Update Rust crate reqwest to 0.13 #10

renovate · 2025-12-13T08:09:15Z

Note: This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change
reqwest	dependencies	minor	`0.9` → `0.13`

Release Notes

seanmonstar/reqwest (reqwest)

`v0.13.1`

Compare Source

Fixes compiling with rustls on Android targets.

`v0.13.0`

Compare Source

Breaking changes:
- rustls is now the default TLS backend, instead of native-tls.
- rustls crypto provider defaults to aws-lc instead of ring. (rustls-no-provider exists if you want a different crypto provider)
- rustls-tls has been renamed to rustls.
- rustls roots features removed, rustls-platform-verifier is used by default.
  - To use different roots, call tls_certs_only(your_roots).
- native-tls now includes ALPN. To disable, use native-tls-no-alpn.
- query and form are now crate features, disabled by default.
- Long-deprecated methods and crate features have been removed (such as trust-dns, which was renamed hickory-dns a while ago).
Many TLS-related methods renamed to improve autocompletion and discovery, but previous name left in place with a "soft" deprecation. (just documented, no warnings)
- For example, prefer tls_backend_rustls() over use_rustls_tls().

v0.12.28

Fix compiling on Windows if TLS and SOCKS features are not enabled.

v0.12.27

Add ClientBuilder::windows_named_pipe(name) option that will force all requests over that Windows Named Piper.

v0.12.26

Fix sending Accept-Encoding header only with values configured with reqwest, regardless of underlying tower-http config.

v0.12.25

Add Error::is_upgrade() to determine if the error was from an HTTP upgrade.
Fix sending Proxy-Authorization if only username is configured.
Fix sending Proxy-Authorization to HTTPS proxies when the target is HTTP.
Refactor internal decompression handling to use tower-http.

v0.12.24

Refactor cookie handling to an internal middleware.
Refactor internal random generator.
Refactor base64 encoding to reduce a copy.
Documentation updates.

v0.12.23

Add ClientBuilder::unix_socket(path) option that will force all requests over that Unix Domain Socket.
Add ClientBuilder::retry(policy) and reqwest::retry::Builder to configure automatic retries.
Add ClientBuilder::dns_resolver2() with more ergonomic argument bounds, allowing more resolver implementations.
Add http3_* options to blocking::ClientBuilder.
Fix default TCP timeout values to enabled and faster.
Fix SOCKS proxies to default to port 1080
(wasm) Add cache methods to RequestBuilder.

v0.12.22

Fix socks proxies when resolving IPv6 destinations.

v0.12.21

Fix socks proxy to use socks4a:// instead of socks4h://.
Fix Error::is_timeout() to check for hyper and IO timeouts too.
Fix request Error to again include URLs when possible.
Fix socks connect error to include more context.
(wasm) implement Default for Body.

v0.12.20

Add ClientBuilder::tcp_user_timeout(Duration) option to set TCP_USER_TIMEOUT.
Fix proxy headers only using the first matched proxy.
(wasm) Fix re-adding Error::is_status().

v0.12.19

Fix redirect that changes the method to GET should remove payload headers.
Fix redirect to only check the next scheme if the policy action is to follow.
(wasm) Fix compilation error if cookies feature is enabled (by the way, it's a noop feature in wasm).

v0.12.18

Fix compilation when socks enabled without TLS.

v0.12.17

Fix compilation on macOS.

v0.12.16

Add ClientBuilder::http3_congestion_bbr() to enable BBR congestion control.
Add ClientBuilder::http3_send_grease() to configure whether to send use QUIC grease.
Add ClientBuilder::http3_max_field_section_size() to configure the maximum response headers.
Add ClientBuilder::tcp_keepalive_interval() to configure TCP probe interval.
Add ClientBuilder::tcp_keepalive_retries() to configure TCP probe count.
Add Proxy::headers() to add extra headers that should be sent to a proxy.
Fix redirect::Policy::limit() which had an off-by-1 error, allowing 1 more redirect than specified.
Fix HTTP/3 to support streaming request bodies.
(wasm) Fix null bodies when calling Response::bytes_stream().

v0.12.15

Fix Windows to support both ProxyOverride and NO_PROXY.
Fix http3 to support streaming response bodies.
Fix http3 dependency from public API misuse.

v0.12.14

Fix missing fetch_mode_no_cors(), marking as deprecated when not on WASM.

v0.12.13

Add Form::into_reader() for blocking multipart forms.
Add Form::into_stream() for async multipart forms.
Add support for SOCKS4a proxies.
Fix decoding responses with multiple zstd frames.
Fix RequestBuilder::form() from overwriting a previously set Content-Type header, like the other builder methods.
Fix cloning of request timeout in blocking::Request.
Fix http3 synchronization of connection creation, reducing unneccesary extra connections.
Fix Windows system proxy to use ProxyOverride as a NO_PROXY value.
Fix blocking read to correctly reserve and zero read buffer.
(wasm) Add support for request timeouts.
(wasm) Fix Error::is_timeout() to return true when from a request timeout.

v0.12.12

(wasm) Fix compilation by not compiler tokio/time on WASM.

v0.12.11

Fix decompression returning an error when HTTP/2 ends with an empty data frame.

v0.12.10

Add ClientBuilder::connector_layer() to allow customizing the connector stack.
Add ClientBuilder::http2_max_header_list_size() option.
Fix propagating body size hint (content-length) information when wrapping bodies.
Fix decompression of chunked bodies so the connections can be reused more often.

v0.12.9

Add tls::CertificateRevocationLists support.
Add crate features to enable webpki roots without selecting a rustls provider.
Fix connection_verbose() to output read logs.
Fix multipart::Part::file() to automatically include content-length.
Fix proxy to internally no longer cache system proxy settings.

v0.12.8

Add support for SOCKS4 proxies.
Add multipart::Form::file() method for adding files easily.
Add Body::wrap() to wrap any http_body::Body type.
Fix the pool configuration to use a timer to remove expired connections.

v0.12.7

Revert adding impl Service<http::Request<_>> for Client.

v0.12.6

Add support for danger_accept_invalid_hostnames for rustls.
Add impl Service<http::Request<Body>> for Client and &'_ Client.
Add support for !Sync bodies in Body::wrap_stream().
Enable happy eyeballs when hickory-dns is used.
Fix Proxy so that HTTP(S)_PROXY values take precedence over ALL_PROXY.
Fix blocking::RequestBuilder::header() from unsetting sensitive on passed header values.

v0.12.5

Add blocking::ClientBuilder::dns_resolver() method to change DNS resolver in blocking client.
Add http3 feature back, still requiring reqwest_unstable.
Add rustls-tls-no-provider Cargo feature to use rustls without a crypto provider.
Fix Accept-Encoding header combinations.
Fix http3 resolving IPv6 addresses.
Internal: upgrade to rustls 0.23.

v0.12.4

Add zstd support, enabled with zstd Cargo feature.
Add ClientBuilder::read_timeout(Duration), which applies the duration for each read operation. The timeout resets after a successful read.

v0.12.3

Add FromStr for dns::Name.
Add ClientBuilder::built_in_webpki_certs(bool) to enable them separately.
Add ClientBuilder::built_in_native_certs(bool) to enable them separately.
Fix sending content-length: 0 for GET requests.
Fix response body content_length() to return value when timeout is configured.
Fix ClientBuilder::resolve() to use lowercase domain names.

v0.12.2

Fix missing ALPN when connecting to socks5 proxy with rustls.
Fix TLS version limits with rustls.
Fix not detected ALPN h2 from server with native-tls.

v0.12.1

Fix ClientBuilder::interface() when no TLS is enabled.
Fix TlsInfo::peer_certificate() being truncated with rustls.
Fix panic if http2 feature disabled but TLS negotiated h2 in ALPN.
Fix Display for Error to not include its source error.

`v0.12.28`

Compare Source

Fix compiling on Windows if TLS and SOCKS features are not enabled.

`v0.12.27`

Compare Source

Add ClientBuilder::windows_named_pipe(name) option that will force all requests over that Windows Named Piper.

`v0.12.26`

Compare Source

Fix sending Accept-Encoding header only with values configured with reqwest, regardless of underlying tower-http config.

`v0.12.25`

Compare Source

Add Error::is_upgrade() to determine if the error was from an HTTP upgrade.
Fix sending Proxy-Authorization if only username is configured.
Fix sending Proxy-Authorization to HTTPS proxies when the target is HTTP.
Refactor internal decompression handling to use tower-http.

`v0.12.24`

Compare Source

Refactor cookie handling to an internal middleware.
Refactor internal random generator.
Refactor base64 encoding to reduce a copy.
Documentation updates.

`v0.12.23`

Compare Source

Add ClientBuilder::unix_socket(path) option that will force all requests over that Unix Domain Socket.
Add ClientBuilder::retry(policy) and reqwest::retry::Builder to configure automatic retries.
Add ClientBuilder::dns_resolver2() with more ergonomic argument bounds, allowing more resolver implementations.
Add http3_* options to blocking::ClientBuilder.
Fix default TCP timeout values to enabled and faster.
Fix SOCKS proxies to default to port 1080
(wasm) Add cache methods to RequestBuilder.

`v0.12.22`

Compare Source

Fix socks proxies when resolving IPv6 destinations.

`v0.12.21`

Compare Source

Fix socks proxy to use socks4a:// instead of socks4h://.
Fix Error::is_timeout() to check for hyper and IO timeouts too.
Fix request Error to again include URLs when possible.
Fix socks connect error to include more context.
(wasm) implement Default for Body.

`v0.12.20`

Compare Source

Add ClientBuilder::tcp_user_timeout(Duration) option to set TCP_USER_TIMEOUT.
Fix proxy headers only using the first matched proxy.
(wasm) Fix re-adding Error::is_status().

`v0.12.19`

Compare Source

Fix redirect that changes the method to GET should remove payload headers.
Fix redirect to only check the next scheme if the policy action is to follow.
(wasm) Fix compilation error if cookies feature is enabled (by the way, it's a noop feature in wasm).

`v0.12.18`

Compare Source

Fix compilation when socks enabled without TLS.

`v0.12.17`

Compare Source

Fix compilation on macOS.

`v0.12.16`

Compare Source

Add ClientBuilder::http3_congestion_bbr() to enable BBR congestion control.
Add ClientBuilder::http3_send_grease() to configure whether to send use QUIC grease.
Add ClientBuilder::http3_max_field_section_size() to configure the maximum response headers.
Add ClientBuilder::tcp_keepalive_interval() to configure TCP probe interval.
Add ClientBuilder::tcp_keepalive_retries() to configure TCP probe count.
Add Proxy::headers() to add extra headers that should be sent to a proxy.
Fix redirect::Policy::limit() which had an off-by-1 error, allowing 1 more redirect than specified.
Fix HTTP/3 to support streaming request bodies.
(wasm) Fix null bodies when calling Response::bytes_stream().

`v0.12.15`

Compare Source

Fix Windows to support both ProxyOverride and NO_PROXY.
Fix http3 to support streaming response bodies.
Fix http3 dependency from public API misuse.

`v0.12.14`

Compare Source

Fix missing fetch_mode_no_cors(), marking as deprecated when not on WASM.

`v0.12.13`

Compare Source

Add Form::into_reader() for blocking multipart forms.
Add Form::into_stream() for async multipart forms.
Add support for SOCKS4a proxies.
Fix decoding responses with multiple zstd frames.
Fix RequestBuilder::form() from overwriting a previously set Content-Type header, like the other builder methods.
Fix cloning of request timeout in blocking::Request.
Fix http3 synchronization of connection creation, reducing unneccesary extra connections.
Fix Windows system proxy to use ProxyOverride as a NO_PROXY value.
Fix blocking read to correctly reserve and zero read buffer.
(wasm) Add support for request timeouts.
(wasm) Fix Error::is_timeout() to return true when from a request timeout.

`v0.12.12`

Compare Source

(wasm) Fix compilation by not compiler tokio/time on WASM.

`v0.12.11`

Compare Source

Fix decompression returning an error when HTTP/2 ends with an empty data frame.

`v0.12.10`

Compare Source

Add ClientBuilder::connector_layer() to allow customizing the connector stack.
Add ClientBuilder::http2_max_header_list_size() option.
Fix propagating body size hint (content-length) information when wrapping bodies.
Fix decompression of chunked bodies so the connections can be reused more often.

`v0.12.9`

Compare Source

Add tls::CertificateRevocationLists support.
Add crate features to enable webpki roots without selecting a rustls provider.
Fix connection_verbose() to output read logs.
Fix multipart::Part::file() to automatically include content-length.
Fix proxy to internally no longer cache system proxy settings.

`v0.12.8`

Compare Source

Add support for SOCKS4 proxies.
Add multipart::Form::file() method for adding files easily.
Add Body::wrap() to wrap any http_body::Body type.
Fix the pool configuration to use a timer to remove expired connections.

`v0.12.7`

Compare Source

Revert adding impl Service<http::Request<_>> for Client.

`v0.12.6`

Compare Source

Add support for danger_accept_invalid_hostnames for rustls.
Add impl Service<http::Request<Body>> for Client and &'_ Client.
Add support for !Sync bodies in Body::wrap_stream().
Enable happy eyeballs when hickory-dns is used.
Fix Proxy so that HTTP(S)_PROXY values take precedence over ALL_PROXY.
Fix blocking::RequestBuilder::header() from unsetting sensitive on passed header values.

`v0.12.5`

Compare Source

Add blocking::ClientBuilder::dns_resolver() method to change DNS resolver in blocking client.
Add http3 feature back, still requiring reqwest_unstable.
Add rustls-tls-no-provider Cargo feature to use rustls without a crypto provider.
Fix Accept-Encoding header combinations.
Fix http3 resolving IPv6 addresses.
Internal: upgrade to rustls 0.23.

`v0.12.4`

Compare Source

Add zstd support, enabled with zstd Cargo feature.
Add ClientBuilder::read_timeout(Duration), which applies the duration for each read operation. The timeout resets after a successful read.

`v0.12.3`

Compare Source

Add FromStr for dns::Name.
Add ClientBuilder::built_in_webpki_certs(bool) to enable them separately.
Add ClientBuilder::built_in_native_certs(bool) to enable them separately.
Fix sending content-length: 0 for GET requests.
Fix response body content_length() to return value when timeout is configured.
Fix ClientBuilder::resolve() to use lowercase domain names.

`v0.12.2`

Compare Source

Fix compiling on Windows if TLS and SOCKS features are not enabled.

`v0.12.1`

Compare Source

Fix redirect that changes the method to GET should remove payload headers.
Fix redirect to only check the next scheme if the policy action is to follow.
(wasm) Fix compilation error if cookies feature is enabled (by the way, it's a noop feature in wasm).

`v0.12.0`

Compare Source

Upgrade to hyper, http, and http-body v1.
Add better support for converting to and from http::Request and http::Response.
Add http2 optional cargo feature, default on.
Add charset optional cargo feature, default on.
Add macos-system-configuration cargo feature, default on.
Change all optional dependencies to no longer be exposed as implicit features.
Add ClientBuilder::interface(str) to specify the local interface to bind to.
Experimental: disables the http3 feature temporarily.

v0.11.27

Add hickory-dns feature, deprecating trust-dns.
(wasm) Fix Form::text() to not set octet-stream for plain text fields.

v0.11.26

Revert system-configuration upgrade, which broke MSRV on macOS.

v0.11.25

Fix Certificate::from_pem_bundle() parsing.
Fix Apple linker errors from detecting system proxies.

v0.11.24

Add Certificate::from_pem_bundle() to add a bundle.
Add http3_prior_knowledge() to blocking client builder.
Remove Sync bounds requirement for Body::wrap_stream().
Fix HTTP/2 to retry REFUSED_STREAM requests.
Fix instances of converting Url to Uri that could panic.

v0.11.23

Add Proxy::custom_http_auth(val) for setting the raw Proxy-Authorization header when connecting to proxies.
Fix redirect to reject locations that are not http:// or https://.
Fix setting nodelay when TLS is enabled but URL is HTTP.
(wasm) Add ClientBuilder::user_agent(val).
(wasm) add multipart::Form::headers(headers).

v0.11.22

Fix compilation on Windows when trust-dns is enabled.

v0.11.21

Add automatically detecting macOS proxy settings.
Add ClientBuilder::tls_info(bool), which will put tls::TlsInfo into the response extensions.
Fix trust-dns resolver from possible hangs.
Fix connect timeout to be split among multiple IP addresses.

v0.11.20

Fix deflate decompression back to using zlib, as outlined in the spec.

