Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Project status / is Retrofit abandoned ? #3791

Closed
Gaibhne opened this issue Dec 14, 2022 · 3 comments
Closed

Project status / is Retrofit abandoned ? #3791

Gaibhne opened this issue Dec 14, 2022 · 3 comments

Comments

@Gaibhne
Copy link

Gaibhne commented Dec 14, 2022

It seems that despite some activity commit-wise and issue/comment-wise, releasing anything in this project has come to a complete halt over two years ago. The dependencies are also showing their age, with the OkHttp being used in the last release being version 3, whereas the development over there is currently close to releasing 5.0.

I understand that open source software is basically free work gifted to us by the contributors, and by no means do I wish to imply we are in any way owed updates!

But it would be very helpful to all of us if there was some sort of clarification on the state of the project - is it on life support/maintenance, with bugs only fixed in snapshot releases and no further planned development ? Or did releasing change somehow and there are newer releases elsewhere ? Should I still consider Retrofit for future projects, or is it better to only use it in legacy projects, or possibly plan to move away there as well ?
@JakeWharton
Copy link
Collaborator

Most of your points are addressed here on a similar discussion: #3753.

Unless there are major bugs that crop up requiring immediate attention, the project is stable. As you've said, we are still dealing with issues that are created and even merging some changes. There will not be a release any time soon. Maybe early next year when things slow down on other projects but our attention is elsewhere.

Does that address everything you're worried about or did I miss anything?

@Gaibhne
Copy link
Author

Gaibhne commented Dec 15, 2022

No, that's a very exhaustive answer, thank you. I would still recommend putting something along those lines in the readme, as I noticed other people were also confused about the project status. I am facing a bug, which must be due to either Retrofit2 or OkHttp (a client level interceptor in the HttpClient used by Retrofit is only called after the request is made, rendering Auth header injection impossible), but I have not yet been able to narrow it down enough to open an issue over it - updating dependencies is usually my go-to, before spending too much time narrowing bugs that might already be fixed in a current release ;)

@Gaibhne Gaibhne closed this as completed Dec 15, 2022
This was referenced Aug 14, 2023
Closed
Closed
@cj-marius-duna
Copy link

cj-marius-duna commented Feb 28, 2024
edited
Loading

Security issue: Information Exposure #4083
There are some security fixes need to be addressed:

https://security.snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@JakeWharton @Gaibhne @cj-marius-duna