Loading...

Details

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 8.0.0.GA-CR1, 8.0.0.GA
Affects Version/s: 8.0.0.Beta
Component/s: Productization
Labels:
None

Blocked:
False
Blocked Reason:
None
Ready:
False
Target Release:

8.0.0.GA

SFDC Cases Counter:
SFDC Cases Links:

Description

It seems that there are still plain-text HTTP URLs used for Maven repositories of some JBoss EAP BOMs we get from nightly, see:

maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>

We should probably tend to use HTTPS where possible. Also, since Apache Maven 3.8.1 it blocks HTTP by default (even though it can be workarounded).

I looked into the upstream and there it seems okay. Also resulting generated boms from that repo seems to use HTTPS already and so are released ones. But productized BOMs are probably generated from some different codebase resulting in HTTP only use. Or is it some "performance" optimization that is present only in JBoss EAP nightly builds and will not be present in the official productized Beta/Final bits?

I vote to have it via HTTPS only, unless there is some reasonable argument

Attachments

Issue Links

is related to

JBEAP-22608 EAP 8.0 Maven repository contains poms with repository definitions

New

Some of JBoss EAP BOMs from nightly build still use maven repo url with plaintext http

Details

Description

Attachments

Issue Links

Activity

People

Dates