Skip to content

Bump okhttp from 3.2.0 to 4.2.0 #73

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot-preview wants to merge 1 commit into from
Closed

Bump okhttp from 3.2.0 to 4.2.0 #73

dependabot-preview wants to merge 1 commit into from

Conversation

@dependabot-preview
Copy link

@dependabot-preview dependabot-preview bot commented Sep 11, 2019

Bumps okhttp from 3.2.0 to 4.2.0.

Changelog

Sourced from okhttp's changelog.

Version 4.2.0

2019-09-10

  • New: API to decode a certificate and private key to create a HeldCertificate. This accepts a
    string containing both a certificate and PKCS Not functioning properly on Android 6 #8-encoded private key.

    val heldCertificate = HeldCertificate.decode("""
    |-----BEGIN CERTIFICATE-----
    |MIIBYTCCAQegAwIBAgIBKjAKBggqhkjOPQQDAjApMRQwEgYDVQQLEwtlbmdpbmVl
    |cmluZzERMA8GA1UEAxMIY2FzaC5hcHAwHhcNNzAwMTAxMDAwMDA1WhcNNzAwMTAx
    |MDAwMDEwWjApMRQwEgYDVQQLEwtlbmdpbmVlcmluZzERMA8GA1UEAxMIY2FzaC5h
    |cHAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASda8ChkQXxGELnrV/oBnIAx3dD
    |ocUOJfdz4pOJTP6dVQB9U3UBiW5uSX/MoOD0LL5zG3bVyL3Y6pDwKuYvfLNhoyAw
    |HjAcBgNVHREBAf8EEjAQhwQBAQEBgghjYXNoLmFwcDAKBggqhkjOPQQDAgNIADBF
    |AiAyHHg1N6YDDQiY920+cnI5XSZwEGhAtb9PYWO8bLmkcQIhAI2CfEZf3V/obmdT
    |yyaoEufLKVXhrTQhRfodTeigi4RX
    |-----END CERTIFICATE-----
    |-----BEGIN PRIVATE KEY-----
    |MEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCA7ODT0xhGSNn4ESj6J
    |lu/GJQZoU9lDrCPeUcQ28tzOWw==
    |-----END PRIVATE KEY-----
    """.trimMargin())
val handshakeCertificates = HandshakeCertificates.Builder()
    .heldCertificate(heldCertificate)
    .build()
val server = MockWebServer()
server.useHttps(handshakeCertificates.sslSocketFactory(), false)

    Get these strings with HeldCertificate.certificatePem() and privateKeyPkcs8Pem().

  • Fix: Handshake now returns peer certificates in canonical order: each certificate is signed by
    the certificate that follows and the last certificate is signed by a trusted root.

  • Fix: Don't lose HTTP/2 flow control bytes when incoming data races with a stream close. If this
    happened enough then eventually the connection would stall.

  • Fix: Acknowledge and apply inbound HTTP/2 settings atomically. Previously we had a race where we
    could use new flow control capacity before acknowledging it, causing strict HTTP/2 servers to
    fail the call.

Version 4.1.1

2019-09-05

  • Fix: Don't drop repeated headers when validating cached responses. In our Kotlin upgrade we
    introduced a regression where we iterated the number of unique header names rather than then
... (truncated)
Commits
  • 582f8ef Prepare for release 4.2.0.
  • 9b60ca8 Merge pull request #5434 from square/jwilson.0909.race
  • 510475a Don't leak incoming bytes when we race incoming data and close
  • 2cdbbda Hows My Ssl test for Android (#5428)
  • 3464ef3 Merge pull request #5431 from square/jwilson.0907.ack_apply_atomically
  • bd6a97a Acknowledge and apply inbound settings atomically
  • 3490c7e Merge pull request #5427 from square/jwilson.0905.decode_pems
  • ba2c676 Handshake returns cleaned peer certificates (#5311)
  • 93c5bcc Make it easier to decode PEM files
  • 6f17886 Merge pull request #5423 from square/jwilson.0905.windows
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

@dependabot-preview
Bump okhttp from 3.2.0 to 4.2.0
08c6996 
Bumps [okhttp](https://github.com/square/okhttp) from 3.2.0 to 4.2.0.
- [Release notes](https://github.com/square/okhttp/releases)
- [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md)
- [Commits](square/okhttp@parent-3.2.0...parent-4.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview dependabot-preview bot added the dependencies Pull requests that update a dependency file label Sep 11, 2019
@dependabot-preview dependabot-preview bot mentioned this pull request Sep 11, 2019
Closed
@dependabot-preview
Copy link
Author

dependabot-preview bot commented Oct 3, 2019

Superseded by #74.

@dependabot-preview dependabot-preview bot deleted the dependabot/gradle/com.squareup.okhttp3-okhttp-4.2.0 branch October 3, 2019 05:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant