{"id":3557,"url":"https://github.com/square/okhttp","last_synced_at":"2025-09-09T20:47:27.338Z","repository":{"id":4049825,"uuid":"5152285","full_name":"square/okhttp","owner":"square","description":"Square’s meticulous HTTP client for the JVM, Android, and GraalVM.","archived":false,"fork":false,"pushed_at":"2025-08-31T17:41:21.000Z","size":59856,"stargazers_count":46631,"open_issues_count":67,"forks_count":9242,"subscribers_count":1616,"default_branch":"master","last_synced_at":"2025-09-05T04:14:59.997Z","etag":null,"topics":["android","graalvm","java","kotlin"],"latest_commit_sha":null,"homepage":"https://square.github.io/okhttp/","language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/square.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"docs/security/security.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2012-07-23T13:42:55.000Z","updated_at":"2025-09-04T17:04:47.000Z","dependencies_parsed_at":"2023-07-05T19:49:34.106Z","dependency_job_id":"e6a8dd1b-c448-4cad-a615-583e945f91f2","html_url":"https://github.com/square/okhttp","commit_stats":{"total_commits":3800,"total_committers":333,"mean_commits":"11.411411411411411","dds":0.6452631578947368,"last_synced_commit":"ce9fc58b8da2c22a3adab8055334284badbfc33e"},"previous_names":[],"tags_count":133,"template":false,"template_full_name":null,"purl":"pkg:github/square/okhttp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/square%2Fokhttp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/square%2Fokhttp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/square%2Fokhttp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/square%2Fokhttp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/square","download_url":"https://codeload.github.com/square/okhttp/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/square%2Fokhttp/sbom","scorecard":{"id":4456,"data":{"date":"2025-08-04","repo":{"name":"github.com/square/okhttp","commit":"42c8cbc9ed427d99dc17f57f138e8bf375cf0ece"},"scorecard":{"version":"v5.2.1-28-gc1d103a9","commit":"c1d103a9bb9f635ec7260bf9aa0699466fa4be0e"},"score":6.5,"checks":[{"name":"Maintained","score":10,"reason":"30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#cii-best-practices"}},{"name":"Code-Review","score":7,"reason":"Found 12/17 approved changesets -- score normalized to 7","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Warn: jobLevel 'checks' permission set to 'write': .github/workflows/build.yml:61","Warn: jobLevel 'checks' permission set to 'write': .github/workflows/build.yml:96","Warn: jobLevel 'checks' permission set to 'write': .github/workflows/containers.yml:19","Warn: jobLevel 'checks' permission set to 'write': .github/workflows/docs.yml:19","Info: topLevel 'contents' permission set to 'read': .github/workflows/build.yml:11","Info: topLevel 'contents' permission set to 'read': .github/workflows/containers.yml:11","Info: topLevel 'contents' permission set to 'read': .github/workflows/docs.yml:11"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#token-permissions"}},{"name":"Fuzzing","score":10,"reason":"project is fuzzed","details":["Info: OSSFuzz integration found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#signed-releases"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:223: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:226: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:232: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:238: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:191: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:194: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:200: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:206: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:212: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:302: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:305: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:311: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:317: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:410: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:413: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:426: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:436: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:439: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:445: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:451: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:461: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:464: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:470: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:475: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:484: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:490: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:168: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:174: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:180: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:249: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:252: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:258: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:264: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:275: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:278: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:284: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:290: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:327: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:330: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:336: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:342: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:352: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:355: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:361: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:367: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:373: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:383: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:386: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:399: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:143: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:509: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:512: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:518: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:531: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:537: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:547: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:557: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:566: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:578: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:591: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:594: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:600: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:606: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:612: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:632: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:635: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:641: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:654: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:657: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:667: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:677: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:690: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:693: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/build.yml:699: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/containers.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/containers.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/containers.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/containers.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/containers.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/containers.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/docs.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/square/okhttp/docs.yml/master?enable=pin","Warn: pipCommand not pinned by hash: deploy_website.sh:37","Warn: pipCommand not pinned by hash: .github/workflows/docs.yml:38","Info:   0 out of  69 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of  34 third-party GitHubAction dependencies pinned","Info:   0 out of   2 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#pinned-dependencies"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#security-policy"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/build.yml:685"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":1,"reason":"SAST tool is not run on all commits -- score normalized to 1","details":["Warn: 3 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"16 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-q9mw-68c2-j6m5","Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc","Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5","Warn: Project is vulnerable to: GHSA-25hc-qcg6-38wj","Warn: Project is vulnerable to: GHSA-cqmj-92xf-r6r9","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3","Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/c1d103a9bb9f635ec7260bf9aa0699466fa4be0e/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-14T13:15:20.118Z","repository_id":4049825,"created_at":"2025-08-14T13:15:20.118Z","updated_at":"2025-08-14T13:15:20.118Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273770041,"owners_count":25164918,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-05T02:00:09.113Z","response_time":402,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","graalvm","java","kotlin"],"created_at":"2024-01-05T20:16:44.885Z","updated_at":"2025-09-09T20:47:27.327Z","avatar_url":"https://github.com/square.png","language":"Kotlin","readme":"OkHttp\n======\n\nSee the [project website][okhttp] for documentation and APIs.\n\nHTTP is the way modern applications network. It’s how we exchange data \u0026 media. Doing HTTP\nefficiently makes your stuff load faster and saves bandwidth.\n\nOkHttp is an HTTP client that’s efficient by default:\n\n * HTTP/2 support allows all requests to the same host to share a socket.\n * Connection pooling reduces request latency (if HTTP/2 isn’t available).\n * Transparent GZIP shrinks download sizes.\n * Response caching avoids the network completely for repeat requests.\n\nOkHttp perseveres when the network is troublesome: it will silently recover from common connection\nproblems. If your service has multiple IP addresses, OkHttp will attempt alternate addresses if the\nfirst connect fails. This is necessary for IPv4+IPv6 and services hosted in redundant data\ncenters. OkHttp supports modern TLS features (TLS 1.3, ALPN, certificate pinning). It can be\nconfigured to fall back for broad connectivity.\n\nUsing OkHttp is easy. Its request/response API is designed with fluent builders and immutability. It\nsupports both synchronous blocking calls and async calls with callbacks.\n\nA well behaved user agent\n-------------------------\n\nOkHttp follows modern HTTP specifications such as\n\n* HTTP Semantics - [RFC 9110](https://datatracker.ietf.org/doc/html/rfc9110)\n* HTTP Caching- [RFC 9111](https://datatracker.ietf.org/doc/html/rfc9111)\n* HTTP/1.1 - [RFC 9112](https://datatracker.ietf.org/doc/html/rfc9112)\n* HTTP/2 - [RFC 9113](https://datatracker.ietf.org/doc/html/rfc9113)\n* Websockets - [RFC 6455](https://datatracker.ietf.org/doc/html/rfc6455)\n* SSE - [Server-sent events](https://html.spec.whatwg.org/multipage/server-sent-events.html#server-sent-events)\n\nWhere the spec is ambiguous, OkHttp follows modern user agents such as popular Browsers or common HTTP Libraries.\n\nOkHttp is principled and avoids being overly configurable, especially when such configuration is\nto workaround a buggy server, test invalid scenarios or that contradict the relevant RFC.\nOther HTTP libraries exist that fill that gap allowing extensive customisation including potentially\ninvalid requests.\n\nExample Limitations\n\n* Does not allow GET with a body.\n* Cache is not an interface with alternative implementations.\n\nGet a URL\n---------\n\nThis program downloads a URL and prints its contents as a string. [Full source][get_example].\n\n```java\nOkHttpClient client = new OkHttpClient();\n\nString run(String url) throws IOException {\n  Request request = new Request.Builder()\n      .url(url)\n      .build();\n\n  try (Response response = client.newCall(request).execute()) {\n    return response.body().string();\n  }\n}\n```\n\n\nPost to a Server\n----------------\n\nThis program posts data to a service. [Full source][post_example].\n\n```java\npublic static final MediaType JSON = MediaType.get(\"application/json\");\n\nOkHttpClient client = new OkHttpClient();\n\nString post(String url, String json) throws IOException {\n  RequestBody body = RequestBody.create(json, JSON);\n  Request request = new Request.Builder()\n      .url(url)\n      .post(body)\n      .build();\n  try (Response response = client.newCall(request).execute()) {\n    return response.body().string();\n  }\n}\n```\n\nFurther examples are on the [OkHttp Recipes page][recipes].\n\n\nRequirements\n------------\n\nOkHttp works on Android 5.0+ (API level 21+) and Java 8+.\n\nOn Android, OkHttp uses [AndroidX Startup][androidx_startup]. If you disable the initializer in the manifest,\nthen apps are responsible for calling `OkHttp.initialize(applicationContext)` in `Application.onCreate`.\n\nOkHttp depends on [Okio][okio] for high-performance I/O and the [Kotlin standard library][kotlin]. Both are small libraries with strong backward-compatibility.\n\nWe highly recommend you keep OkHttp up-to-date. As with auto-updating web browsers, staying current\nwith HTTPS clients is an important defense against potential security problems. [We\ntrack][tls_history] the dynamic TLS ecosystem and adjust OkHttp to improve connectivity and\nsecurity.\n\nOkHttp uses your platform's built-in TLS implementation. On Java platforms OkHttp also supports\n[Conscrypt][conscrypt], which integrates [BoringSSL](https://github.com/google/boringssl) with Java. OkHttp will use Conscrypt if it is\nthe first security provider:\n\n```java\nSecurity.insertProviderAt(Conscrypt.newProvider(), 1);\n```\n\nThe OkHttp `3.12.x` branch supports Android 2.3+ (API level 9+) and Java 7+. These platforms lack\nsupport for TLS 1.2 and should not be used.\n\n\nReleases\n--------\n\nOur [change log][changelog] has release history.\n\nThe latest release is available on [Maven Central](https://search.maven.org/artifact/com.squareup.okhttp3/okhttp/5.1.0/jar).\n\n```kotlin\nimplementation(\"com.squareup.okhttp3:okhttp:5.1.0\")\n```\n\nSnapshot builds are [available][snap]. [R8 and ProGuard][r8_proguard] rules are available.\n\nAlso, we have a [bill of materials (BOM)][bom] available to help you keep OkHttp artifacts up to date and be sure about version compatibility.