Details
-
Bug
-
Resolution: Done
-
Major
-
8.0.0.Beta
-
None
-
False
-
None
-
False
Description
It seems that there are still plain-text HTTP URLs used for Maven repositories of some JBoss EAP BOMs we get from nightly, see:
maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://repository.jboss.org/nexus/content/groups/public/</url> maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://repository.jboss.org/nexus/content/groups/public/</url> maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://repository.jboss.org/nexus/content/groups/public/</url> maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://repository.jboss.org/nexus/content/groups/public/</url> maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://repository.jboss.org/nexus/content/groups/public/</url> maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://repository.jboss.org/nexus/content/groups/public/</url> maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://repository.jboss.org/nexus/content/groups/public/</url> maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://repository.jboss.org/nexus/content/groups/public/</url> maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom: <url>http://repository.jboss.org/nexus/content/groups/public/</url> maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom: <url>http://repository.jboss.org/nexus/content/groups/public/</url> maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom: <url>http://repository.jboss.org/nexus/content/groups/public/</url> maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom: <url>http://repository.jboss.org/nexus/content/groups/public/</url> maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/ga/</url> maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/earlyaccess/all/</url> maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/ga/</url> maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/earlyaccess/all/</url> maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/ga/</url> maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/earlyaccess/all/</url> maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/ga/</url> maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/earlyaccess/all/</url> maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/ga/</url> maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/earlyaccess/all/</url> maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/ga/</url> maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/earlyaccess/all/</url> maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/ga/</url> maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/earlyaccess/all/</url> maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/ga/</url> maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/earlyaccess/all/</url> maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/ga/</url> maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/earlyaccess/all/</url> maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/ga/</url> maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/earlyaccess/all/</url> maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/ga/</url> maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/earlyaccess/all/</url> maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/ga/</url> maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom: <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
We should probably tend to use HTTPS where possible. Also, since Apache Maven 3.8.1 it blocks HTTP by default (even though it can be workarounded).
I looked into the upstream and there it seems okay. Also resulting generated boms from that repo seems to use HTTPS already and so are released ones. But productized BOMs are probably generated from some different codebase resulting in HTTP only use. Or is it some "performance" optimization that is present only in JBoss EAP nightly builds and will not be present in the official productized Beta/Final bits?
I vote to have it via HTTPS only, unless there is some reasonable argument
Attachments
Issue Links
- is related to
-
JBEAP-22608 EAP 8.0 Maven repository contains poms with repository definitions
- New