You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@brooklyn.apache.org by tb...@apache.org on 2020/02/11 09:01:56 UTC
[brooklyn-server] branch master updated: Use HTTPS instead of HTTP
to resolve dependencies
This is an automated email from the ASF dual-hosted git repository.
tbouron pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/brooklyn-server.git
The following commit(s) were added to refs/heads/master by this push:
new dc2cff6 Use HTTPS instead of HTTP to resolve dependencies
new fd87f86 Merge pull request #1086 from JLLeitschuh/fix/JLL/use_https_to_resolve_dependencies
dc2cff6 is described below
commit dc2cff61101fc25b6a68d7caa49b3d5b637bdaeb
Author: Jonathan Leitschuh <Jo...@gmail.com>
AuthorDate: Mon Feb 10 19:05:39 2020 -0500
Use HTTPS instead of HTTP to resolve dependencies
This fixes a security vulnerability in this project where the `pom.xml`
files were configuring Maven to resolve dependencies over HTTP instead of
HTTPS.
Signed-off-by: Jonathan Leitschuh <Jo...@gmail.com>
---
karaf/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/karaf/pom.xml b/karaf/pom.xml
index cd26a10..e0a3328 100644
--- a/karaf/pom.xml
+++ b/karaf/pom.xml
@@ -163,7 +163,7 @@
<repository>
<id>servicemix</id>
<name>Apache ServiceMix Repository</name>
- <url>http://svn.apache.org/repos/asf/servicemix/m2-repo</url>
+ <url>https://svn.apache.org/repos/asf/servicemix/m2-repo</url>
<releases>
<enabled>true</enabled>
</releases>