This is an automated email from the ASF dual-hosted git repository.
lewismc pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/any23-server.git
The following commit(s) were added to refs/heads/master by this push:
new ca4beaf Use HTTPS instead of HTTP to resolve dependencies
new 8e9617d Merge pull request #1 from
JLLeitschuh/fix/JLL/use_https_to_resolve_dependencies
ca4beaf is described below
commit ca4beaf8426edec95435b85832e142b786f047b3
Author: Jonathan Leitschuh <[email protected]>
AuthorDate: Mon Feb 10 19:05:32 2020 -0500
Use HTTPS instead of HTTP to resolve dependencies
This fixes a security vulnerability in this project where the `pom.xml`
files were configuring Maven to resolve dependencies over HTTP instead of
HTTPS.
Signed-off-by: Jonathan Leitschuh <[email protected]>
---
pom.xml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pom.xml b/pom.xml
index 386eeb3..7f15a3a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -113,7 +113,7 @@
</snapshots>
<id>bintray-allenai-maven</id>
<name>bintray</name>
- <url>http://allenai.bintray.com/maven</url>
+ <url>https://allenai.bintray.com/maven</url>
</repository>
</repositories>
<pluginRepositories>
@@ -123,7 +123,7 @@
</snapshots>
<id>bintray-allenai-maven</id>
<name>bintray-plugins</name>
- <url>http://allenai.bintray.com/maven</url>
+ <url>https://allenai.bintray.com/maven</url>
</pluginRepository>
</pluginRepositories>
