Use HTTPS instead of HTTP to resolve dependencies
This fixes a security vulnerability in this project where the `pom.xml`
files were configuring Maven to resolve dependencies over HTTP instead of
HTTPS.
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
diff --git a/api/pom.xml b/api/pom.xml
index 2a1dbde..f4eb59d 100644
--- a/api/pom.xml
+++ b/api/pom.xml
@@ -483,7 +483,7 @@
<pluginRepository>
<id>java.net.repo</id>
<name>java.net repository</name>
- <url>http://download.java.net/maven/2/</url>
+ <url>https://download.java.net/maven/2/</url>
</pluginRepository>
</pluginRepositories>
</profile>
diff --git a/parent/pom.xml b/parent/pom.xml
index ee450a2..aecec5c 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -513,7 +513,7 @@
<pluginRepository>
<id>apache.snapshots.plugin</id>
<name>Apache Snapshot Repository</name>
- <url>http://repository.apache.org/snapshots</url>
+ <url>https://repository.apache.org/snapshots</url>
<releases>
<enabled>false</enabled>
</releases>
diff --git a/pom.xml b/pom.xml
index f7c8917..6db029b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -169,7 +169,7 @@
<pluginRepository>
<id>apache.snapshots.plugin</id>
<name>Apache Snapshot Repository</name>
- <url>http://repository.apache.org/snapshots</url>
+ <url>https://repository.apache.org/snapshots</url>
<releases>
<enabled>false</enabled>
</releases>