v0.11.19

Add ClientBuilder::http1_ignore_invalid_headers_in_responses() option.
Add ClientBuilder::http1_allow_spaces_after_header_name_in_responses() option.
Add support for ALL_PROXY environment variable.
Add support for use_preconfigured_tls when combined with HTTP/3.
Fix deflate decompression from using the zlib decoder.
Fix Response::{text, text_with_charset}() to strip BOM characters.
Fix a panic when HTTP/3 is used if UDP isn't able to connect.
Fix some dependencies for HTTP/3.
Increase MSRV to 1.63.

v0.11.18

Fix RequestBuilder::json() method from overriding a previously set content-type header. An existing value will be left in place.
Upgrade internal dependencies for rustls and compression.

v0.11.17

Upgrade internal dependencies of Experimental HTTP/3 to use quinn v0.9
(wasm) Fix blob url support

v0.11.16

Chore: set MSRV in Cargo.toml.
Docs: fix build on docs.rs

v0.11.15

Add RequestBuilder methods to split and reconstruct from its parts.
Add experimental HTTP/3 support.
Fix connection_verbose to log write_vectored calls.
(wasm) Make requests actually cancel if the future is dropped.

v0.11.14

Adds Proxy::no_proxy(url) that works like the NO_PROXY environment variable.
Adds multipart::Part::headers(headers) method to add custom headers.
(wasm) Add Response::bytes_stream().
Perf: several internal optimizations reducing copies and memory allocations.

v0.11.13

Add ClientBuilder::dns_resolver() option for custom DNS resolvers.
Add ClientBuilder::tls_sni(bool) option to enable or disable TLS Server Name Indication.
Add Identity::from_pkcs8_pem() constructor when using native-tls.
Fix redirect::Policy::limited(0) from following any redirects.

v0.11.12

Add ClientBuilder::resolve_to_addrs() which allows a slice of IP addresses to be specified for a single host.
Add Response::upgrade() to await whether the server agrees to an HTTP upgrade.

v0.11.11

Add HTTP/2 keep-alive configuration methods on ClientBuilder.
Add ClientBuilder::http1_allow_obsolete_multiline_headers_in_responses().
Add impl Service<Request> for Client and &'_ Client.
(wasm) Add RequestBuilder::basic_auth().
Fix RequestBuilder::header to not override sensitive if user explicitly set on a HeaderValue.
Fix rustls parsing of elliptic curve private keys.
Fix Proxy URL parsing of some invalid targets.

v0.11.10

Add Error::url() to access the URL of an error.
Add Response::extensions() to access the http::Extensions of a response.
Fix rustls-native-certs to log an error instead of panicking when loading an invalid system certificate.
Fix passing Basic Authorization header to proxies.

v0.11.9

Add ClientBuilder::http09_responses(bool) option to allow receiving HTTP/0.9 responses.
Fix HTTP/2 to retry requests interrupted by an HTTP/2 graceful shutdown.
Fix proxy loading from environment variables to ignore empty values.

v0.11.8

Update internal webpki-roots dependency.

v0.11.7

Add blocking::ClientBuilder::resolve() option, matching the async builder.
Implement From<tokio::fs::File> for Body.
Fix blocking request-scoped timeout applying to bodies as well.
(wasm) Fix request bodies using multipart vs formdata.
Update internal rustls to 0.20.

v0.11.6

(wasm) Fix request bodies more.

v0.11.5

Add ClientBuilder::http1_only() method.
Add tls::Version type, and ClientBuilder::min_tls_version() and ClientBuilder::max_tls_version() methods.
Implement TryFrom<Request> for http::Request.
Implement Clone for Identity.
Fix NO_PROXYenvironment variable parsing to more closely match curl's. Comma-separated entries are now trimmed for whitespace, and * is allowed to match everything.
Fix redirection to respect https_only option.
(wasm) Add Body::as_bytes() method.
(wasm) Fix sometimes wrong conversation of bytes into a JsValue.
(wasm) Avoid dependency on serde-serialize feature.

v0.11.4

Add ClientBuilder::resolve() option to override DNS resolution for specific domains.
Add native-tls-alpn Cargo feature to use ALPN with the native-tls backend.
Add ClientBuilder::deflate() option and deflate Cargo feature to support decoding response bodies using deflate.
Add RequestBuilder::version() to allow setting the HTTP version of a request.
Fix allowing "invalid" certificates with the rustls-tls backend, when the server uses TLS v1.2 or v1.3.
(wasm) Add try_clone to Request and RequestBuilder

v0.11.3

Add impl From<hyper::Body> for reqwest::Body.
(wasm) Add credentials mode methods to RequestBuilder.

v0.11.2

Add CookieStore trait to customize the type that stores and retrieves cookies for a session.
Add cookie::Jar as a default CookieStore, easing creating some session cookies before creating the Client.
Add ClientBuilder::http2_adaptive_window() option to configure an adaptive HTTP2 flow control behavior.
Add ClientBuilder::http2_max_frame_size() option to adjust the maximum HTTP2 frame size that can be received.
Implement IntoUrl for String, making it more convenient to create requests with format!.

v0.11.1

Add ClientBuilder::tls_built_in_root_certs() option to disable built-in root certificates.
Fix rustls-tls glue to more often support ALPN to upgrade to HTTP/2.
Fix proxy parsing to assume http:// if no scheme is found.
Fix connection pool idle reaping by enabling hyper's runtime feature.
(wasm) Add Request::new() constructor.

`v0.11.27`

Compare Source

Add hickory-dns feature, deprecating trust-dns.
(wasm) Fix Form::text() to not set octet-stream for plain text fields.

