Commit Graph

3397 Commits

Author SHA1 Message Date
Oleg Kalnichevski 86e081dd3b Upgraded HttpComponents Parent to version 13 2022-11-05 11:20:31 +01:00
Oleg Kalnichevski 7626230ffd Fixed integration tests broken by JUnit 5 upgrade 2022-11-05 11:16:05 +01:00
Oleg Kalnichevski ba45d80b07 HTTPCLIENT-2240: fixed incorrect CONNECT method initialization in ProxyClient 2022-10-23 20:01:46 +02:00
Oleg Kalnichevski 646ff6988e Corrected ClientExecuteProxy example 2022-10-23 20:01:46 +02:00
Oleg Kalnichevski 7ab435c271 HTTPCLIENT-2236: MultihomeIOSessionRequester fails to enhance the cause exception in case of connect failure if the remoteAddress argument has been given 2022-10-03 15:25:19 +02:00
Oleg Kalnichevski 07bed85ee5 Temporarily removed windows-latest from the Github CI OS matrix due to intermittent network failures (java.io.IOException: An established connection was aborted by the software in your host machine). It is unclear whether this is a bug in the library or in the Windows JRE. 2022-10-02 16:46:07 +02:00
dependabot[bot] fd86093db6 Bump download-maven-plugin from 1.6.0 to 1.6.8
Bumps [download-maven-plugin](https://github.com/maven-download-plugin/maven-download-plugin) from 1.6.0 to 1.6.8.
- [Release notes](https://github.com/maven-download-plugin/maven-download-plugin/releases)
- [Commits](https://github.com/maven-download-plugin/maven-download-plugin/compare/1.6.0...1.6.8)

---
updated-dependencies:
- dependency-name: com.googlecode.maven-download-plugin:download-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-02 16:46:07 +02:00
Gary Gregory c6f83a579d Be more lenient on slower build machines 2022-10-02 16:46:07 +02:00
Gary Gregory 47750c4fbc Bump mockito-core from 4.0.0 to 4.8.0 #383 2022-10-02 16:46:07 +02:00
dependabot[bot] 87f8fb92a6 Bump mockito-core from 4.0.0 to 4.8.0
Bumps [mockito-core](https://github.com/mockito/mockito) from 4.0.0 to 4.8.0.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v4.0.0...v4.8.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-02 16:46:07 +02:00
Gary Gregory ccda0f2af7 Register the standard GitHub page for a Code of Conduct with a link to
the Apache Code of Conduct
2022-10-02 16:46:07 +02:00
Gary Gregory bfa6a5ea72 Use Objects.toString() instead of String type cast 2022-10-02 16:46:07 +02:00
dependabot[bot] 9d297d737f Bump jna.version from 5.9.0 to 5.12.1
Bumps `jna.version` from 5.9.0 to 5.12.1.

Updates `jna` from 5.9.0 to 5.12.1
- [Release notes](https://github.com/java-native-access/jna/releases)
- [Changelog](https://github.com/java-native-access/jna/blob/master/CHANGES.md)
- [Commits](https://github.com/java-native-access/jna/compare/5.9.0...5.12.1)

Updates `jna-platform` from 5.9.0 to 5.12.1
- [Release notes](https://github.com/java-native-access/jna/releases)
- [Changelog](https://github.com/java-native-access/jna/blob/master/CHANGES.md)
- [Commits](https://github.com/java-native-access/jna/compare/5.9.0...5.12.1)

---
updated-dependencies:
- dependency-name: net.java.dev.jna:jna
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: net.java.dev.jna:jna-platform
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-02 16:46:07 +02:00
dependabot[bot] 43de1a6d22 Bump ehcache-api from 3.9.6 to 3.10.1
Bumps [ehcache-api](https://github.com/ehcache/ehcache3) from 3.9.6 to 3.10.1.
- [Release notes](https://github.com/ehcache/ehcache3/releases)
- [Commits](https://github.com/ehcache/ehcache3/compare/v3.9.6...v3.10.1)

---
updated-dependencies:
- dependency-name: org.ehcache.modules:ehcache-api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-02 16:46:07 +02:00
dependabot[bot] 7f0263de8c Bump log4j.version from 2.17.2 to 2.19.0
Bumps `log4j.version` from 2.17.2 to 2.19.0.

Updates `log4j-slf4j-impl` from 2.17.2 to 2.19.0

Updates `log4j-core` from 2.17.2 to 2.19.0

---
updated-dependencies:
- dependency-name: org.apache.logging.log4j:log4j-slf4j-impl
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.apache.logging.log4j:log4j-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-02 16:46:07 +02:00
dependabot[bot] 0bf362769a Bump junit-bom from 5.8.1 to 5.9.1
Bumps [junit-bom](https://github.com/junit-team/junit5) from 5.8.1 to 5.9.1.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.8.1...r5.9.1)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-10-02 16:46:07 +02:00
Gary Gregory 46cf8917e3 Update Dependabot triggers for Maven 2022-10-02 16:46:07 +02:00
Gary Gregory 3295f28f47 Add GitHub Actions build and remove Travis-CI 2022-10-02 16:45:49 +02:00
Oleg Kalnichevski 9c0575494a HTTPCLIENT-2232: last protocol interceptrs moved at the end of the H2 protocol processing pipeline 2022-09-11 18:50:45 +02:00
Oleg Kalnichevski ed7701c509 H2 async runtime to proactively set HTTP/2 protocol version in the execution context 2022-09-11 18:47:31 +02:00
Oleg Kalnichevski 3fe6a8bcdf HTTPCLIENT-2231: a race condition in the main async exec when the request execution on an I/O thread is faster then execution pipeline management on the client thread 2022-08-19 14:04:25 +02:00
Arturo Bernal 18fa09f6a2 Avoid duplicate redundant objects and use Singleton instead. 2022-07-08 19:11:10 +02:00
Gary Gregory dca9108352 Use try-with-resources 2022-07-06 10:56:04 -04:00
Gary Gregory 1cd12fc1dc Cleaning up:
- Super interface already implements FutureCallback
- No need to override methods to only call super
- Add missing Javadoc tag
- Access static field directly
2022-07-06 10:13:23 -04:00
Tero Saarni fefbf0b756 Bumping versions of slf4j and log4j.
Removes CVE-2021-44832.
2022-07-01 10:54:17 +02:00
jkmcl 69e2ed6c41 Remove unused local variable 2022-07-01 10:50:03 +02:00
jkmcl 8d9b52abd1 Remove redundant if 2022-07-01 10:50:03 +02:00
dependabot[bot] 9b63f12b8a Bump actions/dependency-review-action from 1 to 2
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 1 to 2.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](https://github.com/actions/dependency-review-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-07-01 10:49:03 +02:00
Oleg Kalnichevski 3771129376 HTTPCLIENT-2225: connection route calculation does not take the default RequestConfig into account 2022-06-29 09:46:19 +02:00
jkmcl 518eb410fe Avoid unnecessary use of Instant.toEpochMilli
Avoid unnecessary use of Instant.toEpochMilli by using Instant.compareTo
to compare Instants direclty
2022-06-26 23:34:51 +02:00
jkmcl 15951d8094 Use HTTP header name constants
Use HTTP header name constants instead of string literals.
2022-06-20 19:25:00 +02:00
dependabot[bot] bfe177fc59 Bump github/codeql-action from 1 to 2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-18 12:39:04 +02:00
dependabot[bot] 1cbc66f302 Bump actions/checkout from 2 to 3
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-18 12:38:45 +02:00
Carter Kozak 944e308a52 ResponseEntityProxy.writeTo(null) leaves connections in the correct state
Previously writeTo would conditionally delegate to the wrapped
entity if the provided outputstream was non-null, however in the
null case the entity would not be drained and the connection would
be released potentially with bytes remaining. If this occurs in
practice, it may result in timeouts as the server expects to write
data to the response while the client is attempting to send a
request.
2022-06-13 19:29:19 +02:00
Carter Kozak 3bd017cb0a HTTPCLIENT-2221 Closing a classic response/entity allows connection reuse
Previously, a partially consumed response body closed via
CloseableHttpResponse.close or HttpEntity.close would fully consume
remaining bytes (via close), however it would not release the
connection for reuse.
If CloseableHttpResponse.close was called, it would follow the close
with a discard/disconnect, however if only the entity was closed,
the connection would remain in a checked-out (leaked) state.

Now, we take advantage of the fact that closing a response stream
on any reusable connection is required to drain bytes on closure.
Failures are detected by writeTo and the stream returned by
getContent, so we can be confident that we will not return a
broken connection to the pool.
2022-06-11 14:11:06 +02:00
Oleg Kalnichevski 8dbaf131f5 Upgraded HttpClient version to 5.2-beta2-SNAPSHOT 2022-06-07 14:42:03 +02:00
Oleg Kalnichevski 91a93accd7 Corrected javadoc errors in Base64 2022-06-03 23:48:13 +02:00
Oleg Kalnichevski 80c0404ff9 Updated release notes for HttpClient 5.2-beta1 release 2022-06-03 11:21:29 +02:00
Oleg Kalnichevski 9e0ff508e8 Upgraded HttpCore to version 5.2-beta2 2022-06-01 23:04:39 +02:00
j3graham 26dcc6f914 HTTPCLIENT-2218: Use Java 8 Base64 utility (#370) 2022-06-01 23:04:29 +02:00
Naveen 8eb7716cb8 chore: Included githubactions in the dependabot config
This should help with keeping the GitHub actions updated on new releases. This will also help with keeping it secure.

Dependabot helps in keeping the supply chain secure https://docs.github.com/en/code-security/dependabot

GitHub actions up to date https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot

https://github.com/ossf/scorecard/blob/main/docs/checks.md#dependency-update-tool
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-05-20 08:39:59 +02:00
殷成涛 db47570efe
add br decompression support (#363) 2022-05-18 15:18:25 +02:00
naveensrinivasan 35732cacb2 chore(deps): Included dependency review
> Dependency Review GitHub Action in your repository to enforce dependency
> reviews on your pull requests.
> The action scans for vulnerable versions of dependencies introduced by package version
> changes in pull requests,
> and warns you about the associated security vulnerabilities.
> This gives you better visibility of what's changing in a pull request,
> and helps prevent vulnerabilities being added to your repository.

https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-05-17 05:34:27 +02:00
nathannaveen 47d0946372 chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com>
2022-05-13 14:50:02 +02:00
niranjan ghule 34327ae83e Refactor testcase 2022-05-11 11:56:59 +02:00
niranjan ghule daac18619a Remove unused code 2022-05-05 10:52:49 +02:00
Oleg Kalnichevski 62fb4bcbe0 HTTPCLIENT-2212: MinimalHttpAsyncClient fails to release client endpoints in case of a connect error (such as TLS handshake failure) 2022-05-05 10:47:27 +02:00
Prashant Singh 558066c76b Updated copyright statement in NOTICE.txt 2022-05-04 09:04:15 +02:00
Richard Hernandez 36678c44dc Create daemon threads in InternalAbstractHttpAsyncClient 2022-04-06 12:22:36 -07:00
Anthony Baldocchi 94017237b2
HTTPCLIENT-2080: add getRetryInterval to HttpRequestRetryStrategy for use on retriable IOExceptions (#356) 2022-03-30 16:31:07 +02:00