not-going-to-be-commons-ssl icon indicating copy to clipboard operation
not-going-to-be-commons-ssl copied to clipboard

Published 20 hours ago verified publisher icon narupley

How to use httpclient 4.x

Open Nikhilkarande33 opened this issue 3 years ago • 1 comments
trafficstars

Hi Team ,

i am working on project where we are using spring-security-saml2-core 1.0.10.RELEASE library and this library having not-going-to-be-commons-ssl 0.3.20 as compile dependency.

Now not-going-to-be-commons-ssl 0.3.20 is using commons-httpclient 3.1 which is vulnerable library so i want to upgrade to httpclient 4.x

https://mvnrepository.com/artifact/commons-httpclient/commons-httpclient

Refer to above url, it mentioned that commons-httpclient artifacts was moved to httpclient 4.x

how i can make use of httpclient in spring-security-saml2-core along with not-going-to-be-commons-ssl, could anyone suggest me.

Nikhilkarande33 avatar Mar 25 '22 10:03 Nikhilkarande33

To do this, one would need to edit the pom.xml to reflect the change of: <groupId>commons-httpclient</groupId> <artifactId>commons-httpclient</artifactId> 3.1

To: <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> 4.5.13

I have made the applicable change in https://github.com/narupley/not-going-to-be-commons-ssl/pull/13, which we can test and get approved

UcanInfosec avatar Jun 15 '22 13:06 UcanInfosec