Update dependency com.squareup.okhttp3:mockwebserver to v4.5.0 - autoclosed
Created by: renovate[bot]
This PR contains the following updates:
Package | Update | Change |
---|---|---|
com.squareup.okhttp3:mockwebserver (source) | minor |
4.4.0 -> 4.5.0
|
Release Notes
square/okhttp
v4.5.0
2020-04-06
This release fixes a severe bug where OkHttp incorrectly detected and recovered from unhealthy connections. Stale or canceled connections were incorrectly attempted when they shouldn't have been, leading to rare cases of infinite retries. Please upgrade to this release!
- Fix: don't return stale DNS entries in
DnsOverHttps
. We were caching DNS results indefinitely rather than the duration specified in the response's cache-control header. - Fix: Verify certificate IP addresses in canonical form. When a server presents a TLS certificate
containing an IP address we must match that address against the URL's IP address, even when the
two addresses are encoded differently, such as
192.168.1.1
and0::0:0:FFFF:C0A8:101
. Note that OkHttp incorrectly rejected valid certificates resulting in a failure to connect; at no point were invalid certificates accepted. - New:
OkHttpClient.Builder.minWebSocketMessageToCompress()
configures a threshold for compressing outbound web socket messages. Configure this with 0L to always compress outbound messages andLong.MAX_VALUE
to never compress outbound messages. The default is 1024L which compresses messages of size 1 KiB and larger. (Inbound messages are compressed or not based on the web socket server's configuration.) - New: Defer constructing
Inflater
andDeflater
instances until they are needed. This saves memory if web socket compression is negotiated but not used.
v4.4.1
2020-03-08
-
Fix: Don't reuse a connection on redirect if certs match but DNS does not. For better locality and performance OkHttp attempts to use the same pooled connection across redirects and follow-ups. It independently shares connections when the IP addresses and certificates match, even if the host names do not. In 4.4.0 we introduced a regression where we shared a connection when certificates matched but the DNS addresses did not. This would only occur when following a redirect from one hostname to another, and where both hosts had common certificates.
-
Fix: Don't fail on a redirect when a client has configured a 'trust everything' trust manager. Typically this would cause certain redirects to fail in debug and development configurations.
Renovate configuration
-
If you want to rebase/retry this PR, check this box
This PR has been generated by WhiteSource Renovate. View repository job log here.