google-maps-services-java icon indicating copy to clipboard operation
google-maps-services-java copied to clipboard
verified publisher icon googlemaps

chore(deps): bump okhttp from 5.0.0-alpha.7 to 5.0.0-alpha.10

Open dependabot[bot] opened this issue 3 years ago • 0 comments

Bumps okhttp from 5.0.0-alpha.7 to 5.0.0-alpha.10.

Changelog

Sourced from okhttp's changelog.

Version 5.0.0-alpha.10

2022-06-26

  • Fix: Configure the multiplatform artifact (com.squareup.okhttp3:okhttp:3.x.x) to depend on the JVM artifact (com.squareup.okhttp3:okhttp-jvm:3.x.x) for Maven builds. This should work-around an issue where Maven doesn't interpret Gradle metadata.
  • Fix: Make another attempt at supporting Kotlin 1.5.31 at runtime. We were crashing on DurationUnit which was a typealias in 1.5.x.
  • Upgrade: [Okio 3.2.0][okio_3_2_0].

Version 5.0.0-alpha.9

2022-06-16

  • New: Enforce label length limits in URLs. HttpUrl now rejects URLs whose domains aren't valid. This includes overly-long domain names (longer than 253 characters), overly-long labels (more than 63 characters between dots), and empty labels.
  • New: Don't include the Content-Length header in multipart bodies. Servers must delimit OkHttp's request bodies using the boundary only. (This change makes OkHttp more consistent with browsers and other HTTP clients.)
  • New: Drop the tunnelProxy argument in MockWebServer.useHttps(). This change only impacts the OkHttp 5.x API which uses the mockwebserver3 package.
  • Fix: Don't call toDuration() which isn't available in kotlin-stdlib 1.4.

Version 5.0.0-alpha.8

2022-06-08

  • Fix: Change how H2_PRIOR_KNOWLEDGE works with HTTP proxies. Previously OkHttp assumed the proxy itself was a prior knowledge HTTP/2 server. With this update, OkHttp attempts a CONNECT tunnel just as it would with HTTPS. For prior knowledge with proxies OkHttp's is now consistent with these curl arguments:

    curl \
  --http2-prior-knowledge \
  --proxy localhost:8888 \
  --proxytunnel \
  http://squareup.com/robots.txt

  • Fix: Support executing OkHttp on kotlin-stdlib versions as old as 1.4. The library still builds on up-to-date Kotlin releases (1.6.21) but no longer needs that version as a runtime dependency. This should make it easier to use OkHttp in Gradle plugins.

  • Fix: Don't start the clock on response timeouts until the request body is fully transmitted. This is only relevant for duplex request bodies, because they are written concurrently when

... (truncated)

Commits
  • 956664f Prepare for release 5.0.0-alpha.10.
  • 9ce6a54 Update com-squareup-okio to v3.2.0 (#7357)
  • cd707a4 Make pom.xml depend on the JVM artifact (#7354)
  • 756cdf1 Update dependency org.eclipse.jetty:jetty-client to v11.0.11 (#7352)
  • 3ff1b61 Improve runtime compatibility with kotlin 1.5.31 (#7343)
  • 85adee4 Update org-jetbrains-coroutines to v1.6.3 (#7345)
  • 573c79d Update dependency org.eclipse.jetty:jetty-client to v11.0.10 (#7348)
  • ca6425d Fix jvm-default usage. (#7341)
  • 4bec576 Fix for common RequestBody contentType bug. (#7340)
  • 94445ed Prepare next development version.
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Jun 27 '22 22:06 dependabot[bot]