From 24062c8ce25acd672a793517f00459af3fa31d02 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marcin=20D=C4=85browski?=
 <marcin.krzysztof.dabrowski@gmail.com>
Date: Mon, 23 Mar 2026 20:31:10 +0100
Subject: [PATCH] chore(deps): bump okhttp to v4.12.0

okhttp 4.9.3 depends on okio v2.8.0, that has https://nvd.nist.gov/vuln/detail/CVE-2023-3635 vulnerability.
okhttp v4.12.0 is latest v4, but v5 seems to be compatible with it.

Also, bump test libs:
* guava to 33.5.0-jre
* junit to v4.13.2
---
 build.gradle.kts | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/build.gradle.kts b/build.gradle.kts
index 63731ed..e581a15 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -63,7 +63,7 @@ java {
 
 object Versions {
     const val launchdarklyLogging = "1.1.1"
-    const val okhttp = "4.9.3"
+    const val okhttp = "4.12.0"
 }
 
 dependencies {
@@ -71,8 +71,8 @@ dependencies {
     api("com.squareup.okhttp3:okhttp:${Versions.okhttp}")
     testImplementation("org.mockito:mockito-core:1.10.19")
     testImplementation("com.launchdarkly:test-helpers:2.1.0")
-    testImplementation("com.google.guava:guava:32.0.1-jre")
-    testImplementation("junit:junit:4.12")
+    testImplementation("com.google.guava:guava:33.5.0-jre")
+    testImplementation("junit:junit:4.13.2")
     testImplementation("org.hamcrest:hamcrest-all:1.3")
 }