From 4e40afb959673672267b47ca20d1f9b6f00ddc0f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 1 Aug 2025 10:41:13 -0700
Subject: [PATCH] build(deps): bump hackney from 1.24.1 to 1.25.0 in /elixir
 (#10083)

Bumps [hackney](https://github.com/benoitc/hackney) from 1.24.1 to
1.25.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/benoitc/hackney/releases">hackney's
releases</a>.</em></p>
<blockquote>
<h2>1.25.0 - 2025-07-24</h2>
<p><strong>IMPORTANT CHANGE</strong></p>
<ul>
<li>
<p>change: <code>insecure_basic_auth</code> now defaults to
<code>true</code> instead of <code>false</code></p>
<p>This restores backward compatibility with pre-1.24.0 behavior where
basic auth
was allowed over HTTP connections. If you need strict HTTPS-only basic
auth:</p>
<ul>
<li>Set globally: <code>application:set_env(hackney,
insecure_basic_auth, false)</code></li>
<li>Or per-request: <code>{insecure_basic_auth, false}</code> in
options</li>
</ul>
</li>
</ul>
<p>Hex.pm : <a
href="https://hex.pm/packages/hackney/1.25.0">https://hex.pm/packages/hackney/1.25.0</a>
Doc: <a
href="https://hexdocs.pm/hackney/readme.html">https://hexdocs.pm/hackney/readme.html</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/benoitc/hackney/blob/master/NEWS.md">hackney's
changelog</a>.</em></p>
<blockquote>
<h2>1.25.0 - 2025-07-24</h2>
<p>** IMPORTANT CHANGE **</p>
<ul>
<li>
<p>change: <code>insecure_basic_auth</code> now defaults to
<code>true</code> instead of <code>false</code></p>
<p>This restores backward compatibility with pre-1.24.0 behavior where
basic auth
was allowed over HTTP connections. If you need strict HTTPS-only basic
auth:</p>
<ul>
<li>Set globally: <code>application:set_env(hackney,
insecure_basic_auth, false)</code></li>
<li>Or per-request: <code>{insecure_basic_auth, false}</code> in
options</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/benoitc/hackney/commit/8c00789e411d7c09a9808d720232098da1f19d69"><code>8c00789</code></a>
Merge pull request <a
href="https://redirect.github.com/benoitc/hackney/issues/778">#778</a>
from benoitc/insecure-basic-auth-default-true</li>
<li><a
href="https://github.com/benoitc/hackney/commit/a1d4108541d224d1a8cb2baeac95abb923af515b"><code>a1d4108</code></a>
change insecure_basic_auth default to true</li>
<li><a
href="https://github.com/benoitc/hackney/commit/e2bbdf741ee374c872da2baadc7451b66644b421"><code>e2bbdf7</code></a>
bump unicode compat lib</li>
<li><a
href="https://github.com/benoitc/hackney/commit/3b901a6cf8ae1118aa4e66505ca20083d946b867"><code>3b901a6</code></a>
update readme</li>
<li>See full diff in <a
href="https://github.com/benoitc/hackney/compare/1.24.1...1.25.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=hackney&package-manager=hex&previous-version=1.24.1&new-version=1.25.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 elixir/mix.lock | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/elixir/mix.lock b/elixir/mix.lock
index 64e98b321..0b03b58d0 100644
--- a/elixir/mix.lock
+++ b/elixir/mix.lock
@@ -38,7 +38,7 @@
   "gettext": {:hex, :gettext, "0.26.2", "5978aa7b21fada6deabf1f6341ddba50bc69c999e812211903b169799208f2a8", [:mix], [{:expo, "~> 0.5.1 or ~> 1.0", [hex: :expo, repo: "hexpm", optional: false]}], "hexpm", "aa978504bcf76511efdc22d580ba08e2279caab1066b76bb9aa81c4a1e0a32a5"},
   "gproc": {:hex, :gproc, "0.9.1", "f1df0364423539cf0b80e8201c8b1839e229e5f9b3ccb944c5834626998f5b8c", [:rebar3], [], "hexpm", "905088e32e72127ed9466f0bac0d8e65704ca5e73ee5a62cb073c3117916d507"},
   "grpcbox": {:hex, :grpcbox, "0.17.1", "6e040ab3ef16fe699ffb513b0ef8e2e896da7b18931a1ef817143037c454bcce", [:rebar3], [{:acceptor_pool, "~> 1.0.0", [hex: :acceptor_pool, repo: "hexpm", optional: false]}, {:chatterbox, "~> 0.15.1", [hex: :ts_chatterbox, repo: "hexpm", optional: false]}, {:ctx, "~> 0.6.0", [hex: :ctx, repo: "hexpm", optional: false]}, {:gproc, "~> 0.9.1", [hex: :gproc, repo: "hexpm", optional: false]}], "hexpm", "4a3b5d7111daabc569dc9cbd9b202a3237d81c80bf97212fbc676832cb0ceb17"},
-  "hackney": {:hex, :hackney, "1.24.1", "f5205a125bba6ed4587f9db3cc7c729d11316fa8f215d3e57ed1c067a9703fa9", [:rebar3], [{:certifi, "~> 2.15.0", [hex: :certifi, repo: "hexpm", optional: false]}, {:idna, "~> 6.1.0", [hex: :idna, repo: "hexpm", optional: false]}, {:metrics, "~> 1.0.0", [hex: :metrics, repo: "hexpm", optional: false]}, {:mimerl, "~> 1.4", [hex: :mimerl, repo: "hexpm", optional: false]}, {:parse_trans, "3.4.1", [hex: :parse_trans, repo: "hexpm", optional: false]}, {:ssl_verify_fun, "~> 1.1.0", [hex: :ssl_verify_fun, repo: "hexpm", optional: false]}, {:unicode_util_compat, "~> 0.7.0", [hex: :unicode_util_compat, repo: "hexpm", optional: false]}], "hexpm", "f4a7392a0b53d8bbc3eb855bdcc919cd677358e65b2afd3840b5b3690c4c8a39"},
+  "hackney": {:hex, :hackney, "1.25.0", "390e9b83f31e5b325b9f43b76e1a785cbdb69b5b6cd4e079aa67835ded046867", [:rebar3], [{:certifi, "~> 2.15.0", [hex: :certifi, repo: "hexpm", optional: false]}, {:idna, "~> 6.1.0", [hex: :idna, repo: "hexpm", optional: false]}, {:metrics, "~> 1.0.0", [hex: :metrics, repo: "hexpm", optional: false]}, {:mimerl, "~> 1.4", [hex: :mimerl, repo: "hexpm", optional: false]}, {:parse_trans, "3.4.1", [hex: :parse_trans, repo: "hexpm", optional: false]}, {:ssl_verify_fun, "~> 1.1.0", [hex: :ssl_verify_fun, repo: "hexpm", optional: false]}, {:unicode_util_compat, "~> 0.7.1", [hex: :unicode_util_compat, repo: "hexpm", optional: false]}], "hexpm", "7209bfd75fd1f42467211ff8f59ea74d6f2a9e81cbcee95a56711ee79fd6b1d4"},
   "hammer": {:hex, :hammer, "7.1.0", "9b55acd9951035f330aa1556e575e72d93334e8732daf5f2f602793d16008fe9", [:mix], [], "hexpm", "0ef3f0b9b92ae10a01604ca58adc2bfc8df0af4414a3afcf2dd79e256bc94c17"},
   "hpack": {:hex, :hpack_erl, "0.3.0", "2461899cc4ab6a0ef8e970c1661c5fc6a52d3c25580bc6dd204f84ce94669926", [:rebar3], [], "hexpm", "d6137d7079169d8c485c6962dfe261af5b9ef60fbc557344511c1e65e3d95fb0"},
   "hpax": {:hex, :hpax, "1.0.3", "ed67ef51ad4df91e75cc6a1494f851850c0bd98ebc0be6e81b026e765ee535aa", [:mix], [], "hexpm", "8eab6e1cfa8d5918c2ce4ba43588e894af35dbd8e91e6e55c817bca5847df34a"},