Update `org.apache.httpcomponents` to version 5

[detomarco]

Hello,
the last version of http-components v4 dependency was released almost 2 years ago and is currently EOL, see here

Are you planning to update it to http-components 5 any time soon?

I'm asking because v5 introduced many breaking changes, and if new critical vulnerabilities arise, it might be difficult to quickly update the library.
Considering also that library users should update their custom interceptors, this will make the overall upgrade much bigger and longer.

Given the nature of your library (and your product), I'm sure you have security as top priority.

What do you think?

[damienbr]

Hello,

Yes we are planning to update it but I cannot commit on a specific timeline for now.
We'll try to make it happen in the coming weeks.