chargebee
Remove use of rest-client since it's no longer maintained
It looks like the rest-client gem no longer has any active maintainers and has not had a commit since 2019. A different http lib should be used that has active maintainers who are fixing bugs and security issues.
The bigger problem I see (until they have a replacement is that version 2.17 now has a restriction on version 2.0.2 of rest-client when older versions (like 2.8.6) worked perfectly fine with the version of 2.1.0 of rest-client.
I don't see how going back to an older version makes any sense.
Given how frequently http vulnerabilities pop up, this is really neglectful of Chargebee.
Hi @jfloff, @lilith, @jmlagace, @Oneill38 could you take a look at #85 when you have a moment? We're transitioning to Net::HTTP with the goal of removing rest-client as a dependency. Just want to make sure everything looks good from your side. Thanks!
Hey @jfloff, @lilith, @jmlagace, @Oneill38! We've released the beta version of the library, now using Net::HTTP and removing rest-client as a dependency. Could you give it a spin in your test environments and share any feedback? Thanks! 🙌
Hey @jfloff, @lilith, @jmlagace, @Oneill38! We've released the beta version of the library, now using Net::HTTP and removing rest-client as a dependency. Could you give it a spin in your test environments and share any feedback? Thanks! 🙌
I will take a look at this this weekend using our application. It uses just a couple CB calls but I will go through them in our tests
Closing this issue as we've moved from rest-client to native Net::HTTP since v2.49.0. Sorry for the delay in execution. Please feel free to reopen or post in the issue section if you encounter any problems.