fix GifDecoder::with_limits to raise an error when limits are exceeded.

Roughsketch/imagesize (imagesize)

v0.13.0

Compare Source

What's Changed

• List Avif format in README.md by @​seanaye in https://github.com/Roughsketch/imagesize/pull/33
• Add support for ILBM by @​KateMorley in https://github.com/Roughsketch/imagesize/pull/36
• Distinguish between HEIF and HEIC by @​rsuu in https://github.com/Roughsketch/imagesize/pull/34
• Mark ImageType as non-exhaustive by @​Roughsketch in https://github.com/Roughsketch/imagesize/pull/40

New Contributors

• @​seanaye made their first contribution in https://github.com/Roughsketch/imagesize/pull/33
• @​KateMorley made their first contribution in https://github.com/Roughsketch/imagesize/pull/36

Also thanks to @​virtualritz for initially introducing some formatting changes and bumping the edition.

Full Changelog: Roughsketch/imagesize@v0.12.0...v0.13.0

rust-lang-nursery/lazy-static.rs (lazy_static)

v1.5.0

Compare Source

rust-lang/log (log)

v0.4.22

Compare Source

v0.4.21

Compare Source

mongodb/mongo-rust-driver (mongodb)

v2.8.2

Compare Source

The MongoDB Rust driver team is pleased to announce the v2.8.2 release of the mongodb crate, now available for download from crates.io.

This release fixes a potential issue when serializing messages.

Full Release Notes

Improvements

• RUST-1553 Add support for document sequences (OP_MSG payload type 1) (#​1009)

Bugfixes

• RUST-1881 Check integer conversions (#​1045)

v2.8.1

Compare Source

The MongoDB Rust driver team is pleased to announce the v2.8.1 release of the mongodb crate, now available for download from crates.io.

This release fixes two bugs:

• on-demand KMS credentials wouldn't work with automatic encryption, and
• initial connection responses from the server could fail to parse under certain circumstances.

Full Release Notes

Bugfixes

• RUST-1883 Set use_need_kms_credentials_state unconditionally when creating a new ClientState (#​1018)
• RUST-1841 Allow double-valued connectionIds (#​1025)

v2.8.0

Compare Source

The MongoDB Rust driver team is pleased to announce the v2.8.0 release of the mongodb crate, now available for download from crates.io.

Highlighted Changes

Search Index Management Helpers

The Collection type now has the create_search_index, create_search_indexes, update_search_index, drop_search_index, and list_search_indexes methods, allowing comprehensive management of search indexes from client code.

Reliability Improvements

More error types will be automatically retried, and retries will avoid mongos backends with network connectivity issues. Also note that the documentation for with_transaction has been updated to clarify error handling requirements to avoid a deadlock.

Included Changes

Below are a selected list of changes with user impact; for a full list of changes see this GitHub query.

New Features

• RUST-1703 Add docker and kubernetes metrics (#​940)
• RUST-1701 Log when CosmosDB or DocumentDB are detected (#​958)
• RUST-1707 Add durations to connection pool events (#​976)
• RUST-933 Add support for the srvMaxHosts option (#​977)
• RUST-1667 Add search index management helpers (#​989)

Improvements

• RUST-877 Delay replacement document serialization until Operation::build (#​942)
• RUST-1763 deprecate CollectionOptions::human_readable_serialization (#​957)
• RUST-1414 disable causal consistency for implicit sessions (#​969)
• RUST-935 direct retries to different mongos (#​968)
• docs: remove pointless recommendation (#​973) (thanks @​cailloumajor!)
• RUST-1780 Bump MSRV to 1.61.0, upgrade ahash to 0.8.5 in MSRV-Cargo.lock (#​981) (thanks @​stIncMale!)
• RUST-1676 Simplify GenericCursor by refactoring the GetMoreProvider trait into a generic struct (#​983) (thanks @​stIncMale!)
• RUST-1804 Replace async_once with tokio::sync::OnceCell (#​992) (thanks @​Expyron!)
• RUST-1786 Make ReadConcernMajorityNotAvailableYet a retryable read error (#​996)
• RUST-1785 Make ExceededTimeLimit a read-retryable error (#​997)
• RUST-1788 Update docs for with_transaction to avoid infinite loop (#​998)

Bugfixes

• RUST-1698 Fix reading gridfs chunks from async-std file stream (#​950)
• RUST-1757 Fix final cursor batch handling (#​951)
• fixing the find or delete serde inconsistency (#​948) (thanks @​mlokr!)

v2.7.1

Compare Source

The MongoDB Rust driver team is pleased to announce the v2.7.1 release of the mongodb crate, now available for download from crates.io.

This release fixes a bug that caused a memory leak in various circumstances.

Full Release Notes

Bugfixes

• RUST-1779 Fix a memory leak in cleanup tracking (#​979)

v2.7.0

Compare Source

The MongoDB Rust driver team is pleased to announce the v2.7.0 release of the mongodb crate, now available for download from crates.io.

The Rust driver documentation is now hosted at https://www.mongodb.com/docs/drivers/rust/current/. This documentation includes detailed content about features, runnable examples, troubleshooting resources, and more.

Highlighted Changes

Serialization Behavior Change

When serializing values via serde, the serializer can indicate whether or not the target format is human-readable, allowing types to change behavior based on that. The Rust driver had inadvertently been serializing values given to find_one_and_replace and replace_one as human-readible when all other methods serialize as non-human-readible; this bug is fixed in 2.7.0, with those methods also serializing as non-human-readible.

However, it is potentially possible (if unlikely) that user code may rely on this bug. If your code does rely on human-readable serialization, you can specify that via the new human_readable_serialization field in CollectionOptions.

run_cursor_command

The Rust driver provides the run_command method as a way for users to directly send bson commands to the server; this is particularly useful when the driver does not yet have support for a newly-added server command. However, using this with commands that return a cursor requires re-implementing the logic for cursor iteration, which can be tedious and error-prone. The new run_cursor_command method avoids those problems, directly returning a Cursor using the same iteration logic as other methods.

SDAM Logging

The Rust driver will now log SDAM events when using the tracing-unstable feature.

Client Management

The Client type now provides three additional ways to shape behavior to fit your workload:

• ClientOptions.max_connecting lets you specify how many "in flight" connections can be established in parallel. This was previously fixed at 2 and defaults to the same value.
• Client::warm_connection_pool will create new connections to bring the connection pool up to min_pool_size, which can provide more predictable performance in some circumstances.
• Client::shutdown will cleanly stop background tasks and wait for outstanding handles to be dropped. This is particularly useful when using event handlers that reference external resources, as otherwise those handlers may be invoked in a background task even after the Client has been dropped.

Included Changes

Below are a selected list of changes with user impact; for a full list of changes see this GitHub query.

New Features

• RUST-1420 Cache AWS credentials received from endpoints (#​905)
• RUST-1604 Add custom bucketing fields to timeseries options (#​907)
• RUST-1588: Add RunCursorCommand (#​912)
• RUST-802 Support Unix Domain Sockets (#​908) (thanks @​PureWhiteWu!)
• RUST-1509 SDAM Logging (#​918)
• RUST-1608 Clean shutdown for Client (#​920)
• RUST-1712 Provide a connection pool warmup method (#​932)
• RUST-1712 Support User Configuration for max_connecting (#​923) (thanks @​LuisOsta!)
• RUST-1687 Add human_readable_serialization option to Collection (#​902) (thanks @​maiconpavi!)

Improvements

• RUST-1433 Propagate original error for some labeled retry errors (#​903)
• minor: improve README.md (#​934)
• upgrade webpki (#​935) (thanks @​fuchsnj!)
• RUST-1763 deprecate CollectionOptions::human_readable_serialization (#​957) (#​959)

Bugfixes

• Force non-human readable serialization in collections (#​919) (#​924) (thanks @​kodemartin!)
• RUST-1699 / RUST-1718 AWS authentication fixes (#​926)
• RUST-1719 Fix panic after SessionCursor::with_type is called (#​928) (thanks @​mlokr!)
• RUST-1743 Fix gridfs numeric type serialization (#​941)
• RUST-1757 Fix final cursor batch handling (#​951) (#​954)
• fixing the find or delete serde inconsistency (#​948) (#​955) (thanks @​mlokr!)
• minor: pin async-executor (#​964) (#​965)

matklad/once_cell (once_cell)

v1.20.2

Compare Source

• Remove portable_atomic from Cargo.lock if it is not, in fact, used: #​267
  This is a work-around for this cargo bhttps://github.com/rust-lang/cargo/issues/108010801.

v1.20.1

Compare Source

• Allow using race module using just portable_atomic, without critical_section and provide
  better error messages on targets without atomic CAS instruction,
  #​265.

v1.20.0

Compare Source

v1.19.0

Compare Source

• Use portable-atomic instead of atomic-polyfill, #​251.

rust-lang/regex (regex)

v1.11.1

Compare Source

===================
This is a new patch release of regex that fixes compilation on nightly
Rust when the unstable pattern crate feature is enabled. Users on nightly
Rust without this feature enabled are unaffected.

Bug fixes:

• BUG #​1231:
  Fix the Pattern trait implementation as a result of nightly API breakage.

v1.11.0

Compare Source

===================
This is a new minor release of regex that brings in an update to the
Unicode Character Database. Specifically, this updates the Unicode data
used by regex internally to the version 16 release.

New features:

• FEATURE #​1228:
  Add new regex::SetMatches::matched_all method.
• FEATURE #​1229:
  Update to Unicode Character Database (UCD) version 16.

v1.10.6

Compare Source

===================
This is a new patch release with a fix for the unstable crate feature that
enables std::str::Pattern trait integration.

Bug fixes:

• BUG #​1219:
  Fix the Pattern trait implementation as a result of nightly API breakage.

v1.10.5

Compare Source

===================
This is a new patch release with some minor fixes.

Bug fixes:

• BUG #​1203:
  Escape invalid UTF-8 when in the Debug impl of regex::bytes::Match.

v1.10.4

Compare Source

===================
This is a new patch release with some minor fixes.

• BUG #​1169:
  Fixes a bug with compiling a reverse NFA automaton in regex-automata.
• BUG #​1178:
  Clarifies that when Cow::Borrowed is returned from replace APIs, it is
  equivalent to the input.

v1.10.3

Compare Source

===================
This is a new patch release that fixes the feature configuration of optional
dependencies, and fixes an unsound use of bounds check elision.

Bug fixes:

• BUG #​1147:
  Set default-features=false for the memchr and aho-corasick dependencies.
• BUG #​1154:
  Fix unsound bounds check elision.

v1.10.2

Compare Source

===================
This is a new patch release that fixes a search regression where incorrect
matches could be reported.

Bug fixes:

• BUG #​1110:
  Revert broadening of reverse suffix literal optimization introduced in 1.10.1.

v1.10.1

Compare Source

===================
This is a new patch release with a minor increase in the number of valid
patterns and a broadening of some literal optimizations.

New features:

• FEATURE 04f5d7be:
  Loosen ASCII-compatible rules such that regexes like (?-u:☃) are now allowed.

Performance improvements:

• PERF 8a8d599f:
  Broader the reverse suffix optimization to apply in more cases.

v1.10.0

Compare Source

===================
This is a new minor release of regex that adds support for start and end
word boundary assertions. That is, \< and \>. The minimum supported Rust
version has also been raised to 1.65, which was released about one year ago.

The new word boundary assertions are:

• \< or \b{start}: a Unicode start-of-word boundary (\W|\A on the left,
  \w on the right).
• \> or \b{end}: a Unicode end-of-word boundary (\w on the left, \W|\z
  on the right)).
• \b{start-half}: half of a Unicode start-of-word boundary (\W|\A on the
  left).
• \b{end-half}: half of a Unicode end-of-word boundary (\W|\z on the
  right).

The \< and \> are GNU extensions to POSIX regexes. They have been added
to the regex crate because they enjoy somewhat broad support in other regex
engines as well (for example, vim). The \b{start} and \b{end} assertions
are aliases for \< and \>, respectively.

The \b{start-half} and \b{end-half} assertions are not found in any
other regex engine (although regex engines with general look-around support
can certainly express them). They were added principally to support the
implementation of word matching in grep programs, where one generally wants to
be a bit more flexible in what is considered a word boundary.

New features:

• FEATURE #​469:
  Add support for \< and \> word boundary assertions.
• FEATURE(regex-automata) #​1031:
  DFAs now have a start_state method that doesn't use an Input.

Performance improvements:

• PERF #​1051:
  Unicode character class operations have been optimized in regex-syntax.
• PERF #​1090:
  Make patterns containing lots of literal characters use less memory.

Bug fixes:

• BUG #​1046:
  Fix a bug that could result in incorrect match spans when using a Unicode word
  boundary and searching non-ASCII strings.
• BUG(regex-syntax) #​1047:
  Fix panics that can occur in Ast->Hir translation (not reachable from regex
  crate).
• BUG(regex-syntax) #​1088:
  Remove guarantees in the API that connect the u flag with a specific HIR
  representation.

regex-automata breaking change release:

This release includes a regex-automata 0.4.0 breaking change release, which
was necessary in order to support the new word boundary assertions. For
example, the Look enum has new variants and the LookSet type now uses u32
instead of u16 to represent a bitset of look-around assertions. These are
overall very minor changes, and most users of regex-automata should be able
to move to 0.4 from 0.3 without any changes at all.

regex-syntax breaking change release:

This release also includes a regex-syntax 0.8.0 breaking change release,
which, like regex-automata, was necessary in order to support the new word
boundary assertions. This release also includes some changes to the Ast
type to reduce heap usage in some cases. If you are using the Ast type
directly, your code may require some minor modifications. Otherwise, users of
regex-syntax 0.7 should be able to migrate to 0.8 without any code changes.

regex-lite release:

The regex-lite 0.1.1 release contains support for the new word boundary
assertions. There are no breaking changes.

v1.9.6

Compare Source

==================
This is a patch release that fixes a panic that can occur when the default
regex size limit is increased to a large number.

• BUG aa4e4c71:
  Fix a bug where computing the maximum haystack length for the bounded
  backtracker could result underflow and thus provoke a panic later in a search
  due to a broken invariant.

v1.9.5

Compare Source

==================
This is a patch release that hopefully mostly fixes a performance bug that
occurs when sharing a regex across multiple threads.

Issue #​934
explains this in more detail. It is also noted in the crate
documentation.
The bug can appear when sharing a regex across multiple threads simultaneously,
as might be the case when using a regex from a OnceLock, lazy_static or
similar primitive. Usually high contention only results when using many threads
to execute searches on small haystacks.

One can avoid the contention problem entirely through one of two methods.
The first is to use lower level APIs from regex-automata that require passing
state explicitly, such as meta::Regex::search_with.
The second is to clone a regex and send it to other threads explicitly. This
will not use any additional memory usage compared to sharing the regex. The
only downside of this approach is that it may be less convenient, for example,
it won't work with things like OnceLock or lazy_static or once_cell.

With that said, as of this release, the contention performance problems have
been greatly reduced. This was achieved by changing the free-list so that it
was sharded across threads, and that ensuring each sharded mutex occupies a
single cache line to mitigate false sharing. So while contention may still
impact performance in some cases, it should be a lot better now.

Because of the changes to how the free-list works, please report any issues you
find with this release. That not only includes search time regressions but also
significant regressions in memory usage. Reporting improvements is also welcome
as well! If possible, provide a reproduction.

Bug fixes:

• BUG #​934:
  Fix a performance bug where high contention on a single regex led to massive
  slow downs.

v1.9.4

Compare Source

==================
This is a patch release that fixes a bug where RegexSet::is_match(..) could
incorrectly return false (even when RegexSet::matches(..).matched_any()
returns true).

Bug fixes:

• BUG #​1070:
  Fix a bug where a prefilter was incorrectly configured for a RegexSet.

seanmonstar/reqwest (reqwest)

v0.12.9

Compare Source

• Add tls::CertificateRevocationLists support.
• Add crate features to enable webpki roots without selecting a rustls provider.
• Fix connection_verbose() to output read logs.
• Fix multipart::Part::file() to automatically include content-length.
• Fix proxy to internally no longer cache system proxy settings.

v0.12.8

Compare Source

• Add support for SOCKS4 proxies.
• Add multipart::Form::file() method for adding files easily.
• Add Body::wrap() to wrap any http_body::Body type.
• Fix the pool configuration to use a timer to remove expired connections.

v0.12.7

Compare Source

• Revert adding impl Service<http::Request<_>> for Client.

v0.12.6

Compare Source

• Add support for danger_accept_invalid_hostnames for rustls.
• Add impl Service<http::Request<Body>> for Client and &'_ Client.
• Add support for !Sync bodies in Body::wrap_stream().
• Enable happy eyeballs when hickory-dns is used.
• Fix Proxy so that HTTP(S)_PROXY values take precendence over ALL_PROXY.
• Fix blocking::RequestBuilder::header() from unsetting sensitive on passed header values.

v0.12.5

Compare Source

• Add blocking::ClientBuilder::dns_resolver() method to change DNS resolver in blocking client.
• Add http3 feature back, still requiring reqwest_unstable.
• Add rustls-tls-no-provider Cargo feature to use rustls without a crypto provider.
• Fix Accept-Encoding header combinations.
• Fix http3 resolving IPv6 addresses.
• Internal: upgrade to rustls 0.23.

v0.12.4

Compare Source

• Add zstd support, enabled with zstd Cargo feature.
• Add ClientBuilder::read_timeout(Duration), which applies the duration for each read operation. The timeout resets after a successful read.

v0.12.3

Compare Source

• Add FromStr for dns::Name.
• Add ClientBuilder::built_in_webpki_certs(bool) to enable them separately.
• Add ClientBuilder::built_in_native_certs(bool) to enable them separately.
• Fix sending content-length: 0 for GET requests.
• Fix response body content_length() to return value when timeout is configured.
• Fix ClientBuilder::resolve() to use lowercase domain names.

v0.12.2

Compare Source

• Fix missing ALPN when connecting to socks5 proxy with rustls.
• Fix TLS version limits with rustls.
• Fix not detected ALPN h2 from server with native-tls.

v0.12.1

Compare Source

• Fix ClientBuilder::interface() when no TLS is enabled.
• Fix TlsInfo::peer_certificate() being truncated with rustls.
• Fix panic if http2 feature disabled but TLS negotiated h2 in ALPN.
• Fix Display for Error to not include its source error.

v0.12.0

Compare Source

• Upgrade to hyper, http, and http-body v1.
• Add better support for converting to and from http::Request and http::Response.
• Add http2 optional cargo feature, default on.
• Add charset optional cargo feature, default on.
• Add macos-system-configuration cargo feature, default on.
• Change all optional dependencies to no longer be exposed as implicit features.
• Add ClientBuilder::interface(str) to specify the local interface to bind to.
• Experimental: disables the http3 feature temporarily.

v0.11.27

• Add hickory-dns feature, deprecating trust-dns.
• (wasm) Fix Form::text() to not set octet-stream for plain text fields.

v0.11.26

• Revert system-configuration upgrade, which broke MSRV on macOS.

v0.11.25

• Fix Certificate::from_pem_bundle() parsing.
• Fix Apple linker errors from detecting system proxies.

v0.11.24

• Add Certificate::from_pem_bundle() to add a bundle.
• Add http3_prior_knowledge() to blocking client builder.
• Remove Sync bounds requirement for Body::wrap_stream().
• Fix HTTP/2 to retry REFUSED_STREAM requests.
• Fix instances of converting Url to Uri that could panic.

v0.11.23

• Add Proxy::custom_http_auth(val) for setting the raw Proxy-Authorization header when connecting to proxies.
• Fix redirect to reject locations that are not http:// or https://.
• Fix setting nodelay when TLS is enabled but URL is HTTP.
• (wasm) Add ClientBuilder::user_agent(val).
• (wasm) add multipart::Form::headers(headers).

v0.11.22

• Fix compilation on Windows when trust-dns is enabled.

v0.11.21

• Add automatically detecting macOS proxy settings.
• Add ClientBuilder::tls_info(bool), which will put tls::TlsInfo into the response extensions.
• Fix trust-dns resolver from possible hangs.
• Fix connect timeout to be split among multiple IP addresses.

v0.11.20

• Fix deflate decompression back to using zlib, as outlined in the spec.

v0.11.19

• Add ClientBuilder::http1_ignore_invalid_headers_in_responses() option.
• Add ClientBuilder::http1_allow_spaces_after_header_name_in_responses() option.
• Add support for ALL_PROXY environment variable.
• Add support for use_preconfigured_tls when combined with HTTP/3.
• Fix deflate decompression from using the zlib decoder.
• Fix Response::{text, text_with_charset}() to strip BOM characters.
• Fix a panic when HTTP/3 is used if UDP isn't able to connect.
• Fix some dependencies for HTTP/3.
• Increase MSRV to 1.63.

v0.11.18

• Fix RequestBuilder::json() method from overriding a previously set content-type header. An existing value will be left in place.
• Upgrade internal dependencies for rustls and compression.

v0.11.17

• Upgrade internal dependencies of Experimental HTTP/3 to use quinn v0.9
• (wasm) Fix blob url support

v0.11.16

• Chore: set MSRV in Cargo.toml.
• Docs: fix build on docs.rs

v0.11.15

• Add RequestBuilder methods to split and reconstruct from its parts.
• Add experimental HTTP/3 support.
• Fix connection_verbose to log write_vectored calls.
• (wasm) Make requests actually cancel if the future is dropped.

v0.11.14

• Adds Proxy::no_proxy(url) that works like the NO_PROXY environment variable.
• Adds multipart::Part::headers(headers) method to add custom headers.
• (wasm) Add Response::bytes_stream().
• Perf: several internal optimizations reducing copies and memory allocations.

v0.11.13

• Add ClientBuilder::dns_resolver() option for custom DNS resolvers.
• Add ClientBuilder::tls_sni(bool) option to enable or disable TLS Server Name Indication.
• Add Identity::from_pkcs8_pem() constructor when using native-tls.
• Fix redirect::Policy::limited(0) from following any redirects.

v0.11.12

• Add ClientBuilder::resolve_to_addrs() which allows a slice of IP addresses to be specified for a single host.
• Add Response::upgrade() to await whether the server agrees to an HTTP upgrade.

v0.11.11

• Add HTTP/2 keep-alive configuration methods on ClientBuilder.
• Add ClientBuilder::http1_allow_obsolete_multiline_headers_in_responses().
• Add impl Service<Request> for Client and &'_ Client.
• (wasm) Add RequestBuilder::basic_auth().
• Fix RequestBuilder::header to not override sensitive if user explicitly set on a HeaderValue.
• Fix rustls parsing of elliptic curve private keys.
• Fix Proxy URL parsing of some invalid targets.

v0.11.10

• Add Error::url() to access the URL of an error.
• Add Response::extensions() to access the http::Extensions of a response.
• Fix rustls-native-certs to log an error instead of panicking when loading an invalid system certificate.
• Fix passing Basic Authorization header to proxies.

v0.11.9

• Add ClientBuilder::http09_responses(bool) option to allow receiving HTTP/0.9 responses.
• Fix HTTP/2 to retry requests interrupted by an HTTP/2 graceful shutdown.
• Fix proxy loading from environment variables to ignore empty values.

v0.11.8

• Update internal webpki-roots dependency.

v0.11.7

• Add blocking::ClientBuilder::resolve() option, matching the async builder.
• Implement From<tokio::fs::File> for Body.
• Fix blocking request-scoped timeout applying to bodies as well.
• (wasm) Fix request bodies using multipart vs formdata.
• Update internal rustls to 0.20.

v0.11.6

• (wasm) Fix request bodies more.

v0.11.5

• Add ClientBuilder::http1_only() method.
• Add tls::Version type, and ClientBuilder::min_tls_version() and ClientBuilder::max_tls_version() methods.
• Implement TryFrom<Request> for http::Request.
• Implement Clone for Identity.
• Fix NO_PROXYenvironment variable parsing to more closely match curl's. Comma-separated entries are now trimmed for whitespace, and * is allowed to match everything.
• Fix redirection to respect https_only option.
• (wasm) Add Body::as_bytes() method.
• (wasm) Fix sometimes wrong conversation of bytes into a JsValue.
• (wasm) Avoid dependency on serde-serialize feature.

