[jira] (MNG-5679) Maven should fetch jars using https

Ben McCann (JIRA) Sun, 17 Aug 2014 15:28:54 -0700

Ben McCann created MNG-5679:
-------------------------------

             Summary: Maven should fetch jars using https
                 Key: MNG-5679
                 URL: https://jira.codehaus.org/browse/MNG-5679
             Project: Maven
          Issue Type: Bug
            Reporter: Ben McCann
            Priority: Critical



See the article "How to take over the computer of any Java (or Clojure or 
Scala) developer": 
http://blog.ontoillogical.com/blog/2014/07/28/how-to-take-over-any-java-developer/

As a result of this article, Sonatype has moved their repository to https and 
Typesafe has as well. (Typesafe found their GoDaddy cert doesn't work with some 
version of Java and is aiming to fix this by Aug 24, 2014)

When I download jars from Maven central using Maven, I'm using http. We really 
should make https the default here



--
This message was sent by Atlassian JIRA
(v6.1.6#6162)

[jira] (MNG-5679) Maven should fetch jars using https

Reply via email to