chore(deps): Bump httpclient-version from 5.5.2 to 5.6.1

[dependabot]

Bumps httpclient-version from 5.5.2 to 5.6.1.
Updates org.apache.httpcomponents.client5:httpclient5 from 5.5.2 to 5.6.1

Changelog

Sourced from org.apache.httpcomponents.client5:httpclient5's changelog.

Release 5.6.1

This is a maintenance release disables experimental SCRAM auth scheme by default and fixes SCRAM final response handling. The SCRAM auth scheme can be re-enabled by choosing a custom auth scheme preference sequence that explicitly includes SCRAM auth.

Change Log

• Fix SCRAM final response handling. Contributed by Arturo Bernal

• Auth challenge parsing code improvement. Contributed by Oleg Kalnichevski

• Add missing Javadoc for ConnectionConfig (#820). Contributed by Gary Gregory

• Bug fix: Corrected async message exchange cancellation logic in InternalHttpAsyncExecRuntime. Contributed by Oleg Kalnichevski

• HTTPCLIENT-2417: Honor TlsConfig attachment in async connect path. Contributed by Arturo Bernal

• HTTPCLIENT-2414: Fix Basic auth cache scoping across path prefixes (#802). Contributed by Arturo Bernal

• HTTPCLIENT-2415: Normalize CookieOrigin path for cookie matching (#803). Contributed by Arturo Bernal

• Bug fix: Corrected sleep time calculation in IdleConnectionEvictor; use 1 minute sleep time by default. Contributed by Oleg Kalnichevski

• DefaultManagedHttpClientConnection: Restore original socket timeout. Contributed by Ryan Schmitt

• HTTPCLIENT-2411: Use standard HTTP-date format for synthesized Date header (#775). Contributed by Arturo Bernal

• Fix NPE in connection evictor setup (#774). Contributed by Arturo Bernal

Release 5.6

... (truncated)

Commits

• 4f86ca6 HttpClient 5.6.1 release
• 1b2bafe Updated release notes for HttpClient 5.6.1 release
• 1acf00b Fix SCRAM final response handling
• 49549ab Auth challenge parsing code improvement
• fa6b6d7 Add missing Javadoc for ConnectionConfig (#820)
• 3de8ad5 Fixed DefaultClientTlsStrategy test failures on MacOS
• c69f38f Bug-fix: corrects message exchange cancellation logic in InternalHttpAsyncExe...
• 30386d3 HTTPCLIENT-2417 Honor TlsConfig attachment in async connect path
• 9cc45f6 HTTPCLIENT-2414 - Fix Basic auth cache scoping across path prefixes (#802)
• 1e01a48 HTTPCLIENT-2415: Normalize CookieOrigin path for cookie matching (#803)
• Additional commits viewable in compare view

Updates org.apache.httpcomponents.client5:httpclient5-fluent from 5.5.2 to 5.6.1

Changelog

Sourced from org.apache.httpcomponents.client5:httpclient5-fluent's changelog.

Release 5.6.1

This is a maintenance release disables experimental SCRAM auth scheme by default and fixes SCRAM final response handling. The SCRAM auth scheme can be re-enabled by choosing a custom auth scheme preference sequence that explicitly includes SCRAM auth.

Change Log

• Fix SCRAM final response handling. Contributed by Arturo Bernal

• Auth challenge parsing code improvement. Contributed by Oleg Kalnichevski

• Add missing Javadoc for ConnectionConfig (#820). Contributed by Gary Gregory

• Bug fix: Corrected async message exchange cancellation logic in InternalHttpAsyncExecRuntime. Contributed by Oleg Kalnichevski

• HTTPCLIENT-2417: Honor TlsConfig attachment in async connect path. Contributed by Arturo Bernal

• HTTPCLIENT-2414: Fix Basic auth cache scoping across path prefixes (#802). Contributed by Arturo Bernal

• HTTPCLIENT-2415: Normalize CookieOrigin path for cookie matching (#803). Contributed by Arturo Bernal

• Bug fix: Corrected sleep time calculation in IdleConnectionEvictor; use 1 minute sleep time by default. Contributed by Oleg Kalnichevski

• DefaultManagedHttpClientConnection: Restore original socket timeout. Contributed by Ryan Schmitt

• HTTPCLIENT-2411: Use standard HTTP-date format for synthesized Date header (#775). Contributed by Arturo Bernal

• Fix NPE in connection evictor setup (#774). Contributed by Arturo Bernal

Release 5.6

... (truncated)

Commits

• 4f86ca6 HttpClient 5.6.1 release
• 1b2bafe Updated release notes for HttpClient 5.6.1 release
• 1acf00b Fix SCRAM final response handling
• 49549ab Auth challenge parsing code improvement
• fa6b6d7 Add missing Javadoc for ConnectionConfig (#820)
• 3de8ad5 Fixed DefaultClientTlsStrategy test failures on MacOS
• c69f38f Bug-fix: corrects message exchange cancellation logic in InternalHttpAsyncExe...
• 30386d3 HTTPCLIENT-2417 Honor TlsConfig attachment in async connect path
• 9cc45f6 HTTPCLIENT-2414 - Fix Basic auth cache scoping across path prefixes (#802)
• 1e01a48 HTTPCLIENT-2415: Normalize CookieOrigin path for cookie matching (#803)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[apupier]

previous PR to bump to 5.6 was closed by @davsclaus #20581

[github-actions]

🌟 Thank you for your contribution to the Apache Camel project! 🌟
🤖 CI automation will test this PR automatically.

🐫 Apache Camel Committers, please review the following items:

• First-time contributors require MANUAL approval for the GitHub Actions to run
• You can use the command /component-test (camel-)component-name1 (camel-)component-name2.. to request a test from the test bot although they are normally detected and executed by CI.
• You can label PRs using skip-tests and test-dependents to fine-tune the checks executed by this PR.
• Build and test logs are available in the summary page. Only Apache Camel committers have access to the summary.

⚠️ Be careful when sharing logs. Review their contents before sharing them publicly.

[davsclaus]

we are now on SB4 so we can upgrade

[github-actions]

🧪 CI tested the following changed modules:

• components/camel-http
• parent

ℹ️ Dependent modules were not tested because the total number of affected modules exceeded the threshold (50). Use the test-dependents label to force testing all dependents.

✅ POM dependency changes: targeted tests included

Changed properties: httpclient-version

Modules affected by dependency changes (20)

• :camel-as2-api
• :camel-box
• :camel-cm-sms
• :camel-cxf-rest
• :camel-cxf-soap
• :camel-cxf-spring-rest
• :camel-cxf-spring-soap
• :camel-geocoder
• :camel-graphql
• :camel-http
• :camel-itest
• :camel-jetty
• :camel-keycloak
• :camel-launcher
• :camel-oaipmh
• :camel-oauth
• :camel-splunk-hec
• :camel-weather
• :camel-wordpress
• :camel-workday

⚠️ Some tests are disabled on GitHub Actions (@DisabledIfSystemProperty(named = "ci.env.name")) and require manual verification:

• components/camel-http: 1 test(s) disabled on GitHub Actions

Build reactor — dependencies compiled but only changed modules were tested (21 modules)

• Camel :: AS2 :: API
• Camel :: Box :: Component
• Camel :: CM SMS
• Camel :: CXF :: REST
• Camel :: CXF :: REST :: Spring
• Camel :: CXF :: SOAP
• Camel :: CXF :: SOAP :: Spring
• Camel :: Geocoder
• Camel :: GraphQL
• Camel :: HTTP
• Camel :: Integration Tests
• Camel :: Jetty
• Camel :: Keycloak
• Camel :: Launcher
• Camel :: OAIPMH
• Camel :: OAuth
• Camel :: Parent
• Camel :: Splunk HEC
• Camel :: Weather
• Camel :: Wordpress
• Camel :: Workday

---

⚙️ View full build and test results

[davsclaus]

HttpCompressionTest needs manual fix/update

[apupier]

[camel-http] [ERROR] Tests run: 1, Failures: 1, Errors: 0, Skipped: 0, Time elapsed: 0.015 s <<< FAILURE! -- in org.apache.camel.component.http.HttpCompressionTest
[camel-http] [ERROR] org.apache.camel.component.http.HttpCompressionTest.compressedHttpPost -- Time elapsed: 0.013 s <<< FAILURE!
org.opentest4j.AssertionFailedError: expected: <camel rocks!> but was: <null>
	at org.junit.jupiter.api.AssertionFailureBuilder.build(AssertionFailureBuilder.java:158)
	at org.junit.jupiter.api.AssertionFailureBuilder.buildAndThrow(AssertionFailureBuilder.java:139)
	at org.junit.jupiter.api.AssertEquals.failNotEqual(AssertEquals.java:201)
	at org.junit.jupiter.api.AssertEquals.assertEquals(AssertEquals.java:184)
	at org.junit.jupiter.api.AssertEquals.assertEquals(AssertEquals.java:179)
	at org.junit.jupiter.api.Assertions.assertEquals(Assertions.java:1188)
	at org.apache.camel.component.http.BaseHttpTest.assertBody(BaseHttpTest.java:53)
	at org.apache.camel.component.http.HttpCompressionTest.compressedHttpPost(HttpCompressionTest.java:105)

[apupier]

there is a swallowed exception:

java.util.zip.ZipException: Not in GZIP format
	at java.base/java.util.zip.GZIPInputStream.readHeader(GZIPInputStream.java:197)
	at java.base/java.util.zip.GZIPInputStream.<init>(GZIPInputStream.java:81)
	at java.base/java.util.zip.GZIPInputStream.<init>(GZIPInputStream.java:112)
	at org.apache.camel.support.GZIPHelper.uncompressGzip(GZIPHelper.java:41)
	at org.apache.camel.component.http.HttpProducer.extractResponseBody(HttpProducer.java:536)
	at org.apache.camel.component.http.HttpProducer.populateResponse(HttpProducer.java:361)
	at org.apache.camel.component.http.HttpProducer.lambda$2(HttpProducer.java:275)
	at org.apache.camel.component.http.HttpProducer.executeMethod(HttpProducer.java:493)
	at org.apache.camel.component.http.HttpProducer.process(HttpProducer.java:251)
	at org.apache.camel.support.AsyncProcessorConverterHelper$ProcessorToAsyncProcessorBridge.process(AsyncProcessorConverterHelper.java:65)
	at org.apache.camel.impl.engine.SharedCamelInternalProcessor.processNonTransacted(SharedCamelInternalProcessor.java:156)
	at org.apache.camel.impl.engine.SharedCamelInternalProcessor.process(SharedCamelInternalProcessor.java:133)
	at org.apache.camel.impl.engine.SharedCamelInternalProcessor$1.process(SharedCamelInternalProcessor.java:89)
	at org.apache.camel.impl.engine.DefaultAsyncProcessorAwaitManager.process(DefaultAsyncProcessorAwaitManager.java:81)
	at org.apache.camel.impl.engine.SharedCamelInternalProcessor.process(SharedCamelInternalProcessor.java:86)
	at org.apache.camel.support.cache.DefaultProducerCache.send(DefaultProducerCache.java:180)
	at org.apache.camel.impl.engine.DefaultProducerTemplate.send(DefaultProducerTemplate.java:175)
	at org.apache.camel.impl.engine.DefaultProducerTemplate.send(DefaultProducerTemplate.java:171)
	at org.apache.camel.impl.engine.DefaultProducerTemplate.request(DefaultProducerTemplate.java:366)
	at org.apache.camel.component.http.HttpCompressionTest.compressedHttpPost(HttpCompressionTest.java:90)

[apupier]

Note that there is a note in changelog of httpclient that compression mechanism has been modified and now severzl libraries are optional and called by reflction but in theory the gzip format should still be available by default https://github.com/apache/httpcomponents-client/pull/737/changes#diff-a3be7429ae1a366fee7c16707e733d3afd4c5784661985706a77685cdd8be0e3R54

also not that adding commons-compress is not fixing the issue

[apupier]

very likely due to this kind of change

https://issues.apache.org/jira/browse/HTTPCLIENT-2409 where the content is ungzipped automatically in some cases

(currently readign and tryign to understand it to see what we shoudl do on our side)

[apupier]

We were previously basing actions to ungzip and content encoding on
headers of the response. It was possible because these headers were
previously removed by the client automatically. it is no more the case
as the headers are supposed to reflect what the opposite endpoint sent,
not the actual current state in httpclient. To know the current state,
we need to look to the entity.

test failure adressed

important changes provided since approval