Sukhani, Tarun wrote:
We are currently using the legacy version of HttpClient (3.1) for one of
our projects. We noticed that the contrib.ssl package was not included
in the binary distribution. Is this because the code was frozen and any
contributions were excluded? The contrib.ssl classes are included in the
source distribution, so does that mean they are production quality?
Contrib code is distributed as reference material only.
Usually this is done for two reasons:
(1) code can be useful for some users but is out of scope for the
project. There is no guarantee that piece of code has been adequately
tested.
(2) code might have security implications and therefore should not be
used without a careful review. It is up to individual users to decide if
it is fit for production.
In both cases we, as a project, do not support contrib code.
Oleg
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
