This is an automated email from the ASF dual-hosted git repository.
lewismc pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/oodt.git
The following commit(s) were added to refs/heads/master by this push:
new ee27811 Use HTTPS instead of HTTP to resolve dependencies
new 2cddfc9 Merge pull request #117 from
JLLeitschuh/fix/JLL/use_https_to_resolve_dependencies
ee27811 is described below
commit ee27811899903e25cef3026e82601059c17a7ea7
Author: Jonathan Leitschuh <[email protected]>
AuthorDate: Mon Feb 10 19:45:26 2020 -0500
Use HTTPS instead of HTTP to resolve dependencies
This fixes a security vulnerability in this project where the `pom.xml`
files were configuring Maven to resolve dependencies over HTTP instead of
HTTPS.
Signed-off-by: Jonathan Leitschuh <[email protected]>
---
mvn/archetypes/radix/src/main/resources/archetype-resources/pom.xml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git
a/mvn/archetypes/radix/src/main/resources/archetype-resources/pom.xml
b/mvn/archetypes/radix/src/main/resources/archetype-resources/pom.xml
index 3e53b01..9b4439c 100644
--- a/mvn/archetypes/radix/src/main/resources/archetype-resources/pom.xml
+++ b/mvn/archetypes/radix/src/main/resources/archetype-resources/pom.xml
@@ -42,13 +42,13 @@
<repository>
<id>maven2</id>
<name>Java Sun Maven2 Repository</name>
- <url>http://download.java.net/maven/2</url>
+ <url>https://download.java.net/maven/2</url>
<layout>default</layout>
</repository>
<repository>
<id>apache.snapshots</id>
<name>Apache Snapshots</name>
- <url>http://repository.apache.org/snapshots/</url>
+ <url>https://repository.apache.org/snapshots/</url>
<releases>
<enabled>false</enabled>
</releases>
