Use HTTPS instead of HTTP to resolve dependencies (#1067)
This fixes a security vulnerability in this project where the `pom.xml`
files were configuring Maven to resolve dependencies over HTTP instead of
HTTPS.
Signed-off-by: Jonathan Leitschuh <Jonathan.Leitschuh@gmail.com>
diff --git a/pom.xml b/pom.xml
index b141219..d4e0dad 100644
--- a/pom.xml
+++ b/pom.xml
@@ -64,7 +64,7 @@
<repositories>
<repository>
<id>eclipse-jetty</id>
- <url>http://repo2.maven.org/maven2/org/eclipse/jetty/jetty-distribution/</url>
+ <url>https://repo2.maven.org/maven2/org/eclipse/jetty/jetty-distribution/</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
diff --git a/tajo-common/pom.xml b/tajo-common/pom.xml
index 67128e5..a158110 100644
--- a/tajo-common/pom.xml
+++ b/tajo-common/pom.xml
@@ -34,7 +34,7 @@
<repositories>
<repository>
<id>apache.snapshots</id>
- <url>http://repository.apache.org/snapshots</url>
+ <url>https://repository.apache.org/snapshots</url>
<snapshots>
<enabled>true</enabled>
</snapshots>
diff --git a/tajo-project/pom.xml b/tajo-project/pom.xml
index 11b0d61..a965074 100644
--- a/tajo-project/pom.xml
+++ b/tajo-project/pom.xml
@@ -391,7 +391,7 @@
<repositories>
<repository>
<id>eclipse-jetty</id>
- <url>http://repo2.maven.org/maven2/org/eclipse/jetty/jetty-distribution/</url>
+ <url>https://repo2.maven.org/maven2/org/eclipse/jetty/jetty-distribution/</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
diff --git a/tajo-thirdparty/asm/pom.xml b/tajo-thirdparty/asm/pom.xml
index 6981edb..d449dd7 100644
--- a/tajo-thirdparty/asm/pom.xml
+++ b/tajo-thirdparty/asm/pom.xml
@@ -34,7 +34,7 @@
<repositories>
<repository>
<id>apache.snapshots</id>
- <url>http://repository.apache.org/snapshots</url>
+ <url>https://repository.apache.org/snapshots</url>
<snapshots>
<enabled>true</enabled>
</snapshots>
