Bump okhttp from 3.14.9 to 4.10.0

[dependabot]

Bumps okhttp from 3.14.9 to 4.10.0.

Changelog

Sourced from okhttp's changelog.

Change Log

Version 5.0.0-alpha.10

2022-06-26

• Fix: Configure the multiplatform artifact (com.squareup.okhttp3:okhttp:3.x.x) to depend on the JVM artifact (com.squareup.okhttp3:okhttp-jvm:3.x.x) for Maven builds. This should work-around an issue where Maven doesn't interpret Gradle metadata.
• Fix: Make another attempt at supporting Kotlin 1.5.31 at runtime. We were crashing on DurationUnit which was a typealias in 1.5.x.
• Upgrade: [Okio 3.2.0][okio_3_2_0].

Version 5.0.0-alpha.9

2022-06-16

• New: Enforce label length limits in URLs. HttpUrl now rejects URLs whose domains aren't valid. This includes overly-long domain names (longer than 253 characters), overly-long labels (more than 63 characters between dots), and empty labels.
• New: Don't include the Content-Length header in multipart bodies. Servers must delimit OkHttp's request bodies using the boundary only. (This change makes OkHttp more consistent with browsers and other HTTP clients.)
• New: Drop the tunnelProxy argument in MockWebServer.useHttps(). This change only impacts the OkHttp 5.x API which uses the mockwebserver3 package.
• Fix: Don't call toDuration() which isn't available in kotlin-stdlib 1.4.

Version 5.0.0-alpha.8

2022-06-08

• Fix: Change how H2_PRIOR_KNOWLEDGE works with HTTP proxies. Previously OkHttp assumed the proxy itself was a prior knowledge HTTP/2 server. With this update, OkHttp attempts a CONNECT tunnel just as it would with HTTPS. For prior knowledge with proxies OkHttp's is now consistent with these curl arguments:

  curl \
    --http2-prior-knowledge \
    --proxy localhost:8888 \
    --proxytunnel \
    http://squareup.com/robots.txt
  

• Fix: Support executing OkHttp on kotlin-stdlib versions as old as 1.4. The library still builds on up-to-date Kotlin releases (1.6.21) but no longer needs that version as a runtime dependency. This should make it easier to use OkHttp in Gradle plugins.

... (truncated)

Commits

• 6b07f62 Prepare for release 4.10.0.
• c657392 Fix Conscrypt NPE workaround (#7219) (#7230)
• 5aa716a 4.10: Version bump of kotlin, okio. (#7225)
• acf8735 Backport of square/okhttp#6495 (#6940)
• 86acfbd Prepare next development version.
• 0a27e9f Prepare for release 4.9.3.
• 97a8f6c Confirm we can read a response that completed before RST_STREAM (#6293) (#6914)
• b1a39f4 Prepare next development version.
• 3edf17c Prepare for release 4.9.2.
• 262b3cd Handle strict module handling on JDK17 (#6707) (#6742)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[mwiede]

@dependabot close dependabot[bot] ***@***.***> schrieb am Mo., 11. Juli 2022, 22:28:

…

Bumps okhttp <https://github.com/square/okhttp> from 3.14.9 to 4.10.0. Changelog *Sourced from okhttp's changelog <https://github.com/square/okhttp/blob/master/CHANGELOG.md>.* Change Log Version 5.0.0-alpha.10 *2022-06-26* - Fix: Configure the multiplatform artifact ( com.squareup.okhttp3:okhttp:3.x.x) to depend on the JVM artifact ( com.squareup.okhttp3:okhttp-jvm:3.x.x) for Maven builds. This should work-around an issue where Maven doesn't interpret Gradle metadata. - Fix: Make another attempt at supporting Kotlin 1.5.31 at runtime. We were crashing on DurationUnit which was a typealias in 1.5.x. - Upgrade: [Okio 3.2.0][okio_3_2_0]. Version 5.0.0-alpha.9 *2022-06-16* - New: Enforce label length limits in URLs. HttpUrl now rejects URLs whose domains aren't valid. This includes overly-long domain names (longer than 253 characters), overly-long labels (more than 63 characters between dots), and empty labels. - New: Don't include the Content-Length header in multipart bodies. Servers must delimit OkHttp's request bodies using the boundary only. (This change makes OkHttp more consistent with browsers and other HTTP clients.) - New: Drop the tunnelProxy argument in MockWebServer.useHttps(). This change only impacts the OkHttp 5.x API which uses the mockwebserver3 package. - Fix: Don't call toDuration() which isn't available in kotlin-stdlib 1.4. Version 5.0.0-alpha.8 *2022-06-08* - Fix: Change how H2_PRIOR_KNOWLEDGE works with HTTP proxies. Previously OkHttp assumed the proxy itself was a prior knowledge HTTP/2 server. With this update, OkHttp attempts a CONNECT tunnel just as it would with HTTPS. For prior knowledge with proxies OkHttp's is now consistent with these curl arguments: curl \ --http2-prior-knowledge \ --proxy localhost:8888 \ --proxytunnel \ http://squareup.com/robots.txt - Fix: Support executing OkHttp on kotlin-stdlib versions as old as 1.4. The library still builds on up-to-date Kotlin releases (1.6.21) but no longer needs that version as a runtime dependency. This should make it easier to use OkHttp in Gradle plugins. ... (truncated) Commits - 6b07f62 <square/okhttp@6b07f62> Prepare for release 4.10.0. - c657392 <square/okhttp@c657392> Fix Conscrypt NPE workaround (#7219 <https://github-redirect.dependabot.com/square/okhttp/issues/7219>) ( #7230 <https://github-redirect.dependabot.com/square/okhttp/issues/7230>) - 5aa716a <square/okhttp@5aa716a> 4.10: Version bump of kotlin, okio. (#7225 <https://github-redirect.dependabot.com/square/okhttp/issues/7225>) - acf8735 <square/okhttp@acf8735> Backport of square/okhttp#6495 <https://github-redirect.dependabot.com/square/okhttp/pull/6495> (#6940 <https://github-redirect.dependabot.com/square/okhttp/issues/6940>) - 86acfbd <square/okhttp@86acfbd> Prepare next development version. - 0a27e9f <square/okhttp@0a27e9f> Prepare for release 4.9.3. - 97a8f6c <square/okhttp@97a8f6c> Confirm we can read a response that completed before RST_STREAM (#6293 <https://github-redirect.dependabot.com/square/okhttp/issues/6293>) ( #6914 <https://github-redirect.dependabot.com/square/okhttp/issues/6914>) - b1a39f4 <square/okhttp@b1a39f4> Prepare next development version. - 3edf17c <square/okhttp@3edf17c> Prepare for release 4.9.2. - 262b3cd <square/okhttp@262b3cd> Handle strict module handling on JDK17 (#6707 <https://github-redirect.dependabot.com/square/okhttp/issues/6707>) ( #6742 <https://github-redirect.dependabot.com/square/okhttp/issues/6742>) - Additional commits viewable in compare view <square/okhttp@parent-3.14.9...parent-4.10.0> [image: Dependabot compatibility score] <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase. ------------------------------ Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - @dependabot rebase will rebase this PR - @dependabot recreate will recreate this PR, overwriting any edits that have been made to it - @dependabot merge will merge this PR after your CI passes on it - @dependabot squash and merge will squash and merge this PR after your CI passes on it - @dependabot cancel merge will cancel a previously requested merge and block automerging - @dependabot reopen will reopen this PR if it is closed - @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) ------------------------------ You can view, comment on, or merge this pull request online at: #3 Commit Summary - 102e6d2 <102e6d2> Bump okhttp from 3.14.9 to 4.10.0 File Changes (1 file <https://github.com/mwiede/docker-java-transport-jsch/pull/3/files>) - *M* pom.xml <https://github.com/mwiede/docker-java-transport-jsch/pull/3/files#diff-9c5fb3d1b7e3b0f54bc5c4182965c4fe1f9023d449017cece3005d3f90e8e4d8> (2) Patch Links: - https://github.com/mwiede/docker-java-transport-jsch/pull/3.patch - https://github.com/mwiede/docker-java-transport-jsch/pull/3.diff — Reply to this email directly, view it on GitHub <#3>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAL6NOHZQHMTH6BEZDC3CCLVTR7WNANCNFSM53IXGSOA> . You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>