You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As of today, the default features for reqwest is set to ["native-tls"]. This is a problem and IMHO a bad practice. The way Cargo resolves (workspace) dependencies will cause the reqwest/native-tls to always be enabled (even if the user sets default-features = false for reqwest. As a consequence, a transitive dependency to openssl-sys is pulled, which can lead to multiple problems:
OpenSSL might not be available on the target (ex: using cross to build for Android).
OpenSSL is an unsafe SSL implementation, and Rust developers would most likely want the possibility to avoid it/not depend on it/not build it. It might be worth noting reqwest might switch to rustls by default (cf Consider switching to rustls as the default seanmonstar/reqwest#2025).
IMHO as a rule of thumb, I think it's best to keep default features to a minimum for libs anyway.
Describe the solution you'd like
[features]
default = []
IDK if it is considered a breaking change: bins/libs that rely on the Rust SDK generated by OpenAPI Generator will not build anymore if and only if they do not already depend on reqwest with default-features = falseand not TLS backend feature configured (default-tls, rustls-tls or native-tls). Otherwise, the default-tls feature is enabled and will be used instead of native-tls.
Is your feature request related to a problem? Please describe.
Follow up on #21925 (comment)
As of today, the default features for
reqwestis set to["native-tls"]. This is a problem and IMHO a bad practice. The way Cargo resolves (workspace) dependencies will cause thereqwest/native-tlsto always be enabled (even if the user setsdefault-features = falseforreqwest. As a consequence, a transitive dependency toopenssl-sysis pulled, which can lead to multiple problems:crossto build for Android).reqwestmight switch torustlsby default (cf Consider switching torustlsas the default seanmonstar/reqwest#2025).IMHO as a rule of thumb, I think it's best to keep default features to a minimum for libs anyway.
Describe the solution you'd like
IDK if it is considered a breaking change: bins/libs that rely on the Rust SDK generated by OpenAPI Generator will not build anymore if and only if they do not already depend on
reqwestwithdefault-features = falseand not TLS backend feature configured (default-tls,rustls-tlsornative-tls). Otherwise, thedefault-tlsfeature is enabled and will be used instead ofnative-tls.Describe alternatives you've considered
Override
Cargo.mustache.Additional context
Follow up on #21925 (comment)
Requires #21925 to be merged first.