*  Fix: Embed Proguard rules to prevent warnings from tools like DexGuard and R8. These warnings
    were triggered by OkHttp’s feature detection for TLS packages like `org.conscrypt`,
    `org.bouncycastle`, and `org.openjsse`.
 *  Upgrade: Explicitly depend on `kotlin-stdlib-jdk8`. This fixes a problem with dependency
    locking. That's a potential security vulnerability, tracked as [CVE-2022-24329].

    interval of 30 seconds is reasonable for most use cases.

 *  **OkHttp now supports [Conscrypt][conscrypt].** Conscrypt is a Java Security
    Provider that integrates BoringSSL into the Java platform. Conscrypt
    supports more cipher suites than the JVM’s default provider and may also
    execute more efficiently.

    To use it, first register a [Conscrypt dependency][conscrypt_dependency] in
    your build system.

        .toList()
        .map { it.toByteString().hex() }

    if (platform.isConscrypt()) {
      if (tlsVersion == TlsVersion.TLS_1_3) {
        assertThat(sessionIds[0]).isEmpty()
        assertThat(sessionIds[1]).isEmpty()

        // https://github.com/google/conscrypt/issues/985
        // assertThat(directSessionIds).containsExactlyInAnyOrder(sessionIds[0], sessionIds[1])
      } else {

        is SSLHandshakeException -> {
          // JDK 11+
        }
        is SSLException -> {
          // javax.net.ssl.SSLException: readRecord
        }
        is SocketException -> {
          // Conscrypt, JDK 8 (>= 292), JDK 9
        }
        else -> {
          assertThat(expected.message).isEqualTo("exhausted all routes")
        }
      }
    }
  }

  @Test
  fun commonNameIsNotTrusted() {

  private val socketAdapters =
    listOfNotNull(
      StandardAndroidSocketAdapter.buildIfSupported(),
      DeferredSocketAdapter(AndroidSocketAdapter.playProviderFactory),
      // Delay and Defer any initialisation of Conscrypt and BouncyCastle
      DeferredSocketAdapter(ConscryptSocketAdapter.factory),
      DeferredSocketAdapter(BouncyCastleSocketAdapter.factory),
    ).filter { it.isSupported() }

  @Throws(IOException::class)

  private val socketAdapters =
    listOfNotNull(
      Android10SocketAdapter.buildIfSupported(),
      DeferredSocketAdapter(AndroidSocketAdapter.playProviderFactory),
      // Delay and Defer any initialisation of Conscrypt and BouncyCastle
      DeferredSocketAdapter(ConscryptSocketAdapter.factory),
      DeferredSocketAdapter(BouncyCastleSocketAdapter.factory),
    ).filter { it.isSupported() }

    testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
    testInstrumentationRunnerArguments += mapOf(
      "notClass" to "org.conscrypt.KitKatPlatformOpenSSLSocketImplAdapter,org.bouncycastle.pqc.crypto.qtesla.QTeslaKeyEncodingTests"
    )
  }

  compileOptions {
    targetCompatibility(JavaVersion.VERSION_11)

  "friendsApi"(projects.okhttp)
  api(projects.okhttpTls)
  api(libs.assertk)
  api(libs.bouncycastle.bcprov)
  implementation(libs.bouncycastle.bcpkix)
  implementation(libs.bouncycastle.bctls)
  api(libs.conscrypt.openjdk)
  api(libs.openjsse)

  api(rootProject.libs.junit.jupiter.engine)

  api(variantOf(libs.amazonCorretto) {
    classifier("linux-x86_64")
  })

  api(libs.hamcrestLibrary)

  "Bundle-SymbolicName: com.squareup.okhttp3.brotli"
)

dependencies {
  "friendsApi"(projects.okhttp)
  api(libs.brotli.dec)

  testImplementation(projects.okhttpTestingSupport)
  testImplementation(libs.conscrypt.openjdk)
  testImplementation(libs.junit)
  testImplementation(libs.kotlin.test.common)
  testImplementation(libs.kotlin.test.junit)
  testImplementation(libs.assertk)
}

mavenPublishing {

  testImplementation(projects.mockwebserver)
  testImplementation(projects.mockwebserver3Junit5)
  testImplementation(libs.squareup.okio.fakefilesystem)
  testImplementation(libs.conscrypt.openjdk)
  testImplementation(libs.junit)
  testImplementation(libs.kotlin.test.common)
  testImplementation(libs.kotlin.test.junit)
}

mavenPublishing {
  configure(KotlinJvm(javadocJar = JavadocJar.Empty()))