You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@aries.apache.org by cs...@apache.org on 2020/03/04 08:31:16 UTC
[aries-rsa] branch master updated: Use HTTPS instead of HTTP to
resolve dependencies (#41)
This is an automated email from the ASF dual-hosted git repository.
cschneider pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/aries-rsa.git
The following commit(s) were added to refs/heads/master by this push:
new 0e22df9 Use HTTPS instead of HTTP to resolve dependencies (#41)
0e22df9 is described below
commit 0e22df9a4f6d4298dd0189dddb34f57530328c92
Author: Jonathan Leitschuh <jo...@gmail.com>
AuthorDate: Wed Mar 4 03:31:10 2020 -0500
Use HTTPS instead of HTTP to resolve dependencies (#41)
This fixes a security vulnerability in this project where the `pom.xml`
files were configuring Maven to resolve dependencies over HTTP instead of
HTTPS.
Signed-off-by: Jonathan Leitschuh <Jo...@gmail.com>
---
parent/pom.xml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/parent/pom.xml b/parent/pom.xml
index 2c4fc66..870d6ec 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -311,7 +311,7 @@
<repository>
<id>apache.snapshots</id>
<name>Apache Maven Snapshot Repository</name>
- <url>http://repository.apache.org/content/groups/snapshots/</url>
+ <url>https://repository.apache.org/content/groups/snapshots/</url>
<releases>
<enabled>false</enabled>
</releases>
@@ -326,7 +326,7 @@
<pluginRepository>
<id>apache.snapshots</id>
<name>Apache Maven Snapshot Repository</name>
- <url>http://repository.apache.org/content/groups/snapshots/</url>
+ <url>https://repository.apache.org/content/groups/snapshots/</url>
<layout>default</layout>
<snapshots>
<enabled>true</enabled>