diff --git a/CHANGELOG.md b/CHANGELOG.md index a6cba572a..afd69b325 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,8 @@ +7.0.0 (2024-03-19) +--------------------------------------------- +- [#537](https://github.com/dropbox/dropbox-sdk-java/pull/537) Remove cert pinning from the SDK +- [#539](https://github.com/dropbox/dropbox-sdk-java/pull/539) Exclude pycache from task input key on StoneTask + 6.1.0 (2024-03-19) --------------------------------------------- - [#527](https://github.com/dropbox/dropbox-sdk-java/pull/527) Adds nullability annotations to data models for improved interop with Kotlin diff --git a/README.md b/README.md index 6f9104a55..f2110e5e0 100644 --- a/README.md +++ b/README.md @@ -24,7 +24,7 @@ If you're using Maven, then edit your project's "pom.xml" and add this to the `< com.dropbox.core dropbox-core-sdk - 6.1.0 + 7.0.0 ``` @@ -33,7 +33,7 @@ If you are using Gradle, then edit your project's "build.gradle" and add this to ```groovy dependencies { // ... - implementation 'com.dropbox.core:dropbox-core-sdk:6.1.0' + implementation 'com.dropbox.core:dropbox-core-sdk:7.0.0' } ``` @@ -268,8 +268,8 @@ Edit your project's "build.gradle" and add the following to the dependencies sec ``` dependencies { // ... - implementation 'com.dropbox.core:dropbox-core-sdk:6.1.0' - implementation 'com.dropbox.core:dropbox-android-sdk:6.1.0' + implementation 'com.dropbox.core:dropbox-core-sdk:7.0.0' + implementation 'com.dropbox.core:dropbox-android-sdk:7.0.0' } ``` If you leverage jettifier and see the following errors then please add `android.jetifier.ignorelist = jackson-core,fastdoubleparser` to your `gradle.properties` file. @@ -399,3 +399,41 @@ The only ProGuard rules necessary are for the SDK's required and optional depend -dontwarn javax.servlet.** -dontwarn org.apache.** ``` + +### How do I enable certificate pinning? + +As of version 7.0.0, the SDK no longer provides certificate pinning by default. We provide hooks for you to run each of your requests with +your own `SSLSocketFactory` or `CertificatePinner`. To provide this to your calls, you can use any of the requestors provided. + +*Note*: If you were previously using `SSLConfig`, this is no longer available. You can view the source in [git history](https://github.com/dropbox/dropbox-sdk-java/blob/0f765cb69940ac047682cf117af7a94a1f66b6eb/core/src/main/java/com/dropbox/core/http/SSLConfig.java) +but we no longer provide any default certificate pinning or any other configuration. + +#### Using `StandardHttpRequestor` + +```java +StandardHttpRequestor.Config customConfig = StandardHttpRequestor.Config.DEFAULT_INSTANCE.copy() + .withSslSocketFactory(mySslSocketFactory) + .build(); +StandardHttpRequestor requestor = new StandardHttpRequestor(customConfig); +``` + +#### Using `OkHttp3Requestor` + +See: [CertificatePinner](https://square.github.io/okhttp/3.x/okhttp/okhttp3/CertificatePinner.html) + +```java +okhttp3.OkHttpClient httpClient = OkHttp3Requestor.defaultOkHttpClientBuilder() + .certificatePinner(myCertificatePinner) + .build(); +``` + +#### Using `OkHttpRequestor` + +See: [CertificatePinner](https://square.github.io/okhttp/2.x/okhttp/com/squareup/okhttp/CertificatePinner.html) + +```java +OkHttpClient httpClient = OkHttpRequestor.defaultOkHttpClient().clone() + .setCertificatePinner(myCertificatePinner) + .build(); +``` + diff --git a/gradle.properties b/gradle.properties index 4e5356947..0a9eb7ae3 100644 --- a/gradle.properties +++ b/gradle.properties @@ -1,6 +1,6 @@ # POM GROUP = com.dropbox.core -VERSION_NAME=6.2.0-SNAPSHOT +VERSION_NAME=7.0.0 POM_URL = https://github.com/dropbox/dropbox-sdk-java/ POM_SCM_URL = https://github.com/dropbox/dropbox-sdk-java/