Bump req from 0.3.9 to 0.4.11

[dependabot]

Bumps req from 0.3.9 to 0.4.11.

Release notes

Sourced from req's releases.

v0.4.0

Req v0.4.0 changes headers to be maps, adds request & response streaming, and improves steps.

Change Headers to be Maps

Previously headers were lists of name/value tuples, e.g.:

[{"content-type", "text/html"}]

This is a standard across the ecosystem (with minor difference that some Erlang libraries use charlists instead of binaries.)

There are some problems with this particular choice though:

• We cannot use headers[name]
• We cannot use pattern matching

In short, this representation isn't very ergonomic to use.

Now headers are maps of string names and lists of values, e.g.:

%{"content-type" => ["text/html"]}

This allows headers[name] usage:

response.headers["content-type"]
#=> ["text/html"]

and pattern matching:

case Req.request!(req) do
  %{headers: %{"content-type" => ["application/json" <> _]}} ->
    # handle JSON response
end

This is a major breaking change. If you cannot easily update your app or your dependencies, do:

# config/config.exs
config :req, legacy_headers_as_lists: true

This legacy fallback will be removed on Req 1.0.

... (truncated)

Changelog

Sourced from req's changelog.

v0.4.11 (2024-02-19)

• [Req.Test.json/2]: Don't crash compilation when Plug is not available

v0.4.10 (2024-02-19)

• [run_finch]: Default to connect_options: [protocols: [:http1, :http2]].

• [run_finch]: Change version requirement to ~> 0.17, that is all versions up to 1.0.

• [put_aws_sigv4]: Support streaming request body.

• [auth]: Always update authorization header.

• [decode_body]: Gracefully handle multiple content-type values.

• [Req.Request.new/1]: Use URI.parse for now.

v0.4.9 (2024-02-14)

• [retry]: Raise on invalid return from :retry_delay function

• [run_finch]: Update to Finch 0.17

• [run_finch]: Deprecate connect_options: [protocol: ...] in favour of connect_options: [protocols: ...]] which defaults to [:http1, :http2], that is, make request using HTTP/1 but if negotiated switch to HTTP/2 over the HTTP/1 connection.

• New step: [put_aws_sigv4] - signs request with AWS Signature Version 4.

v0.4.8 (2023-12-11)

• [put_plug]: Fix response streaming. Previously we were relying on unreleased Plug features (which may never get released). Now, Plug adapter will emit the entire response body as one chunk. Thus, plug: plug, into: fn ... -> {:halt, acc} end is not yet supported as it requires Plug changes that are still being discussed. On the flip side, we should have much more stable Plug integration regardless of this small limitation.

v0.4.7 (2023-12-11)

• [put_plug]: Don't crash if plug is not installed and :plug is not used

v0.4.6 (2023-12-11)

• New step: [checksum]
• [put_plug]: Fix response streaming when plug uses send_resp or send_file
• [retry]: Retry on :closed

... (truncated)

Commits

• 908ac78 Release v0.4.11
• 18d9379 Plug.Test.json/2: Don't crash compilation when Plug is not available
• 400f2c6 Fix docs
• 668c14d Release v0.4.10
• 2a72a5c Add TODO, ref: #294
• e4e17b7 Req.Request.new: Use URI.parse for now, ref #305 #245
• 24287c1 Document Req.Test, closes #287
• 7f2d4b7 decode_body: Gracefully handle multiple content-type values (#292)
• 928e326 Fix test for earlier versions
• 53d8682 put_aws_sigv4: Add regression test
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #40.