Skip to content

Build(deps): bump com.squareup.okhttp3:okhttp-bom from 4.12.0 to 5.3.0#749

Closed
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/maven/master/com.squareup.okhttp3-okhttp-bom-5.3.0
Closed

Build(deps): bump com.squareup.okhttp3:okhttp-bom from 4.12.0 to 5.3.0#749
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/maven/master/com.squareup.okhttp3-okhttp-bom-5.3.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Oct 31, 2025
edited
Loading

Bumps com.squareup.okhttp3:okhttp-bom from 4.12.0 to 5.3.0.

Changelog

Sourced from com.squareup.okhttp3:okhttp-bom's changelog.

Version 5.3.0

2025-10-30

  • New: Add tags to Call, including computable tags. Use this to attach application-specific metadata to a Call in an EventListener or Interceptor. The tag can be read in any other EventListener or Interceptor.

      override fun intercept(chain: Interceptor.Chain): Response {
    chain.call().tag(MyAnalyticsTag::class) {
      MyAnalyticsTag(...)
    }
return chain.proceed(chain.request())

}

  • New: Support request bodies on HTTP/1.1 connection upgrades.

  • New: EventListener.plus() makes it easier to observe events in multiple listeners.

  • Fix: Don't spam logs with ‘Method isLoggable in android.util.Log not mocked.’ when using OkHttp in Robolectric and Paparazzi tests.

  • Upgrade: [Kotlin 2.2.21][kotlin_2_2_21].

  • Upgrade: [Okio 3.16.2][okio_3_16_2].

  • Upgrade: [ZSTD-KMP 0.4.0][zstd_kmp_0_4_0]. This update fixes a bug that caused APKs to fail [16 KB ELF alignment checks][elf_alignment].

Version 5.2.1

2025-10-09

  • Fix: Don't crash when calling Socket.shutdownOutput() or shutdownInput() on an SSLSocket on Android API 21 through 23. This method throws an UnsupportedOperationException, so we now catch that and close the underlying stream instead.

  • Upgrade: [Okio 3.16.1][okio_3_16_1].

Version 5.2.0

2025-10-07

  • New: Support [HTTP 101] responses with Response.socket. This mechanism is only supported on HTTP/1.1. We also reimplemented our websocket client to use this new mechanism.

  • New: The okhttp-zstd module negotiates [Zstandard (zstd)][zstd] compression with servers that support it. It integrates a new (unstable) [ZSTD-KMP] library, also from Square. Enable it like this:

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added the dependencies Improvements or additions to dependencies label Oct 31, 2025
@dependabot dependabot bot mentioned this pull request Oct 31, 2025
Closed
@seart-bot seart-bot enabled auto-merge October 31, 2025 00:12
@seart-bot
Copy link
Copy Markdown
Member

seart-bot commented Oct 31, 2025

I'm not approving this PR because it includes a major update of a dependency

@seart-bot seart-bot requested a review from dabico October 31, 2025 00:12
@dependabot
Build(deps): bump com.squareup.okhttp3:okhttp-bom from 4.12.0 to 5.3.0
76815b4 
Bumps [com.squareup.okhttp3:okhttp-bom](https://github.com/square/okhttp) from 4.12.0 to 5.3.0.
- [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md)
- [Commits](square/okhttp@parent-4.12.0...parent-5.3.0)

---
updated-dependencies:
- dependency-name: com.squareup.okhttp3:okhttp-bom
  dependency-version: 5.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/maven/master/com.squareup.okhttp3-okhttp-bom-5.3.0 branch from ee01292 to 76815b4 Compare November 10, 2025 00:21
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Nov 17, 2025

Superseded by #760.

@dependabot dependabot bot closed this Nov 17, 2025
auto-merge was automatically disabled November 17, 2025 00:11

Pull request was closed

@dependabot dependabot bot deleted the dependabot/maven/master/com.squareup.okhttp3-okhttp-bom-5.3.0 branch November 17, 2025 00:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dabico dabico Awaiting requested review from dabico

Assignees

No one assigned

Labels

dependencies Improvements or additions to dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@seart-bot