\n\n```kotlin\n    dependencies {\n       // define a BOM and its version\n       implementation(platform(\"com.squareup.okhttp3:okhttp-bom:5.1.0\"))\n\n       // define any required OkHttp artifacts without version\n       implementation(\"com.squareup.okhttp3:okhttp\")\n       implementation(\"com.squareup.okhttp3:logging-interceptor\")\n    }\n```\n\nMaven and JVM Projects\n----------------------\n\nOkHttp is published as a Kotlin Multiplatform project. While Gradle handles this automatically,\nMaven projects must select between `okhttp-jvm` and `okhttp-android`. The `okhttp` artifact will be empty in\nMaven projects.\n\n```xml\n\u003cdependencyManagement\u003e\n  \u003cdependencies\u003e\n    \u003cdependency\u003e\n      \u003cgroupId\u003ecom.squareup.okhttp3\u003c/groupId\u003e\n      \u003cartifactId\u003eokhttp-bom\u003c/artifactId\u003e\n      \u003cversion\u003e5.2.0\u003c/version\u003e\n      \u003ctype\u003epom\u003c/type\u003e\n      \u003cscope\u003eimport\u003c/scope\u003e\n    \u003c/dependency\u003e\n  \u003c/dependencies\u003e\n\u003c/dependencyManagement\u003e\n```\n\n\n\n```xml\n\u003cdependency\u003e\n  \u003cgroupId\u003ecom.squareup.okhttp3\u003c/groupId\u003e\n  \u003cartifactId\u003eokhttp-jvm\u003c/artifactId\u003e\n  \u003c!-- Remove after OkHttp 5.3.0 with updated BOM. --\u003e\n  \u003cversion\u003e5.2.0\u003c/version\u003e\n\u003c/dependency\u003e\n\n\u003cdependency\u003e\n  \u003cgroupId\u003ecom.squareup.okhttp3\u003c/groupId\u003e\n  \u003cartifactId\u003emockwebserver3\u003c/artifactId\u003e\n\u003c/dependency\u003e\n\n\u003cdependency\u003e\n  \u003cgroupId\u003ecom.squareup.okhttp3\u003c/groupId\u003e\n  \u003cartifactId\u003elogging-interceptor\u003c/artifactId\u003e\n\u003c/dependency\u003e\n```\n\nMockWebServer\n-------------\n\nOkHttp includes a library for testing HTTP, HTTPS, and HTTP/2 clients.\n\nThe latest release is available on [Maven Central](https://search.maven.org/artifact/com.squareup.okhttp3/mockwebserver/5.1.0/jar).\n\n```kotlin\ntestImplementation(\"com.squareup.okhttp3:mockwebserver3:5.1.0\")\n```\n\nMockWebServer is used for firstly for internal testing, and for basic testing of apps using OkHttp client.\nIt is not a full featured HTTP testing library that is developed standalone. It is not being actively developed\nfor new features. As such you might find your needs outgrow MockWebServer and you may which to use a\nmore full featured testing library such as [MockServer](https://www.mock-server.com/).\n\nGraalVM Native Image\n--------------------\n\nBuilding your native images with [GraalVM] should work automatically.\n\nSee the okcurl module for an example build.\n\n```shell\n$ ./gradlew okcurl:nativeImage\n$ ./okcurl/build/graal/okcurl https://httpbin.org/get\n```\n\nLicense\n-------\n\n```\nCopyright 2019 Square, Inc.\n\nLicensed under the Apache License, Version 2.0 (the \"License\");\nyou may not use this file except in compliance with the License.\nYou may obtain a copy of the License at\n\n   http://www.apache.org/licenses/LICENSE-2.0\n\nUnless required by applicable law or agreed to in writing, software\ndistributed under the License is distributed on an \"AS IS\" BASIS,\nWITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\nSee the License for the specific language governing permissions and\nlimitations under the License.\n```\n\n [GraalVM]: https://www.graalvm.org/\n [androidx_startup]: https://developer.android.com/jetpack/androidx/releases/startup\n [bom]: https://docs.gradle.org/6.2/userguide/platforms.html#sub:bom_import\n [changelog]: https://square.github.io/okhttp/changelog/\n [conscrypt]: https://github.com/google/conscrypt/\n [get_example]: https://raw.github.com/square/okhttp/master/samples/guide/src/main/java/okhttp3/guide/GetExample.java\n [kotlin]: https://kotlinlang.org/\n [okhttp3_pro]: https://raw.githubusercontent.com/square/okhttp/master/okhttp/src/main/resources/META-INF/proguard/okhttp3.pro\n [okhttp]: https://square.github.io/okhttp/\n [okhttp_312x]: https://github.com/square/okhttp/tree/okhttp_3.12.x\n [okio]: https://github.com/square/okio\n [post_example]: https://raw.github.com/square/okhttp/master/samples/guide/src/main/java/okhttp3/guide/PostExample.java\n [r8_proguard]: https://square.github.io/okhttp/features/r8_proguard/\n [recipes]: https://square.github.io/okhttp/recipes/\n [snap]: https://s01.oss.sonatype.org/content/repositories/snapshots/\n [tls_history]: https://square.github.io/okhttp/tls_configuration_history/\n","funding_links":[],"categories":["III. Network and Integration","Networking","Kotlin","Libraries","Programming Languages","CN","Java","Index","HTTP 平台资源库","HarmonyOS","网络服务","Containers \u0026 Language Extentions \u0026 Linting","Libs","Android 开发中的日常积累","Android Kotlin Project Showcase","网络编程","Network","Uncategorized","库"],"sub_categories":["4. Http and ssh","Networking","Java","[Square](https://github.com/square)","Android","Windows Manager","网络服务_其他","For Java","\u003cA NAME=\"Network\"\u003e\u003c/A\u003eNetwork","安卓网络层(包含图片)","Uncategorized","[](https://github.com/JStumpp/awesome-android/blob/master/readme.md#networking)网络"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsquare%2Fokhttp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsquare%2Fokhttp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsquare%2Fokhttp/lists"}