Skip to content

Bump org.apache.httpcomponents.core5:httpcore5 from 5.4.2 to 5.4.3#3257

Merged
reta merged 1 commit into
mainfrom
dependabot/maven/org.apache.httpcomponents.core5-httpcore5-5.4.3
Jun 29, 2026
Merged

Bump org.apache.httpcomponents.core5:httpcore5 from 5.4.2 to 5.4.3#3257
reta merged 1 commit into
mainfrom
dependabot/maven/org.apache.httpcomponents.core5-httpcore5-5.4.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Bumps org.apache.httpcomponents.core5:httpcore5 from 5.4.2 to 5.4.3.

Changelog

Sourced from org.apache.httpcomponents.core5:httpcore5's changelog.

Release 5.4.3

This maintenance release fixes several defects and regression reported sicne the previous release includin a regression in backpressure handling of async TLS sessions introduced in version 5.3.3.

Change Log

  • HTTPCORE-796: abort redirected requests during the expect-continue handshake the same way as errors. Contributed by Oleg Kalnichevski

  • Fixed regression in backpressure handling of async TLS sessions. Reverts HTTPCORE-775. Contributed by Ryan Schmitt

  • Use max line length of 8192 and max header count of 100 for incoming HTTP/1 messages by default. Contributed by Oleg Kalnichevski

  • Enforce configured HPACK header list size limit upon initialization of HTTP/2 connections. Contributed by Arturo Bernal

  • HTTPCORE-774: fixed a race condition caused by concurrent update of the connection input window to the max value (ported from 5.3.x; omitted by mistake). Contributed by Oleg Kalnichevski

  • Ensure async data consumers can avoid NPE if they have been canceled or released from another thread at the same with concurrent data processing. Contributed by Oleg Kalnichevski

  • Fixed connection pool lease timeout race potentially causing pool entry leak (#649). Contributed by Arturo Bernal

Commits
  • d5d0c20 HttpCore 5.4.3 release
  • 172871d Updated release notes for HttpCore 5.4.3 release
  • 496c2f5 HTTPCORE-796: abort redirected requests during the expect-continue handshake ...
  • 1391b7a SSLIOSession: Fix regression in backpressure handling
  • d96a00f Use max line length of 8192 and max header count of 100 for incoming HTTP/1 m...
  • 1ea1239 Enforce configured HPACK header list size limit on initialization
  • af61c1e HTTPCORE-774: fixed a race condition caused by concurrent update of the conne...
  • 0363ff3 Ensure async data consumers can avoid NPE if they have been canceled / releas...
  • 024b199 Fix lease timeout race to prevent pool entry leak (#649)
  • 25c7352 Upgraded HttpCore version to 5.4.3-SNAPSHOT
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jun 29, 2026
@reta

reta commented Jun 29, 2026

Copy link
Copy Markdown
Member

@dependabot rebase please

Bumps [org.apache.httpcomponents.core5:httpcore5](https://github.com/apache/httpcomponents-core) from 5.4.2 to 5.4.3.
- [Changelog](https://github.com/apache/httpcomponents-core/blob/rel/v5.4.3/RELEASE_NOTES.txt)
- [Commits](apache/httpcomponents-core@rel/v5.4.2...rel/v5.4.3)

---
updated-dependencies:
- dependency-name: org.apache.httpcomponents.core5:httpcore5
  dependency-version: 5.4.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/maven/org.apache.httpcomponents.core5-httpcore5-5.4.3 branch from cddd6bc to 2eff00e Compare June 29, 2026 14:04
@reta reta merged commit 68703ab into main Jun 29, 2026
5 of 8 checks passed
@dependabot dependabot Bot deleted the dependabot/maven/org.apache.httpcomponents.core5-httpcore5-5.4.3 branch June 29, 2026 18:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant