Sourced from com.squareup.okhttp3:okhttp's changelog.

Version 5.0.0-alpha.14

2024-04-17

• Breaking: Move coroutines extensions to okhttp3.coroutines. Previously this artifact shared the okhttp3 package name with our core module, which is incompatible with the Java Platform Module System.

• Fix in okhttp-coroutines: Publish a valid artifact. The coroutines JAR file in 5.0.0-alpha.13 was corrupt and should not be used.

Version 5.0.0-alpha.13

2024-04-16

• Breaking: Tag unstable new APIs as @ExperimentalOkHttpApi. We intend to release OkHttp 5.0 without stabilizing these new APIs first.

  Do not use these experimental APIs in modules that may be executed using a version of OkHttp different from the version that the module was compiled with. Do not use them in published libraries. Do not use them if you aren't willing to track changes to them.

• Breaking: Drop support for Kotlin Multiplatform.

  We planned to support multiplatform in OkHttp 5.0, but after building it, we weren't happy with the implementation trade-offs. We can't use our HTTP client engine on Kotlin/JS, and we weren't prepared to build a TLS API for Kotlin/Native.

  We'd prefer a multiplatform HTTP client API that's backed by OkHttp on Android and JVM, and other engines on other platforms. [Ktor] does this pretty well today!

• Breaking: Use kotlin.time.Duration in APIs like OkHttpClient.Builder.callTimeout(). This update also drops support for the DurationUnit functions introduced in earlier alpha releases of OkHttp 5.

• Breaking: Reorder the parameters in the Cache constructor that was introduced in 5.0.0-alpha.3.

• New: Request.Builder.cacheUrlOverride() customizes the cache key used for a request. This can be used to make canonical URLs for the cache that omit insignificant query parameters or other irrelevant data.

  This feature may be used with POST requests to cache their responses. In such cases the request body is not used to determine the cache key, so you must manually add cache-relevant data to the override URL. For example, you could add a request-body-sha256 query parameter so requests with the same POST data get the same cache entry.

• New: HttpLoggingInterceptor.redactQueryParams() configures the query parameters to redact in logs. For best security, don't put sensitive information in query parameters.

... (truncated)

• 35f4903 Prepare for release 5.0.0-alpha.14.
• d661381 Move coroutines extensions to okhttp3.coroutines (#8372)
• 5e1a3e9 Don't require a signing key to publish docs (#8368)
• 668fce2 Prepare next development version.
• e274b91 Prepare for release 5.0.0-alpha.13.
• 689d388 Revert "Move RealCall and RealConnection to loom safe locks (#8290)" (#8367)
• 6bc0862 Improve some code comments (#8361)
• 06a0529 Fix public APIs for kotlin.time.Duration (#8355)
• 360006a Don't declare our own HTTP status codes (#8362)
• a673f45 Move RealCall and RealConnection to loom safe locks (#8290)
• Additional commits viewable in compare view

Sourced from com.squareup.okhttp3:logging-interceptor's changelog.

Version 5.0.0-alpha.14

2024-04-17

• Breaking: Move coroutines extensions to okhttp3.coroutines. Previously this artifact shared the okhttp3 package name with our core module, which is incompatible with the Java Platform Module System.

• Fix in okhttp-coroutines: Publish a valid artifact. The coroutines JAR file in 5.0.0-alpha.13 was corrupt and should not be used.

Version 5.0.0-alpha.13

2024-04-16

• Breaking: Tag unstable new APIs as @ExperimentalOkHttpApi. We intend to release OkHttp 5.0 without stabilizing these new APIs first.

  Do not use these experimental APIs in modules that may be executed using a version of OkHttp different from the version that the module was compiled with. Do not use them in published libraries. Do not use them if you aren't willing to track changes to them.

• Breaking: Drop support for Kotlin Multiplatform.

  We planned to support multiplatform in OkHttp 5.0, but after building it, we weren't happy with the implementation trade-offs. We can't use our HTTP client engine on Kotlin/JS, and we weren't prepared to build a TLS API for Kotlin/Native.

  We'd prefer a multiplatform HTTP client API that's backed by OkHttp on Android and JVM, and other engines on other platforms. [Ktor] does this pretty well today!

• Breaking: Use kotlin.time.Duration in APIs like OkHttpClient.Builder.callTimeout(). This update also drops support for the DurationUnit functions introduced in earlier alpha releases of OkHttp 5.

• Breaking: Reorder the parameters in the Cache constructor that was introduced in 5.0.0-alpha.3.

• New: Request.Builder.cacheUrlOverride() customizes the cache key used for a request. This can be used to make canonical URLs for the cache that omit insignificant query parameters or other irrelevant data.

  This feature may be used with POST requests to cache their responses. In such cases the request body is not used to determine the cache key, so you must manually add cache-relevant data to the override URL. For example, you could add a request-body-sha256 query parameter so requests with the same POST data get the same cache entry.

• New: HttpLoggingInterceptor.redactQueryParams() configures the query parameters to redact in logs. For best security, don't put sensitive information in query parameters.

... (truncated)

• 35f4903 Prepare for release 5.0.0-alpha.14.
• d661381 Move coroutines extensions to okhttp3.coroutines (#8372)
• 5e1a3e9 Don't require a signing key to publish docs (#8368)
• 668fce2 Prepare next development version.
• e274b91 Prepare for release 5.0.0-alpha.13.
• 689d388 Revert "Move RealCall and RealConnection to loom safe locks (#8290)" (#8367)
• 6bc0862 Improve some code comments (#8361)
• 06a0529 Fix public APIs for kotlin.time.Duration (#8355)
• 360006a Don't declare our own HTTP status codes (#8362)
• a673f45 Move RealCall and RealConnection to loom safe locks (#8290)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)