[
https://issues.apache.org/jira/browse/PDFBOX-3022?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14962943#comment-14962943
]
ASF subversion and git services commented on PDFBOX-3022:
---------------------------------------------------------
Commit 1709365 from [~tilman] in branch 'pdfbox/trunk'
[ https://svn.apache.org/r1709365 ]
PDFBOX-3022: remove https because of bad certificate
> Maven repos should be https
> ---------------------------
>
> Key: PDFBOX-3022
> URL: https://issues.apache.org/jira/browse/PDFBOX-3022
> Project: PDFBox
> Issue Type: Bug
> Affects Versions: 1.8.10, 1.8.11, 2.0.0
> Reporter: Ben McCann
> Assignee: Tilman Hausherr
> Priority: Critical
> Fix For: 1.8.11, 2.0.0
>
>
> I noticed there are 2 http Maven repos. Only https should be used for
> security reasons. See
> http://blog.ontoillogical.com/blog/2014/07/28/how-to-take-over-any-java-developer/
> This one you can simply change from http to https:
> ./parent/pom.xml:
> <url>http://jbig2-imageio.googlecode.com/svn/maven-repository/</url>
> This one there isn't an https version available:
> ./parent/pom.xml:
> <url>http://www.mygrid.org.uk/maven/repository</ur
> What library did the mygrid repo have to be added for? The myGrid Maven
> repository was mainly used for development of Taverna, which has since moved
> to the Apache Software Foundation, and uses https://repository.apache.org/
> and mirrors to Maven Central. Other software they publish has been gradually
> moved to https://bintray.com/ which should also offer secure connections.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org