v0.11.4

• Add ClientBuilder::resolve() option to override DNS resolution for specific domains.
• Add native-tls-alpn Cargo feature to use ALPN with the native-tls backend.
• Add ClientBuilder::deflate() option and deflate Cargo feature to support decoding response bodies using deflate.
• Add RequestBuilder::version() to allow setting the HTTP version of a request.
• Fix allowing "invalid" certificates with the rustls-tls backend, when the server uses TLS v1.2 or v1.3.
• (wasm) Add try_clone to Request and RequestBuilder

v0.11.3

• Add impl From<hyper::Body> for reqwest::Body.
• (wasm) Add credentials mode methods to RequestBuilder.

v0.11.2

• Add CookieStore trait to customize the type that stores and retrieves cookies for a session.
• Add cookie::Jar as a default CookieStore, easing creating some session cookies before creating the Client.
• Add ClientBuilder::http2_adaptive_window() option to configure an adaptive HTTP2 flow control behavior.
• Add ClientBuilder::http2_max_frame_size() option to adjust the maximum HTTP2 frame size that can be received.
• Implement IntoUrl for String, making it more convenient to create requests with format!.

v0.11.1

• Add ClientBuilder::tls_built_in_root_certs() option to disable built-in root certificates.
• Fix rustls-tls glue to more often support ALPN to upgrade to HTTP/2.
• Fix proxy parsing to assume http:// if no scheme is found.
• Fix connection pool idle reaping by enabling hyper's runtime feature.
• (wasm) Add Request::new() constructor.

v0.11.27

Compare Source

• Add hickory-dns feature, deprecating trust-dns.
• (wasm) Fix Form::text() to not set octet-stream for plain text fields.

v0.11.26

Compare Source

• Revert system-configuration upgrade, which broke MSRV on macOS.

v0.11.25

Compare Source

• Fix Certificate::from_pem_bundle() parsing.
• Fix Apple linker errors from detecting system proxies.

v0.11.24

Compare Source

• Add Certificate::from_pem_bundle() to add a bundle.
• Add http3_prior_knowledge() to blocking client builder.
• Remove Sync bounds requirement for Body::wrap_stream().
• Fix HTTP/2 to retry REFUSED_STREAM requests.
• Fix instances of converting Url to Uri that could

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: Cargo.lock

Command failed: cargo update --config net.git-fetch-with-cli=true --manifest-path Cargo.toml --package env_logger@0.10.0 --precise 0.11.3
error: package ID specification `env_logger@0.10.0` did not match any packages
Did you mean one of these?

  env_logger@0.11.2

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: Cargo.lock

Command failed: cargo update --config net.git-fetch-with-cli=true --manifest-path Cargo.toml --package async-std@1.12.0 --precise 1.13.0
    Updating crates.io index
error: failed to select a version for `rustix`.
    ... required by package `polling v3.0.0`
    ... which satisfies dependency `polling = "^3.0.0"` of package `async-io v2.2.0`
    ... which satisfies dependency `async-io = "^2.2.0"` of package `async-std v1.13.0`
    ... which satisfies dependency `async-std = "^1.12.0"` of package `cdn v0.1.0 (/tmp/renovate/repos/github/Nextflow-Cloud/cdn)`
versions that meet the requirements `^0.38.8` are: 0.38.39, 0.38.38, 0.38.37, 0.38.36, 0.38.35, 0.38.34, 0.38.32, 0.38.31, 0.38.30, 0.38.28, 0.38.27, 0.38.26, 0.38.25, 0.38.24, 0.38.23, 0.38.21, 0.38.20, 0.38.19, 0.38.18, 0.38.17, 0.38.15, 0.38.14, 0.38.13, 0.38.12, 0.38.11, 0.38.10, 0.38.9, 0.38.8

all possible versions conflict with previously selected packages.

  previously selected package `rustix v0.38.4`
    ... which satisfies dependency `rustix = "^0.38"` (locked to 0.38.4) of package `tempfile v3.7.1`
    ... which satisfies dependency `tempfile = "^3.7.1"` (locked to 3.7.1) of package `cdn v0.1.0 (/tmp/renovate/repos/github/Nextflow-Cloud/cdn)`

failed to select a version for `rustix` which could resolve this conflict