Bump actix-web from 4.10.2 to 4.13.0

[dependabot]

Bumps actix-web from 4.10.2 to 4.13.0.

Release notes

Sourced from actix-web's releases.

actix-web: v4.13.0

• Minimum supported Rust version (MSRV) is now 1.88.
• Improve HTTP/2 upload throughput by increasing default flow control window sizes. #3638
• Add HttpServer::{h2_initial_window_size, h2_initial_connection_window_size} methods for tuning. #3638
• Add HttpRequest::url_for_map and HttpRequest::url_for_iter methods for named URL parameters. #3895
• Ignore unparsable cookies in Cookie request header.
• Add experimental-introspection feature to report configured routes #3594
• Add config/method for TCP_NODELAY. #3918
• Fix panic when NormalizePath rewrites a scoped dynamic path before extraction (e.g., scope("{tail:.*}") + Path<String>). #3562
• Do not compress 206 Partial Content responses. #3191

#3895: actix/actix-web#3895 #3594: actix/actix-web#3594 #3918: actix/actix-web#3918 #3638: actix/actix-web#3638 #3562: actix/actix-web#3562 #3191: actix/actix-web#3191

actix-web: v4.12.1

• No significant changes since 4.12.0.

actix-web: v4.12.0

Short announcement

We've started GitHub Sponsors: https://github.com/sponsors/actix Support our development!

v4.12.0

• actix_web::response::builder::HttpResponseBuilder::streaming() now sets Content-Type to application/octet-stream if Content-Type does not exist.
• actix_web::response::builder::HttpResponseBuilder::streaming() now calls actix_web::response::builder::HttpResponseBuilder::no_chunking() and returns SizedStream if Content-Length is set by user.
• Add ws crate feature (on-by-default) which forwards to actix-http and guards some of its ResponseError impls.
  • ⚠️ if you use default-feature = false and the web scoket feature, please make sure you enable the ws feature.
• Add public export for EitherExtractError in error module.

actix-web: v4.11.0

• Add Logger::log_level() method.
• Improve handling of non-UTF-8 header values in Logger middleware.
• Add HttpServer::shutdown_signal() method.
• Mark HttpServer as #[must_use].
• Allow SVG images to be compressed by the Compress middleware.
• Ignore Host header in Host guard when connection protocol is HTTP/2.
• Re-export mime dependency.
• Update brotli dependency to 8.

Commits

• 8b7270a chore(web): release v4.13.0 (#3941)
• 9cbde13 chore(gha): reduce timeout to 30min. (#3940)
• a7a26f1 chore(http): release v3.12.0 (#3939)
• 6e4e040 chore(router): release v0.5.4 (#3938)
• 0ffaa78 docs(web): document introspection feature (#3937)
• 1187210 fix(http): drain unread body if chunked and dropped payload (#3936)
• f120479 docs(actix-router): document Resource trait (#3935)
• 36dadc5 typo: bytes=bytes=0-9 to bytes=0-9 (#3934)
• 38dd705 build(deps): bump taiki-e/cache-cargo-install-action from 3.0.1 to 3.0.2 (#3928)
• 102cad3 build(deps): bump trybuild from 1.0.115 to 1.0.116 (#3929)
• Additional commits viewable in compare view

Summary by CodeRabbit

• Chores
  • Updated web framework dependencies across the project to enhance compatibility and stability.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 1ffc50f1-85d3-4c7c-91fb-099341d70776

📥 Commits

Reviewing files that changed from the base of the PR and between fced7a2 and bbe311e.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (5)

• cincinnati/Cargo.toml
• commons/Cargo.toml
• graph-builder/Cargo.toml
• metadata-helper/Cargo.toml
• policy-engine/Cargo.toml

✅ Files skipped from review due to trivial changes (1)

• cincinnati/Cargo.toml

🚧 Files skipped from review as they are similar to previous changes (2)

• metadata-helper/Cargo.toml
• commons/Cargo.toml

---

Walkthrough

The pull request updates the actix-web dependency version constraint from ^4.4.1 to ^4.13.0 in five crate Cargo.toml files. No code logic, public API declarations, features, or other configuration changes are present in this diff.

Changes

Actix-web Dependency Bump

Layer / File(s)	Summary
Update manifest constraints cincinnati/Cargo.toml, commons/Cargo.toml, graph-builder/Cargo.toml, metadata-helper/Cargo.toml, policy-engine/Cargo.toml	Each crate's Cargo.toml had its actix-web dependency constraint changed from ^4.4.1 to ^4.13.0. No other manifest fields or code files were modified.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 12

✅ Passed checks (12 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The pull request title clearly and specifically describes the main change: updating the actix-web dependency version from 4.10.2 to 4.13.0 across multiple Cargo.toml files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	Ginkgo test name check is not applicable. Cincinnati is a Rust project with no Ginkgo tests. PR only updates actix-web dependency versions.
Test Structure And Quality	✅ Passed	The Ginkgo test quality check is not applicable. This PR only updates Rust Cargo.toml actix-web versions. The project contains no Go code or Ginkgo tests.
Microshift Test Compatibility	✅ Passed	Custom check is not applicable. This PR updates Rust dependencies (actix-web) only. No Ginkgo e2e tests or Go code is present in the repository or modified in this PR.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	This PR is a Rust dependency version bump (actix-web 4.10.2→4.13.0) with no Ginkgo e2e tests. The SNO compatibility check is only applicable to Go e2e tests and is not relevant to this Rust project.
Topology-Aware Scheduling Compatibility	✅ Passed	PR contains only actix-web dependency bumps in Cargo.toml. Cincinnati is a Rust library, not an operator/controller. No deployment manifests or scheduling constraints introduced.
Ote Binary Stdout Contract	✅ Passed	OTE Binary Stdout Contract check is not applicable. PR updates Rust dependency only; not a Go/Ginkgo test binary.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	This PR updates actix-web dependencies in Rust Cargo.toml files. The custom check applies only to Ginkgo e2e tests (Go), which are not present in this Rust project. No Ginkgo tests were added.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/cargo/actix-web-4.13.0

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign fao89 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[fao89]

@dependabot rebase

[openshift-ci]

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
ci/prow/cargo-test	bbe311e	link	true	/test cargo-test
ci/prow/olm-e2e	bbe311e	link	true	/test olm-e2e
ci/prow/osus-e2e	bbe311e	link	true	/test osus-e2e
ci/prow/images	bbe311e	link	true	/test images

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.