Too old version of Okhttp #5449
Comments
|
I think we are sticking to 3.x version because 4.x is based on kotlin. It should still be possible to use okhttp 4 with fabric8 by just excluding okhttp3 and adding okhttp4. See example here |
|
@rohanKanojia Thank you for your comment. That will fix my issue. |
|
@rohanKanojia why stick with an unsupported version with vulnerabilities? it is Kotlin based but this should not affect its usage. If there is a workaround to exclude okhttp3 and include okhttp4 in your project dependencies, then it means it is a drop in replacement. It will be a non-breaking upgrade then. Can this be reopened and fixed please? |
|
@tomdw : I think it would be better if we open a new issue to discuss this. Just to be clear, you're interested in upgrade from kubernetes mock server perspective, right? |
|
@rohanKanojia that is correct, I'll create another issue |
|
@rohanKanojia this is the new issue: #5613 |
Is your enhancement related to a problem? Please describe
The current okhttp version has vulnerabilities (CVE-2023-3635) which cause many issues for us. okhttp-3.12.12. It would be great if the latest version of okhttp is used.
Describe the solution you'd like
Upgrade to the latest version of okhttp.
Describe alternatives you've considered
No response
Additional context
No response
The text was updated successfully, but these errors were encountered: