Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump org.apache.httpcomponents.core5:httpcore5 from 5.2 to 5.2.5 #11

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 29, 2024

Bumps org.apache.httpcomponents.core5:httpcore5 from 5.2 to 5.2.5.

Changelog

Sourced from org.apache.httpcomponents.core5:httpcore5's changelog.

Release 5.2.5

This is a maintenance release that corrects several minor defects discovered since release 5.2.4.

Change Log

  • Minor performance optimization of response out of sequence check. Contributed by Oleg Kalnichevski

  • Bug fix: Corrected exception type thrown in case of an unexpected connection termination. Contributed by Oleg Kalnichevski

  • Bug fix: HTTP/1.1 server-side stream handler to validate the request message before the request routing and handler resolution. Contributed by Oleg Kalnichevski

  • HPackDecoder incorrectly calculates required buffer length causing G1 Humongous Allocation and OOM (#465). Contributed by crazylulululu [email protected]

  • Performance optimization: HttpVersion#get is called in the critical execution path of the HTTP/1.1 protocol. Contributed by Oleg Kalnichevski

  • HTTPCORE-763: remove checks that assert a path does not start with "//" Contributed by Marco Bungart [email protected]

  • Fix: URIBuilder#getFirstQueryParam(String) throws NPE when query is empty (#449). Contributed by Konstantin Sorokin [email protected]

Release 5.2.4

This is a maintenance release that corrects a major defect discovered since release 5.2.3 that can lead to an H2 connection failing at runtime with the message "Frame size exceeds maximum" when executing requests with an enclosed message body and the remote endpoint having negotiated a maximum frame size larger than the protocol default (16KB).

Change Log

  • HTTPCORE-762: H2 protocol handler incorrectly determines the maximum frame size for outgoing frames in case the remote endpoint negotiated a max frame size larger than the protocol default.

... (truncated)

Commits
  • 4afa071 HttpCore 5.2.5 release
  • 7b2271a Updated release notes for HttpCore 5.2.5 release
  • 29b0173 Minor performance optimization of response out of sequence check
  • 939d4b2 Bug fix: corrected exception type thrown in case of unexpected connection ter...
  • 1255be4 Bug fix: HTTP/1.1 server side stream handler to validate the request message...
  • 0a4d381 HPackDecoder incorrectly calculates required buffer length causing G1 Humongo...
  • 0e90a70 Removed Java 8 (MacOS) from Maven build matrix
  • 3c17053 Disable Conscrypt integration tests on MacOS
  • c68ce90 Mention HttpStatus and StatusCode in JavaDoc in more places (#454)
  • 30b3a20 Performance optimization: HttpVersion#get is called in the critical execution...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [org.apache.httpcomponents.core5:httpcore5](https://github.com/apache/httpcomponents-core) from 5.2 to 5.2.5.
- [Changelog](https://github.com/apache/httpcomponents-core/blob/rel/v5.2.5/RELEASE_NOTES.txt)
- [Commits](apache/httpcomponents-core@rel/v5.2...rel/v5.2.5)

---
updated-dependencies:
- dependency-name: org.apache.httpcomponents.core5:httpcore5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jul 29, 2024
@KonoTyran KonoTyran merged commit c91f1fb into main Jul 29, 2024
1 check failed
@dependabot dependabot bot deleted the dependabot/maven/org.apache.httpcomponents.core5-httpcore5-5.2.5 branch July 29, 2024 22:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant