You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@opennlp.apache.org by jz...@apache.org on 2020/02/19 13:42:31 UTC
[opennlp] branch master updated: OPENNLP-1299: Use HTTPS instead of
HTTP to resolve dependencies (#371)
This is an automated email from the ASF dual-hosted git repository.
jzemerick pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/opennlp.git
The following commit(s) were added to refs/heads/master by this push:
new 43ccfd6 OPENNLP-1299: Use HTTPS instead of HTTP to resolve dependencies (#371)
43ccfd6 is described below
commit 43ccfd62663ea9ed62b6e070c6f5a1b0da546d86
Author: Jonathan Leitschuh <jo...@gmail.com>
AuthorDate: Wed Feb 19 08:42:17 2020 -0500
OPENNLP-1299: Use HTTPS instead of HTTP to resolve dependencies (#371)
This fixes a security vulnerability in this project where the `pom.xml`
files were configuring Maven to resolve dependencies over HTTP instead of
HTTPS.
Signed-off-by: Jonathan Leitschuh <Jo...@gmail.com>
---
pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 3afb1b4..38493b2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -47,7 +47,7 @@
<repository>
<id>apache.snapshots</id>
<name>Apache Snapshot Repository</name>
- <url>http://repository.apache.org/snapshots</url>
+ <url>https://repository.apache.org/snapshots</url>
<snapshots>
<enabled>true</enabled>
</snapshots>