next.js

de3e9d4f - Turbopack: Update reqwest, remove experimental system TLS feature (#88290)

Turbopack: Update reqwest, remove experimental system TLS feature (#88290) I added this as an option in https://github.com/vercel/next.js/pull/81818 as a solution for users with corporate firewalls that MITM TLS traffic. Reqwest 0.13.x now uses `rustls-platform-verifier` by default, which doesn't have the tradeoffs that `rustls-native-certs` had. We should now pick up and work with system certs by default, and we no longer depend on shipping our own blob of trusted PKI roots! (though wasmer still pulls this in...) This PR was generated with Opus + OpenCode, but there was a ton of manual iteration to get it working on CI. ### TLS Provider `reqwest` now defaults to `aws-lc-rs` instead of `ring`. This causes a few problems: - On Windows, this requires cmake and NASM. There's a prebuilt NASM blob we can use, but it still appears to need cmake. We could install this in CI, but I don't want to make Windows development any more complicated than it already is. - On Linux, there are issues with it picking up the wrong glibc version in our CI: https://github.com/aws/aws-lc-rs/issues/673 We just use this for fetching Google Fonts, so it's not worth it: Fall back to using `ring` on these platforms. ### CI Testing Manually triggered a build-and-release job so that it tries to build for the whole platform matrix: https://github.com/vercel/next.js/actions/runs/20936098900 ### Manual Testing Followed the test plan in https://github.com/vercel/next.js/pull/81818