https://kotlinlang.org logo
#http4k
Title
# http4k
a

Arnab Datta

05/18/2020, 8:49 AM
I noticed that the latest http4k uses okhttp
4.6.0
but the newest version of okhttp is
4.7.0
Is there a recommended upgrade strategy here? Should I wait for http to catch up with okhttp before upgrading both?
d

dave

05/18/2020, 10:11 AM
I don't envisage there being a problem just upgrading your okhttp locally - the APIs should match without problem. We generally pick up the latest versions of things as well every couple of weeks so I'd expect us to upgrade okhttp pretty soon anyway. Was there something in 4.7.0 that you particularly wanted it for?
a

Arnab Datta

05/18/2020, 10:13 AM
Nothing in general, but ever since we set up renovate bot for our codebase, we get upgrade suggestions every weekend 🙂 The reason for asking was primarily in order to create a consistent strategy for upgrading
d

dave

05/18/2020, 3:52 PM
it's good to keep on top of it for sure - luckily http4k doesn't really have too many dependencies really - your renovate bot would be going mad 🙂 . I know that there a a few APIs (the AWS one for example) that still were relying on old versions of Jackson with CVEs in them... 🙄