chore(deps): update reqwest to 0.13 for updater (#3213)

Author: Legend-Master

.changes/updater-reqwest-0.13.md

@@ -0,0 +1,6 @@
+---
+"updater": minor
+"updater-js": minor
+---
+
+Updated `reqwest` to 0.13, make sure to update your `reqwest` dependency if you're using `UpdaterBuilder::configure_client`

Cargo.lock

@@ -30,10 +30,13 @@ serde_json = { workspace = true }
 thiserror = { workspace = true }
 log = { workspace = true }
 tokio = "1"
-reqwest = { version = "0.12", default-features = false, features = [
+reqwest = { version = "0.13", default-features = false, features = [
   "json",
   "stream",
 ] }
+rustls = { version = "0.23", default-features = false, features = [
+  "ring",
+], optional = true }
 url = { workspace = true }
 http = "1"
 minisign-verify = "0.2"
@@ -68,4 +71,4 @@ default = ["rustls-tls", "zip"]
 zip = ["dep:zip", "dep:tar", "dep:flate2"]
 native-tls = ["reqwest/native-tls"]
 native-tls-vendored = ["reqwest/native-tls-vendored"]
-rustls-tls = ["reqwest/rustls-tls"]
+rustls-tls = ["reqwest/rustls-no-provider", "dep:rustls"]

plugins/updater/Cargo.toml

@@ -432,6 +432,12 @@ impl Updater {
 
             log::debug!("checking for updates {url}");
 
+            #[cfg(feature = "rustls-tls")]
+            if rustls::crypto::CryptoProvider::get_default().is_none() {
+                // This can only fail if there is already a default provider which we checked for already.
+                let _ = rustls::crypto::ring::default_provider().install_default();
+            }
+
             let mut request = ClientBuilder::new().user_agent(UPDATER_USER_AGENT);
             if self.config.dangerous_accept_invalid_certs {
                 request = request.danger_accept_invalid_certs(true);