`v0.11.26`

Compare Source

Revert system-configuration upgrade, which broke MSRV on macOS.

`v0.11.25`

Compare Source

Fix Certificate::from_pem_bundle() parsing.
Fix Apple linker errors from detecting system proxies.

`v0.11.24`

Compare Source

Add Certificate::from_pem_bundle() to add a bundle.
Add http3_prior_knowledge() to blocking client builder.
Remove Sync bounds requirement for Body::wrap_stream().
Fix HTTP/2 to retry REFUSED_STREAM requests.
Fix instances of converting Url to Uri that could panic.

`v0.11.23`

Compare Source

Add Proxy::custom_http_auth(val) for setting the raw Proxy-Authorization header when connecting to proxies.
Fix redirect to reject locations that are not http:// or https://.
Fix setting nodelay when TLS is enabled but URL is HTTP.
(wasm) Add ClientBuilder::user_agent(val).
(wasm) add multipart::Form::headers(headers).

`v0.11.22`

Compare Source

Fix compilation on Windows when trust-dns is enabled.

`v0.11.21`

Compare Source

Add automatically detecting macOS proxy settings.
Add ClientBuilder::tls_info(bool), which will put tls::TlsInfo into the response extensions.
Fix trust-dns resolver from possible hangs.
Fix connect timeout to be split among multiple IP addresses.

`v0.11.20`

Compare Source

Fix deflate decompression back to using zlib, as outlined in the spec.

`v0.11.19`

Compare Source

Add ClientBuilder::http1_ignore_invalid_headers_in_responses() option.
Add ClientBuilder::http1_allow_spaces_after_header_name_in_responses() option.
Add support for ALL_PROXY environment variable.
Add support for use_preconfigured_tls when combined with HTTP/3.
Fix deflate decompression from using the zlib decoder.
Fix Response::{text, text_with_charset}() to strip BOM characters.
Fix a panic when HTTP/3 is used if UDP isn't able to connect.
Fix some dependencies for HTTP/3.
Increase MSRV to 1.63.

`v0.11.18`

Compare Source

Fix RequestBuilder::json() method from overriding a previously set content-type header. An existing value will be left in place.
Upgrade internal dependencies for rustls and compression.

`v0.11.17`

Compare Source

Upgrade internal dependencies of Experimental HTTP/3 to use quinn v0.9
(wasm) Fix blob url support

`v0.11.16`

Compare Source

Chore: set MSRV in Cargo.toml.
Docs: fix build on docs.rs

`v0.11.15`

Compare Source

Add RequestBuilder methods to split and reconstruct from its parts.
Add experimental HTTP/3 support.
Fix connection_verbose to log write_vectored calls.
(wasm) Make requests actually cancel if the future is dropped.

`v0.11.14`

Compare Source

Adds Proxy::no_proxy(url) that works like the NO_PROXY environment variable.
Adds multipart::Part::headers(headers) method to add custom headers.
(wasm) Add Response::bytes_stream().
Perf: several internal optimizations reducing copies and memory allocations.

`v0.11.13`

Compare Source

Add ClientBuilder::dns_resolver() option for custom DNS resolvers.
Add ClientBuilder::tls_sni(bool) option to enable or disable TLS Server Name Indication.
Add Identity::from_pkcs8_pem() constructor when using native-tls.
Fix redirect::Policy::limited(0) from following any redirects.

`v0.11.12`

Compare Source

Add ClientBuilder::resolve_to_addrs() which allows a slice of IP addresses to be specified for a single host.
Add Response::upgrade() to await whether the server agrees to an HTTP upgrade.

`v0.11.11`

Compare Source

Add HTTP/2 keep-alive configuration methods on ClientBuilder.
Add ClientBuilder::http1_allow_obsolete_multiline_headers_in_responses().
Add impl Service<Request> for Client and &'_ Client.
(wasm) Add RequestBuilder::basic_auth().
Fix RequestBuilder::header to not override sensitive if user explicitly set on a HeaderValue.
Fix rustls parsing of elliptic curve private keys.
Fix Proxy URL parsing of some invalid targets.

`v0.11.10`

Compare Source

Add Error::url() to access the URL of an error.
Add Response::extensions() to access the http::Extensions of a response.
Fix rustls-native-certs to log an error instead of panicking when loading an invalid system certificate.
Fix passing Basic Authorization header to proxies.

`v0.11.9`

Compare Source

Add ClientBuilder::http09_responses(bool) option to allow receiving HTTP/0.9 responses.
Fix HTTP/2 to retry requests interrupted by an HTTP/2 graceful shutdown.
Fix proxy loading from environment variables to ignore empty values.

`v0.11.8`

Compare Source

Update internal webpki-roots dependency.

`v0.11.7`

Compare Source

Add blocking::ClientBuilder::resolve() option, matching the async builder.
Implement From<tokio::fs::File> for Body.
Fix blocking request-scoped timeout applying to bodies as well.
(wasm) Fix request bodies using multipart vs formdata.
Update internal rustls to 0.20.

`v0.11.6`

Compare Source

(wasm) Fix request bodies more.

`v0.11.5`

Compare Source

Add ClientBuilder::http1_only() method.
Add tls::Version type, and ClientBuilder::min_tls_version() and ClientBuilder::max_tls_version() methods.
Implement TryFrom<Request> for http::Request.
Implement Clone for Identity.
Fix NO_PROXYenvironment variable parsing to more closely match curl's. Comma-separated entries are now trimmed for whitespace, and * is allowed to match everything.
Fix redirection to respect https_only option.
(wasm) Add Body::as_bytes() method.
(wasm) Fix sometimes wrong conversation of bytes into a JsValue.
(wasm) Avoid dependency on serde-serialize feature.

`v0.11.4`

Compare Source

Add ClientBuilder::resolve() option to override DNS resolution for specific domains.
Add native-tls-alpn Cargo feature to use ALPN with the native-tls backend.
Add ClientBuilder::deflate() option and deflate Cargo feature to support decoding response bodies using deflate.
Add RequestBuilder::version() to allow setting the HTTP version of a request.
Fix allowing "invalid" certificates with the rustls-tls backend, when the server uses TLS v1.2 or v1.3.
(wasm) Add try_clone to Request and RequestBuilder

`v0.11.3`

Compare Source

Add impl From<hyper::Body> for reqwest::Body.
(wasm) Add credentials mode methods to RequestBuilder.

`v0.11.2`

Compare Source

Add hickory-dns feature, deprecating trust-dns.
(wasm) Fix Form::text() to not set octet-stream for plain text fields.

`v0.11.1`

Compare Source

Add ClientBuilder::http1_ignore_invalid_headers_in_responses() option.
Add ClientBuilder::http1_allow_spaces_after_header_name_in_responses() option.
Add support for ALL_PROXY environment variable.
Add support for use_preconfigured_tls when combined with HTTP/3.
Fix deflate decompression from using the zlib decoder.
Fix Response::{text, text_with_charset}() to strip BOM characters.
Fix a panic when HTTP/3 is used if UDP isn't able to connect.
Fix some dependencies for HTTP/3.
Increase MSRV to 1.63.

`v0.11.0`

Compare Source

Change multipart to be an optional cargo feature.
Remove deprecated methods.
Update to Tokio v1.0.
Update to Bytes v1.0.
Update to hyper v0.14.

v0.10.10

Add tcp_keepalive option to blocking::ClientBuilder.
Add multipart::Part::stream_with_length constructor, to create a streaming part with a known length.
Add ClientBuilder::https_only option, to allow requiring URLs to be https.
Change default tcp_keepalive value to be disabled.

v0.10.9

Add rustls-tls-native-roots, rustls-tls-webpki-roots, and rustls-tls-manual-roots Cargo features, to configure which certificate roots to use with rustls.
Add ClientBuilder::tcp_keepalive() method to enable TCP keepalive.
Add ClientBuilder::http1_writev() method to force enable or disable vectored writes.
Add Error::is_connect() method to identify if the error is related to connection-establishment.
Add blocking::ClientBuilder::brotli() method.
Windows: Update default protocol to HTTP for HTTPS system proxies, when a protocol is not specified.
(wasm) Add support for Cloudflare workers runtime.
(wasm) Add ClientBuilder::default_headers() method.
(wasm) Add RequestBuilder::build() method.

v0.10.8

Add must_use to RequestBuilder and ClientBuilder.
Fix Windows system proxy detection of Fiddler proxies.
(wasm) Add headers method to RequestBuilder.
(wasm) Add execute method to Client.
(wasm) Add TryFrom<http::Request> for Request.
(wasm) Fix checking for global window to work in non-browser environments.
(wasm) Fix sending of an empty body when not required.

v0.10.7

Add NO_PROXY environment variable support.
Add more Error::{is_request, is_body, is_decode} getters.
Add conversion of reqwest::ClientBuilder to reqwest::blocking::ClientBuilder.
Add headers_mut() to reqwest::blocking::Response.
(wasm) Add form(), query(), multipart and bearer_auth() to RequestBuilder.

v0.10.6

Changed handling of URLs that don't have http: or https: schemes, returning an error instead.
Fixed a potential hyper-rustls feature conflict.

v0.10.5

Add ClientBuilder::pool_idle_timeout option.
Add ClientBuilder::pool_max_idle_per_host option, deprecate max_idle_per_host.
Add Response::content_length for WASM target.
Enable TCP_NODELAY by default.
Implement TryFrom<http::Request> for blocking::Request.
Implement TryFrom<http::Request> for Request.
- Removes From<http::Request> for Request.
- This is technically a breaking change, but was a mistake. It was not valid to convert from an http::Request to a reqwest::Request in an infallible fashion. It would panic if the conversion was not possible. Instead, the implementation has been changed to TryFrom to indicate it could fail.

v0.10.4

Add trust-dns optional feature to change DNS resolver.
Add bytes() method to reqwest::blocking::Response.
Add buffer() method to reqwest::blocking::Body.
Implement From<http::Request> for reqwest::Request.

v0.10.3

Upgrade internal rustls version.

v0.10.2

Add Brotli support, enabled with the optional brotli feature.
Add Client::use_preconfigured_tls(tls_connector) allowing manual configuration of TLS options.
Implement Default for blocking Client, ClientBuilder, and multipart::Form.
(wasm) Add Response::error_for_status() method.
(wasm) Add Response::json() method.
(wasm) Implement Default for Client and ClientBuilder.

v0.10.1

Add socks optional feature to support SOCKS5 proxies.
Add RequestBuilder::timeout() to configure a timeout for a single request, instead of using the client's timeout.
Add ClientBuilder::connection_verbose() option to enable verbose IO logs.
(wasm) Add RequestBuilder::fetch_mode_no_cors() option.
(wasm) Add Response::url() getter method.

`v0.10.10`

Compare Source

Add tcp_keepalive option to blocking::ClientBuilder.
Add multipart::Part::stream_with_length constructor, to create a streaming part with a known length.
Add ClientBuilder::https_only option, to allow requiring URLs to be https.
Change default tcp_keepalive value to be disabled.

`v0.10.9`

Compare Source

Add rustls-tls-native-roots, rustls-tls-webpki-roots, and rustls-tls-manual-roots Cargo features, to configure which certificate roots to use with rustls.
Add ClientBuilder::tcp_keepalive() method to enable TCP keepalive.
Add ClientBuilder::http1_writev() method to force enable or disable vectored writes.
Add Error::is_connect() method to identify if the error is related to connection-establishment.
Add blocking::ClientBuilder::brotli() method.
Windows: Update default protocol to HTTP for HTTPS system proxies, when a protocol is not specified.
(wasm) Add support for Cloudflare workers runtime.
(wasm) Add ClientBuilder::default_headers() method.
(wasm) Add RequestBuilder::build() method.

`v0.10.8`

Compare Source

Add must_use to RequestBuilder and ClientBuilder.
Fix Windows system proxy detection of Fiddler proxies.
(wasm) Add headers method to RequestBuilder.
(wasm) Add execute method to Client.
(wasm) Add TryFrom<http::Request> for Request.
(wasm) Fix checking for global window to work in non-browser environments.
(wasm) Fix sending of an empty body when not required.

`v0.10.7`

Compare Source

Add NO_PROXY environment variable support.
Add more Error::{is_request, is_body, is_decode} getters.
Add conversion of reqwest::ClientBuilder to reqwest::blocking::ClientBuilder.
Add headers_mut() to reqwest::blocking::Response.
(wasm) Add form(), query(), multipart and bearer_auth() to RequestBuilder.

`v0.10.6`

Compare Source

Changed handling of URLs that don't have http: or https: schemes, returning an error instead.
Fixed a potential hyper-rustls feature conflict.

`v0.10.5`

Compare Source

Add ClientBuilder::pool_idle_timeout option.
Add ClientBuilder::pool_max_idle_per_host option, deprecate max_idle_per_host.
Add Response::content_length for WASM target.
Enable TCP_NODELAY by default.
Implement TryFrom<http::Request> for blocking::Request.
Implement TryFrom<http::Request> for Request.
- Removes From<http::Request> for Request.
- This is technically a breaking change, but was a mistake. It was not valid to convert from an http::Request to a reqwest::Request in an infallible fashion. It would panic if the conversion was not possible. Instead, the implementation has been changed to TryFrom to indicate it could fail.

`v0.10.4`

Compare Source

Add trust-dns optional feature to change DNS resolver.
Add bytes() method to reqwest::blocking::Response.
Add buffer() method to reqwest::blocking::Body.
Implement From<http::Request> for reqwest::Request.

`v0.10.3`

Compare Source

Upgrade internal rustls version.

`v0.10.2`

Compare Source

Add Brotli support, enabled with the optional brotli feature.
Add Client::use_preconfigured_tls(tls_connector) allowing manual configuration of TLS options.
Implement Default for blocking Client, ClientBuilder, and multipart::Form.
(wasm) Add Response::error_for_status() method.
(wasm) Add Response::json() method.
(wasm) Implement Default for Client and ClientBuilder.

`v0.10.1`

Compare Source

Add tcp_keepalive option to blocking::ClientBuilder.
Add multipart::Part::stream_with_length constructor, to create a streaming part with a known length.
Add ClientBuilder::https_only option, to allow requiring URLs to be https.
Change default tcp_keepalive value to be disabled.

`v0.10.0`

Compare Source

Add std::future::Future support.
Add wasm32-unknown-unknown support (with fewer features).
Add ability to pass async Response as the body of another Request.
Add Body::as_bytes() method.
Add Response::bytes_stream() method to get body as an impl Stream.
Add Request::try_clone() method.
Change default Client API to async. The previous blocking client API is available at reqwest::blocking.
Change to no longer send a default User-Agent header. Add one via ClientBuilder::user_agent().
Change to enable system/environment proxy detection by default.
Change default-tls feature to only include ClientBuilder options that both native-tls and rustls support.
Change default feature set to reduce unnecessary dependencies. Most features are disabled by default:
- blocking: The reqwest::blocking (synchronous) client API.
- cookies: Cookie store support.
- gzip: Automatic response body decompression.
- json: Request and response JSON body methods.
- stream: futures::Stream support.
Change Error internal design, removing several Error::is_* inspector methods.
Change Redirect API:
- Renamed types to be part of the redirect module (for example, reqwest::RedirectPolicy is now reqwest::redirect::Policy).
- Removed loop_detected and too_many_redirect methods from redirect::Attempt, replaced with a generic error method.
- The default policy no longer specifically looks for redirect loops (but they should be caught by the maximum limit).
Fix checking HTTP_PROXY environment variable if it the environment is from a CGI script.
Fix removal of username/password of parsed proxy URL.
Update url to v2.0.
Update hyper to v0.13.
Update http to v0.2.

v0.9.19

Add ClientBuilder::use_sys_proxy() to enable automatic detect of HTTP proxies configured on the system.
Add ClientBuilder::no_proxy() to disable system proxies. This is the default for 0.9, but will change to detecting system proxies by default in 0.10.
Add support for streaming request bodies in the async client.
Add async::Response::text() that returns a Future of the full body decoded to a String.
Add Clone for Certificate.

v0.9.18

Fix Cookie headers to no longer send as percent-encoded (instead, exactly as sent by the server).

v0.9.17

Fix Cookie headers to not include attributes from the Set-Cookie (like HttpOnly, Secure, etc.)

v0.9.16

Add Response::text_with_charset() to allow setting the default charset to decode.
Add Error::source() implementation.
Add async::ClientBuilder::timeout() option, will timeout the connect, request, and response body futures.
Fix gzip + chunked transfer encoding issue preventing connection reuse.
Fix RequestBuilder::query() to not add just "?" if the encoded query is empty.
Fix including new cookie headers when response is a redirect.

v0.9.15

Fix sending of "appended" request headers.

v0.9.14

Add optional support for SOCKS5 proxies, by enabling the socks5 cargo feature.
Add Cookie Store support to Client, automatically handling cookies for a session.
Add ClientBuilder::cookie_store(enable: bool) method to enable a cookie store that persists across requests.
Add Response::cookies() accessor that allows iterating over response cookies.
Fix Proxy to check the URL for a username and password.

v0.9.13

Fixes

Fix panic on some invalid Location headers during redirects (error is logged and redirect response is returned instead).
Fix instance when server notices streaming request body is complete before reqwest does.

v0.9.12

Features

Add ClientBuilder::tcp_nodelay() to allow disabling Nagle's algorithm.
Add ClientBuilder::max_idle_per_host() to allow reducing the number of idle pooled connections.
Add RequestBuilder::bearer_auth() method to async builder.

Fixes

Fix capitalization error in async RequestBuilder::basic_auth().
Fix ALPN causing issues when using a Proxy.

v0.9.11

Features

Add multipart::Form::percent_encode_noop() to allow for servers which don't support percent encoding of parameters.
Add ClientBuilder::http1_title_case_headers() to force request headers to use Title-Case.
Add ClientBuilder::connect_timeout() to allow setting only a connect timeout.

v0.9.10

Features

Add ClientBuilder::local_address() to bind to a local IP address.
Add Response::error_for_status_ref() to return an Error while borrowing a Response.

Fixes

Fix Identity::from_pem with rustls-tls backend when using RSA private keys.

v0.9.9

Features

Add ClientBuilder::h2_prior_knowledge() option to force HTTP2.
Add Response::content_length() to get the content-length of a response.
Enable ALPN h2 with the rustls-tls backend.

v0.9.8

Fixes

Revert default DNS resolver to getaddrinfo in a threadpool. There is now a trust-dns optional feature to enable the Trust-DNS resolver.
Detect Certificate and Identity errors at construction time.

v0.9.7

Fixes

Fix DNS resolver on Android (reverted back to getaddrinfo).
Fix sending unicode filenames in multipart/form-data requests.

v0.9.6

Features

Add Proxy::basic_auth method to support proxy authorization.
Add rustls-tls optional feature to use rustls instead of native-tls.
Add try_clone method to Request and RequestBuilder.
Add reqwest::async::multipart support, similar to the synchronous API.
Adds default-tls-vendored optional feature to vendor OpenSSL.

Fixes

Fix panic from top-level reqwest::get if client builder fails to build.
Removed timeout waiting for reqwest::Client runtime to startup.
Fix RequestBuilder::headers to properly append extra headers of the same name.

Performance

Replaced DNS threadpool using getaddrinfo with a non-blocking DNS resolver.

v0.9.5

Features

Adds Response::remote_addr() method to check the address of the connection used.
Adds default-tls crate feature, enabled by default, which allows users to disable TLS.

v0.9.4

Features

Adds percent_encoding_path_segment and percent_encoding_attr_char configuration to multipart::Form.

Fixes

Reverts multipart::Form default percent encoding format to path-segment.

v0.9.3

Features

Adds multipart::Part::bytes() to create a part of raw bytes.
Adds constructors for Response to help with testing.

Fixes

Properly percent-encoding more illegal characters in multipart filenames.
Ensure timed out requests cancel the associated async task.

v0.9.2

Fixes

Fix panic when Location header has UTF-8 characters.

v0.9.1

Fixes

Fix large request bodies failing because of improper handling of backpressure.
Remove body-related headers wh

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

Update Rust crate reqwest to 0.13

bae5abb

renovate bot force-pushed the renovate/reqwest-0.x branch from 2ba312a to bae5abb Compare January 1, 2026 01:30

renovate bot changed the title ~~Update Rust crate reqwest to 0.12~~ Update Rust crate reqwest to 0.13 Jan 1, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update Rust crate reqwest to 0.13 #10

Update Rust crate reqwest to 0.13 #10

Uh oh!

renovate bot commented Dec 13, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Update Rust crate reqwest to 0.13 #10

Are you sure you want to change the base?

Update Rust crate reqwest to 0.13 #10

Uh oh!

Conversation

renovate bot commented Dec 13, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

v0.12.28

v0.12.27

v0.12.26

v0.12.25

v0.12.24

v0.12.23

v0.12.22

v0.12.21

v0.12.20

v0.12.19

v0.12.18

v0.12.17

v0.12.16

v0.12.15

v0.12.14

v0.12.13

v0.12.12

v0.12.11

v0.12.10

v0.12.9

v0.12.8

v0.12.7

v0.12.6

v0.12.5

v0.12.4

v0.12.3

v0.12.2

v0.12.1

v0.11.27

v0.11.26

v0.11.25

v0.11.24

v0.11.23

v0.11.22

v0.11.21

v0.11.20

v0.11.19

v0.11.18

v0.11.17

v0.11.16

v0.11.15

v0.11.14

v0.11.13

v0.11.12

v0.11.11

v0.11.10

v0.11.9

v0.11.8

v0.11.7

v0.11.6

v0.11.5

v0.11.4

v0.11.3

v0.11.2

v0.11.1

v0.10.10

v0.10.9

v0.10.8

v0.10.7

v0.10.6

v0.10.5

v0.10.4

v0.10.3

v0.10.2

v0.10.1

v0.9.19

renovate bot commented Dec 13, 2025 •

edited

Loading