Please don't use insecure repositories #265
Closed
Comments
ndw
added a commit
that referenced
this issue
Mar 2, 2018
ndw
added a commit
that referenced
this issue
Mar 2, 2018
ndw
added a commit
that referenced
this issue
Mar 2, 2018
Fails because maven.restlet.org has a bad cert. :-( See https://travis-ci.org/ndw/xmlcalabash1/builds/348340392 |
For me, maven { url "https://maven.restlet.com" } works. |
It works for me too, but Travis doesn't like it. They must be checking certificates more diligently.
I guess rather than going back to an insecure repository I'll just put them in the project locally for the time being. |
ndw
added a commit
that referenced
this issue
Mar 3, 2018
ndw
added a commit
that referenced
this issue
Mar 3, 2018
This appears to be resolved. I've got an https: link to restlet.org and it's working. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As of 8130aca, the build and generated POM use external repositories that are accessed by plain HTTP, not HTTP+TLS (
https
scheme). This exposes everyone who uses or builds this project (including you!) to man-in-the-middle attacks while downloading dependencies for it, injecting malicious code that runs with the full privileges of one's user account.Please remove or replace these repositories as soon as possible.
The text was updated successfully, but these errors were encountered: