-
Notifications
You must be signed in to change notification settings - Fork 448
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Migrate Apache HttpClient Library to v5.x+ #1800
Comments
Better yet, replace it entirely with Java 11's HttpClient and eliminate another dependency. |
…a 8 (#1800) * Our Java projects are configured to produce Java 8-compatible bytecode via https://github.com/googleapis/java-shared-config/blob/main/pom.xml#L848. This unit test change ensures this config is applied correctly. * This change also switches the JDK distribution of GitHub Actions to temurin from zulu. * For the repositories that mark "dependencies (8)" and "dependencies (11)" as required, they should point to only "dependencies (17)" via `.github/sync-repo-settings.yaml` and repo's Settings tab. Source-Link: googleapis/synthtool@cbe0100 Post-Processor: gcr.io/cloud-devrel-public-resources/owlbot-java:latest@sha256:32851debfefed2b66038e0141f1b5c2103bb59ba80b7475adbc10ef7abab3de7
Duplicate of #1205 |
As mentioned in the duplicate issue (I don't know which one is considered active) there is now a dependency on an Apache library that is EOL. This poses a security risk for all that use this google library. Is there any chance of this getting fixed soon? I don't have my hopes up given the low priority, but one can ask. :) |
Is your feature request related to a problem? Please describe.
Apache HttpClient v4.x+ is no longer being maintained. Outside of security vulnerabilities, new features and fixes are going into v5.x+.
Past Issue:
#1791
Describe the solution you'd like
Migrate to Apache HttpClient v5.x+.
The text was updated successfully, but these errors were encountered: