This is an automated email from the ASF dual-hosted git repository.
tbouron pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/brooklyn-library.git
The following commit(s) were added to refs/heads/master by this push:
new e71139e Use HTTPS instead of HTTP to resolve dependencies
new f6e0512 Merge pull request #179 from
JLLeitschuh/fix/JLL/use_https_to_resolve_dependencies
e71139e is described below
commit e71139e8ee9533f908ff5464ec0241eda2f92d83
Author: Jonathan Leitschuh <[email protected]>
AuthorDate: Mon Feb 10 19:05:17 2020 -0500
Use HTTPS instead of HTTP to resolve dependencies
This fixes a security vulnerability in this project where the `pom.xml`
files were configuring Maven to resolve dependencies over HTTP instead of
HTTPS.
Signed-off-by: Jonathan Leitschuh <[email protected]>
---
pom.xml | 2 +-
software/messaging/pom.xml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/pom.xml b/pom.xml
index 7ae47dc..18540bb 100644
--- a/pom.xml
+++ b/pom.xml
@@ -80,7 +80,7 @@
<repository>
<id>apache.snapshots</id>
<name>Apache Snapshot Repository</name>
- <url>http://repository.apache.org/snapshots</url>
+ <url>https://repository.apache.org/snapshots</url>
<releases>
<enabled>false</enabled>
</releases>
diff --git a/software/messaging/pom.xml b/software/messaging/pom.xml
index 6a27cde..8c37367 100644
--- a/software/messaging/pom.xml
+++ b/software/messaging/pom.xml
@@ -36,7 +36,7 @@
<repositories>
<repository>
<id>clojars.org</id>
- <url>http://clojars.org/repo</url>
+ <url>https://clojars.org/repo</url>
</repository>
</repositories>
