Skip to content

Bump okhttp from 2.2.0 to 2.7.5#39

Open
dependabot-preview[bot] wants to merge 1 commit into
developfrom
dependabot/gradle/com.squareup.okhttp-okhttp-2.7.5
Open

Bump okhttp from 2.2.0 to 2.7.5#39
dependabot-preview[bot] wants to merge 1 commit into
developfrom
dependabot/gradle/com.squareup.okhttp-okhttp-2.7.5

Conversation

@dependabot-preview

@dependabot-preview dependabot-preview Bot commented Jun 15, 2020

Copy link
Copy Markdown

Bumps okhttp from 2.2.0 to 2.7.5.

Changelog

Sourced from okhttp's changelog.

Version 2.7.5

2016-02-25

  • Fix: Change the certificate pinner to always build full chains. This prevents a potential crash when using certificate pinning with the Google Play Services security provider.

Version 2.7.4

2016-02-07

  • Fix: Don't crash when finding the trust manager if the Play Services (GMS) security provider is installed.
  • Fix: The previous release introduced a performance regression on Android, caused by looking up CA certificates. This is now fixed.

Version 2.7.3

2016-02-06

  • Fix: Permit the trusted CA root to be pinned by CertificatePinner.

Version 2.7.2

2016-01-07

  • Fix: Don't eagerly release stream allocations on cache hits. We might still need them to handle redirects.

Version 2.7.1

2016-01-01

  • Fix: Don't do a health check on newly-created connections. This is unnecessary work that could put the client in an inconsistent state if the health check fails.

Version 2.7.0

2015-12-13

  • Rewritten connection management. Previously OkHttp's connection pool managed both idle and active connections for HTTP/2, but only idle connections for HTTP/1.x. With this update the connection pool manages both
... (truncated)
Commits
  • 6e236ce [maven-release-plugin] prepare release parent-2.7.5
  • 6d136f1 Update the changelog for 2.7.5.
  • 63f7466 Merge pull request #2373 from square/jwilson_0225_certpinner_cherrypicks
  • 650486b Don't require the CA root to be self-signed.
  • ae70355 Always build full chains with CertificateChainCleaner.
  • a7aaf78 Update changelog for 2.7.4.
  • 9c78865 [maven-release-plugin] prepare for next development iteration
  • edaa258 [maven-release-plugin] prepare release parent-2.7.4
  • 5377f25 Merge pull request #2326 from square/jwilson_0207_backport_pinning_fixes
  • 1094d74 Support the GMS security provider when searching for the trust manager.
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

@dependabot-preview dependabot-preview Bot added the dependencies Pull requests that update a dependency file label Jun 15, 2020
Bumps [okhttp](https://github.com/square/okhttp) from 2.2.0 to 2.7.5.
- [Release notes](https://github.com/square/okhttp/releases)
- [Changelog](https://github.com/square/okhttp/blob/master/docs/changelog_2x.md)
- [Commits](lysine-dev/okhttp@parent-2.2.0...parent-2.7.5)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
@dependabot-preview
dependabot-preview Bot changed the base branch from develop to master December 7, 2020 04:13
@dependabot-preview
dependabot-preview Bot force-pushed the dependabot/gradle/com.squareup.okhttp-okhttp-2.7.5 branch from 11b754c to 01cb8d3 Compare December 7, 2020 04:13
@dependabot-preview
dependabot-preview Bot changed the base branch from master to develop December 8, 2020 04:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants