Download Maven artifacts and jar files over HTTPS
Just a small tip. By default maven downloads jar files over insecure http. That makes it easy to inject executable code and other nasty stuff. There is simple workaround to use HTTPS. Put this into ~/.m2/settings.xml:
<settings>
<mirrors>
<mirror>
<id>central22</id>
<name>central22</name>
<url>https://repo1.maven.org/maven2</url>
<mirrorOf>central</mirrorOf>
</mirror>
</mirrors>
</settings>
0 comments
[ 2.0 ms ] story [ 11.0 ms ] threadNo comments yet.