You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@netbeans.apache.org by sk...@apache.org on 2020/02/11 14:20:14 UTC
[netbeans-mavenutils-nbm-maven-plugin] branch master updated:
[SECURITY] Use HTTPS to resolve dependencies in Maven Build (#6)
This is an automated email from the ASF dual-hosted git repository.
skygo pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/netbeans-mavenutils-nbm-maven-plugin.git
The following commit(s) were added to refs/heads/master by this push:
new 8304663 [SECURITY] Use HTTPS to resolve dependencies in Maven Build (#6)
8304663 is described below
commit 83046636ce6846db848f1e4045183b22a076234f
Author: Jonathan Leitschuh <jo...@gmail.com>
AuthorDate: Tue Feb 11 09:20:06 2020 -0500
[SECURITY] Use HTTPS to resolve dependencies in Maven Build (#6)
* Use HTTPS instead of HTTP to resolve dependencies
This fixes a security vulnerability in this project where the `pom.xml`
files were configuring Maven to resolve dependencies over HTTP instead of
HTTPS.
Signed-off-by: Jonathan Leitschuh <Jo...@gmail.com>
Remove reference to netbeans repository completly
Co-authored-by: Eric Barboni <sk...@apache.org>
---
src/it/pom.xml | 14 +-------------
1 file changed, 1 insertion(+), 13 deletions(-)
diff --git a/src/it/pom.xml b/src/it/pom.xml
index 3baa25e..6bb7eb8 100644
--- a/src/it/pom.xml
+++ b/src/it/pom.xml
@@ -21,18 +21,6 @@ under the License.
<artifactId>nbm-maven-plugin-it-root</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>pom</packaging>
- <repositories>
- <!--
- Repository hosting NetBeans modules, especially APIs.
- Versions are based on IDE releases, e.g.: RELEASE691
- To create your own repository, use: nbm:populate-repository
- -->
- <repository>
- <id>netbeans</id>
- <name>NetBeans</name>
- <url>http://bits.netbeans.org/nexus/content/groups/netbeans/</url>
- </repository>
- </repositories>
<build>
<pluginManagement>
<plugins>
@@ -61,4 +49,4 @@ under the License.
<properties>
<jar.plugin.version>3.0.2</jar.plugin.version>
</properties>
-</project>
\ No newline at end of file
+</project>
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@netbeans.apache.org
For additional commands, e-mail: commits-help@netbeans.apache.org
For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists