Update dependency com.squareup.okhttp3:logging-interceptor to v5.0.0-alpha.14 #147
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
5.0.0-alpha.2
->5.0.0-alpha.14
Release Notes
square/okhttp (com.squareup.okhttp3:logging-interceptor)
v5.0.0-alpha.14
2024-04-17
Breaking: Move coroutines extensions to okhttp3.coroutines. Previously this artifact shared the
okhttp3
package name with our core module, which is incompatible with the Java Platform ModuleSystem.
Fix in okhttp-coroutines: Publish a valid artifact. The coroutines JAR file in 5.0.0-alpha.13
was corrupt and should not be used.
v5.0.0-alpha.13
2024-04-16
Breaking: Tag unstable new APIs as
@ExperimentalOkHttpApi
. We intend to release OkHttp 5.0without stabilizing these new APIs first.
Do not use these experimental APIs in modules that may be executed using a version of OkHttp
different from the version that the module was compiled with. Do not use them in published
libraries. Do not use them if you aren't willing to track changes to them.
Breaking: Drop support for Kotlin Multiplatform.
We planned to support multiplatform in OkHttp 5.0, but after building it, we weren't happy with
the implementation trade-offs. We can't use our HTTP client engine on Kotlin/JS, and we weren't
prepared to build a TLS API for Kotlin/Native.
We'd prefer a multiplatform HTTP client API that's backed by OkHttp on Android and JVM, and
other engines on other platforms. [Ktor] does this pretty well today!
Breaking: Use
kotlin.time.Duration
in APIs likeOkHttpClient.Builder.callTimeout()
. Thisupdate also drops support for the
DurationUnit
functions introduced in earlier alpha releasesof OkHttp 5.
Breaking: Reorder the parameters in the Cache constructor that was introduced in 5.0.0-alpha.3.
New:
Request.Builder.cacheUrlOverride()
customizes the cache key used for a request. This canbe used to make canonical URLs for the cache that omit insignificant query parameters or other
irrelevant data.
This feature may be used with
POST
requests to cache their responses. In such cases therequest body is not used to determine the cache key, so you must manually add cache-relevant
data to the override URL. For example, you could add a
request-body-sha256
query parameter sorequests with the same POST data get the same cache entry.
New:
HttpLoggingInterceptor.redactQueryParams()
configures the query parameters to redactin logs. For best security, don't put sensitive information in query parameters.
New:
ConnectionPool.setPolicy()
configures a minimum connection pool size for a targetaddress. Use this to proactively open HTTP connections.
Connections opened to fulfill this policy are subject to the connection pool's
keepAliveDuration
but do not count against the pool-widemaxIdleConnections
limit.This feature increases the client's traffic and the load on the server. Talking to your server's
operators before adopting it.
New in okhttp-android:
HttpLoggingInterceptor.androidLogging()
andLoggingEventListener.androidLogging()
write HTTP calls or events to Logcat.New:
OkHttpClient.webSocketCloseTimeout
configures how long a web socket connection will waitfor a graceful shutdown before it performs an abrupt shutdown.
Fix: Honor
RequestBody.isOneShot()
inMultipartBody
Fix in
okhttp-coroutines
: Don't leak response bodies inexecuteAsync()
. We had a bug wherewe didn't call
Response.close()
if the coroutine was canceled before its response wasreturned.
Upgrade: [Okio 3.9.0][okio_3_9_0].
Upgrade: [Kotlin 1.9.23][kotlin_1_9_23].
Upgrade: [Unicode® IDNA 15.1.0][idna_15_1_0]
v5.0.0-alpha.12
2023-12-17
We took too long to cut this release and there's a lot of changes in it. We've been busy.
Although this release is labeled alpha, the only unstable thing in it is our new APIs. This
release has many critical bug fixes and is safe to run in production. We're eager to stabilize our
new APIs so we can get out of alpha.
New: Support Java 21's virtual threads (‘OpenJDK Project Loom’). We changed OkHttp's internals
to use
Lock
andCondition
instead ofsynchronized
for best resource utilization.New: Switch our Internationalized Domain Name (IDN) implementation to [UTS #46 Nontransitional
Processing][uts46]. With this fix, the
ß
code point no longer maps toss
. OkHttp now embedsits own IDN mapping table in the library.
New: Prefer the client's configured precedence order for TLS cipher suites. (OkHttp used to
prefer the JDK’s precedence order.) This change may cause your HTTP calls to negotiate a
different cipher suite than before! OkHttp's defaults cipher suites are selected for good
security and performance.
New:
ConnectionListener
publishes events for connects, disconnects, and use of pooledconnections.
Fix: Immediately update the connection's flow control window instead of waiting for the
receiving stream to process it.
This change may increase OkHttp's memory use for applications that make many concurrent HTTP
calls and that can receive data faster than they can process it. Previously, OkHttp limited
HTTP/2 to 16 MiB of unacknowledged data per connection. With this fix there is a limit of 16 MiB
of unacknowledged data per stream and no per-connection limit.
Fix: Don't close a
Deflater
while we're still using it to compress a web socket message. Wehad a severe bug where web sockets were closed on the wrong thread, which caused
NullPointerException
crashes inDeflater
.Fix: Don't crash after a web socket fails its connection upgrade. We incorrectly released
the web socket's connections back to the pool before their resources were cleaned up.
Fix: Don't infinite loop when a received web socket message has self-terminating compressed
data.
Fix: Don't fail the call when the response code is ‘HTTP 102 Processing’ or ‘HTTP 103 Early
Hints’.
Fix: Honor interceptors' changes to connect and read timeouts.
Fix: Recover gracefully when a cached response is corrupted on disk.
Fix: Don't leak file handles when a cache disk write fails.
Fix: Don't hang when the public suffix database cannot be loaded. We had a bug where a failure
reading the public suffix database would cause subsequent reads to hang when they should have
crashed.
Fix: Avoid
InetAddress.getCanonicalHostName()
in MockWebServer. This avoids problems if thehost machine's IP address has additional DNS registrations.
New: Create a JPMS-compatible artifact for
JavaNetCookieJar
. Previously, multiple OkHttpartifacts defined classes in the
okhttp3
package, but this is forbidden by the Java modulesystem. We've fixed this with a new package (
okhttp3.java.net.cookiejar
) and a new artifact,com.squareup.okhttp3:okhttp-java-net-cookiehandler
. (The original artifact now delegates tothis new one.)
implementation("com.squareup.okhttp3:okhttp-java-net-cookiehandler:5.0.0-alpha.12")
New:
Cookie.sameSite
determines whether cookies should be sent on cross-site requests. Thisis used by servers to defend against Cross-Site Request Forgery (CSRF) attacks.
New: Log the total time of the HTTP call in
HttpLoggingInterceptor
.New:
OkHttpClient.Builder
now has APIs that usekotlin.time.Duration
.New:
mockwebserver3.SocketPolicy
is now a sealed interface. This is one of severalbackwards-incompatible API changes that may impact early adopters of this alpha API.
New:
mockwebserver3.Stream
for duplex streams.New:
mockwebserver3.MockResponseBody
for streamed response bodies.New:
mockwebserver3.MockResponse
is now immutable, with aBuilder
.New:
mockwebserver3.RecordedRequest.handshakeServerNames
returns the SNI (Server NameIndication) attribute from the TLS handshake.
Upgrade: [Kotlin 1.9.21][kotlin_1_9_21].
Upgrade: [Okio 3.7.0][okio_3_7_0].
v5.0.0-alpha.11
2022-12-24
[RFC 8305][rfc_8305]. Disable with
OkHttpClient.Builder.fastFallback(false)
.Request.toString()
.ExecutorService
is shutdown with manycalls still enqueued.
v5.0.0-alpha.10
2022-06-26
com.squareup.okhttp3:okhttp:3.x.x
) to depend on theJVM artifact (
com.squareup.okhttp3:okhttp-jvm:3.x.x
) for Maven builds. This should work-aroundan issue where Maven doesn't interpret Gradle metadata.
DurationUnit
which was a typealias in 1.5.x.v5.0.0-alpha.9
2022-06-16
HttpUrl
now rejects URLs whose domains aren't valid.This includes overly-long domain names (longer than 253 characters), overly-long labels (more
than 63 characters between dots), and empty labels.
Content-Length
header in multipart bodies. Servers must delimitOkHttp's request bodies using the boundary only. (This change makes OkHttp more consistent with
browsers and other HTTP clients.)
tunnelProxy
argument inMockWebServer.useHttps()
. This change only impactsthe OkHttp 5.x API which uses the
mockwebserver3
package.toDuration()
which isn't available in kotlin-stdlib 1.4.v5.0.0-alpha.8
2022-06-08
Fix: Change how
H2_PRIOR_KNOWLEDGE
works with HTTP proxies. Previously OkHttp assumed theproxy itself was a prior knowledge HTTP/2 server. With this update, OkHttp attempts a
CONNECT
tunnel just as it would with HTTPS. For prior knowledge with proxies OkHttp's is now consistent
with these curl arguments:
Fix: Support executing OkHttp on kotlin-stdlib versions as old as 1.4. The library still builds
on up-to-date Kotlin releases (1.6.21) but no longer needs that version as a runtime dependency.
This should make it easier to use OkHttp in Gradle plugins.
Fix: Don't start the clock on response timeouts until the request body is fully transmitted.
This is only relevant for duplex request bodies, because they are written concurrently when
reading the response body.
New:
MockResponse.inTunnel()
is a newmockwebserver3
API to configure responses that areserved while creating a proxy tunnel. This obsoletes both the
tunnelProxy
argument onMockWebServer
and theUPGRADE_TO_SSL_AT_END
socket option. (Only APIs onmockwebserver3
are changed; the old
okhttp3.mockwebserver
APIs remain as they always have been.v5.0.0-alpha.7
2022-04-26
This release introduces new Kotlin-friendly APIs. When we migrated OkHttp from Java to Kotlin in
OkHttp 4.0, we kept our Java-first APIs. With 5.0 we're continuing to support Java and adding
additional improvements for Kotlin users. In this alpha we're excited to skip-the-builder for
requests and remove a common source of non-null assertions (
!!
) on the response body.The alpha releases in the 5.0.0 series have production-quality code and an unstable API. We expect
to make changes to the APIs introduced in 5.0.0-alpha.X. These releases are safe for production use
and 'alpha' strictly signals that we're still experimenting with some new APIs. If you're eager for
the fixes or features below, please upgrade.
New: Named and default parameters constructor for
Request
:New:
Response.body
is now non-null. This was generally the case in OkHttp 4.x, but the Kotlintype declaration was nullable to support rare cases like the body on
Response.cacheResponse
,Response.networkResponse
, andResponse.priorResponse
. In such cases the body is nownon-null, but attempts to read its content will fail.
New: Kotlin-specific APIs for request tags. Kotlin language users can lookup tags with a type
parameter only, like
request.tag<MyTagClass>()
.New: MockWebServer has improved support for HTTP/1xx responses. Once you've migrated to the new
mockwebserver3
package, there's a new field,MockResponse.informationalResponses
.Fix: Don't interpret trailers as headers after an HTTP/100 response. This was a bug only when
the HTTP response body itself is empty.
Fix: Don't crash when a fast fallback call has both a deferred connection and a held connection.
Fix:
OkHttpClient
no longer implementsCloneable
. It never should have; the class isimmutable. This is left over from OkHttp 2.x (!) when that class was mutable. We're using the
5.x upgrade as an opportunity to remove very obsolete APIs.
Fix: Recover gracefully when Android's
NativeCrypto
crashes with"ssl == null"
. This occurswhen OkHttp retrieves ALPN state on a closed connection.
Upgrade: [Kotlin 1.6.21][kotlin_1_6_21].
Upgrade: [Okio 3.1.0][okio_3_1_0].
v5.0.0-alpha.6
2022-03-14
the previous alpha due to an unexpected race.
v5.0.0-alpha.5
2022-02-21
introduced in the 5.0.0-alpha.4 release.
Dns
implementations to resolve strings that are already IP addresses.attempt multiple TLS handshakes for the same call concurrently.
HttpUrl.topPrivateDomain()
uses a resource file to identify private domains, but we didn'tinclude this file on GraalVM.
v5.0.0-alpha.4
2022-02-01
This release introduces fast fallback to better support mixed IPv4+IPv6 networks. Fast fallback
is what we're calling our implementation of Happy Eyeballs, [RFC 8305][rfc_8305]. With this
feature OkHttp will attempt both IPv6 and IPv4 connections concurrently, keeping whichever connects
first. Fast fallback gives IPv6 connections a 250 ms head start so IPv6 is preferred on networks
where it's available.
To opt-in, configure your
OkHttpClient.Builder
:native and JavaScript platforms are unstable preview releases and subject to
backwards-incompatible changes in forthcoming releases.
EventSource.cancel()
made fromEventSourceListener.onOpen()
.This impacts Conscrypt when the server's presented certificates form both a trusted-but-unpinned
chain and an untrusted-but-pinned chain.
v5.0.0-alpha.3
2021-11-22
Headers.toString()
to redact authorization and cookie headers.RecordedRequest.requestUrl
. This was doing a DNSlookup for the local hostname, but we really just wanted the
Host
header.InaccessibleObjectException
when detecting the platform trust manageron Java 17+.
EventSources.processResponse()
.Cache
now has a public constructor that takes an [okio.FileSystem]. This should make itpossible to implement decorators for cache encryption or compression.
Cookie.newBuilder()
to build upon an existing cookie.QueueDispatcher.clear()
may be used to reset a MockWebServer instance.FileDescriptor.toRequestBody()
may be particularly useful for users of Android's StorageAccess Framework.
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.