Request to Upgrade HttpClient Dependency in Sardine

[nlavid]

Hi,

First of all, thank you for your work!

I am using your Sardine library and have noticed that it currently has a dependency on HttpClient version 4.5.1, which is known to have vulnerabilities (https://mvnrepository.com/artifact/org.apache.httpcomponents/httpclient/4.5.1).

I would appreciate it if you could consider upgrading the HttpClient dependency in Sardine to version 4.5.13 or 4.5.14, which includes important security fixes.

Thank you very much

[nlavid]

Hi there!
Is there anything blocking this PR that @dkocher linked to (#334 ), or are there any issues with the code changes? Do you have any plans to merge this PR in the future? Thank you!

[nlavid]

Hi @dkocher,
I just wanted to say thank you for merging your PR into the master branch. I noticed that the last version of the library (5.10) was published to the Maven repository back in June 2020. I'm curious to know when the new version (5.11) that includes the master code with your merged code will be published. Do you have any estimated timeline or plans for the release, or is there another stable way to use the master code in the meantime? Thanks again for your help!

[dkocher]

Hi @dkocher, I just wanted to say thank you for merging your PR into the master branch. I noticed that the last version of the library (5.10) was published to the Maven repository back in June 2020. I'm curious to know when the new version (5.11) that includes the master code with your merged code will be published. Do you have any estimated timeline or plans for the release, or is there another stable way to use the master code in the meantime? Thanks again for your help!

A new release has now been pushed and is available in Maven Central.