You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
All recent versions of com.amplifyframework:aws-auth-cognito pull in an alpha version of okhttp: com.squareup.okhttp3:okhttp:5.0.0-alpha.11 via transitive dependencies.
This is conflicting with our existing dependencies of okhttp 4.12.0, which is the latest stable release of okhttp.
I don't really get, why anyone considered it a good idea to use an alpha version as a dependency. There are even companies that forbid using alpha dependencies in production.
Seems, like the culprit is the aws dependency aws.smithy.kotlin:http-client-engine-okhttp-jvm:1.0.11, which had this bad dependency literally forever. I went to mvnrepository and even version 0.11.0 of this smithy client uses an alpha version. Going forward, the most recent version 1.2.2 also has an alpha dependency.
There was a ticket regarding this, but it was abandoned and closed without a fix. #2632
Is there a plan, when this will be fixed? I have no idea how to integrate cognito without messing up our production releases.
The text was updated successfully, but these errors were encountered:
Unfortunately, Amplify Android has dependency with aws-kotlin and aws-smithy. We will try to make another request internally and see if any modifications can be done.
Before opening, please confirm:
Language and Async Model
Kotlin - Coroutines
Amplify Categories
Authentication
Gradle script dependencies
Describe the bug
All recent versions of
com.amplifyframework:aws-auth-cognito
pull in an alpha version ofokhttp
:com.squareup.okhttp3:okhttp:5.0.0-alpha.11
via transitive dependencies.This is conflicting with our existing dependencies of okhttp
4.12.0
, which is the latest stable release of okhttp.I don't really get, why anyone considered it a good idea to use an alpha version as a dependency. There are even companies that forbid using alpha dependencies in production.
Seems, like the culprit is the aws dependency
aws.smithy.kotlin:http-client-engine-okhttp-jvm:1.0.11
, which had this bad dependency literally forever. I went to mvnrepository and even version0.11.0
of this smithy client uses an alpha version. Going forward, the most recent version1.2.2
also has an alpha dependency.There was a ticket regarding this, but it was abandoned and closed without a fix. #2632
Is there a plan, when this will be fixed? I have no idea how to integrate cognito without messing up our production releases.
The text was updated successfully, but these errors were encountered: