Fix for vulnerability https://security.snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 (#1483)

ndeverge · tracyboehrer · web-flow · commit aced29206c3b · 2022-10-26T08:44:05.000-05:00
* The link is broken, due to uppercase letter. * Upgrading okhttp to 4.9.2 in order to fix vulnerability https://security.snyk.io/vuln/SNYK-JAVA-COMSQUAREUPOKHTTP3-2958044 Co-authored-by: Nicolas Deverge <nicolas@teammood.com> Co-authored-by: tracyboehrer <tracyboehrer@users.noreply.github.com>
diff --git a/README.md b/README.md
@@ -108,7 +108,7 @@ We use the [@botframework](https://twitter.com/botframework) account on twitter
 The [Gitter Channel](https://gitter.im/Microsoft/BotBuilder) provides a place where the Community can get together and collaborate.
 
 ## Contributing and our code of conduct
-We welcome contributions and suggestions. Please see our [contributing guidelines](./contributing.md) for more information.
+We welcome contributions and suggestions. Please see our [contributing guidelines](./Contributing.md) for more information.
 
 This project has adopted the [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/).
 For more information see the [Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/) or contact
diff --git a/libraries/bot-connector/src/test/java/com/microsoft/bot/connector/base/InterceptorManager.java b/libraries/bot-connector/src/test/java/com/microsoft/bot/connector/base/InterceptorManager.java
@@ -7,7 +7,6 @@
 import com.fasterxml.jackson.databind.SerializationFeature;
 import com.google.common.io.BaseEncoding;
 import okhttp3.*;
-import okhttp3.internal.Util;
 import okio.Buffer;
 import okio.BufferedSource;
 
@@ -21,6 +20,8 @@
 import java.util.Map;
 import java.util.zip.GZIPInputStream;
 
+import static java.nio.charset.StandardCharsets.UTF_8;
+
 public class InterceptorManager {
 
     private final static String RECORD_FOLDER = "session-records/";
@@ -255,7 +256,7 @@ private void extractResponseData(Map<String, String> responseData, Response resp
             if (contentType != null) {
                 if (contentType.startsWith("application/json"))
                 {
-                    content = buffer.readString(Util.UTF_8);
+                    content = buffer.readString(UTF_8);
                 } else {
                     content = BaseEncoding.base64().encode(buffer.readByteArray());
                 }
diff --git a/pom.xml b/pom.xml
@@ -362,22 +362,22 @@
       <dependency>
         <groupId>com.squareup.okhttp3</groupId>
         <artifactId>okhttp</artifactId>
-        <version>3.14.9</version>
+        <version>4.9.2</version>
       </dependency>
       <dependency>
         <groupId>com.squareup.okhttp3</groupId>
         <artifactId>logging-interceptor</artifactId>
-        <version>3.14.9</version>
+        <version>4.9.2</version>
       </dependency>
       <dependency>
         <groupId>com.squareup.okhttp3</groupId>
         <artifactId>okhttp-urlconnection</artifactId>
-        <version>3.14.9</version>
+        <version>4.9.2</version>
       </dependency>
       <dependency>
         <groupId>com.squareup.okhttp3</groupId>
         <artifactId>mockwebserver</artifactId>
-        <version>3.14.9</version>
+        <version>4.9.2</version>
         <scope>test</scope>
       </dependency>
 
