Dependency on a maven http repository triggers warnings in maven 3.8.1
92 views
Skip to first unread message
Ulrich Schuster
Jan 18, 2022, 2:45:18 AM1/18/22
to Smooks Users
Good morning!
This is my first venture into smooks territory. I am trying out the latest 2.0.0-RC1-SNAPSHOT with maven 3.8.4. Upon dependency resolution, I run into the following problem:
[WARNING] Could not transfer metadata org.smooks.cartridges.edi:edifact-jaxb-bindings:2.0.0-RC1-SNAPSHOT/maven-metadata.xml from/to maven-default-http-blocker (http://0.0.0.0/): transfer failed for http://0.0.0.0/org/smooks/cartridges/edi/edifact-jaxb-bindings/2.0.0-RC1-SNAPSHOT/maven-metadata.xml
and
[WARNING] Could not transfer metadata org.smooks.cartridges.edi:smooks-edi-pom:2.0.0-RC1-SNAPSHOT/maven-metadata.xml from/to maven-default-http-blocker (http://0.0.0.0/): transfer failed for http://0.0.0.0/org/smooks/cartridges/edi/smooks-edi-pom/2.0.0-RC1-SNAPSHOT/maven-metadata.xml
The problem seems to result from the new maven policy to disallow non-secure repositories (maven inserts the default-http-blocker) instead. However, in my POM, I do reference the snapshot repository via HTTPS only:
<repositories>
<repository>
<id>oss.sonatype.org-snapshot</id>
<url>https://oss.sonatype.org/content/repositories/snapshots</url>
...
</repository>
</repositories>
<repository>
<id>oss.sonatype.org-snapshot</id>
<url>https://oss.sonatype.org/content/repositories/snapshots</url>
...
</repository>
</repositories>
Is there a transitive dependency somewhere that points to a non-HTTPS repository?
Claude
Jan 20, 2022, 1:57:04 PM1/20/22
to Smooks Users
Reply all
Reply to author
Forward
0 new messages