Loading...

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 8.0.0.GA-CR1, 8.0.0.GA
Affects Version/s: 8.0.0.Beta
Component/s: Productization
Labels:
None

Blocked:
False
Blocked Reason:
None
Ready:
False
CDW devel_ack:
CDW docs_ack:
CDW pm_ack:
CDW qa_ack:
CDW release:
Target Release:

8.0.0.GA

SFDC Cases Counter:
SFDC Cases Links:

It seems that there are still plain-text HTTP URLs used for Maven repositories of some JBoss EAP BOMs we get from nightly, see:

maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom:      <url>http://repository.jboss.org/nexus/content/groups/public/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-legacy-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-legacy-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/eap/wildfly-ejb-client-bom/8.0.0.Beta-redhat-20220801/wildfly-ejb-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/eap/wildfly-jaxws-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jaxws-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/eap/wildfly-jms-client-bom/8.0.0.Beta-redhat-20220801/wildfly-jms-client-bom-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8-with-tools/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-with-tools-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/ga/</url>
maven-repository/org/jboss/bom/jboss-eap-jakartaee8/8.0.0.Beta-redhat-20220801/jboss-eap-jakartaee8-8.0.0.Beta-redhat-20220801.pom:      <url>http://maven.repository.redhat.com/earlyaccess/all/</url>

We should probably tend to use HTTPS where possible. Also, since Apache Maven 3.8.1 it blocks HTTP by default (even though it can be workarounded).

I looked into the upstream and there it seems okay. Also resulting generated boms from that repo seems to use HTTPS already and so are released ones. But productized BOMs are probably generated from some different codebase resulting in HTTP only use. Or is it some "performance" optimization that is present only in JBoss EAP nightly builds and will not be present in the official productized Beta/Final bits?

I vote to have it via HTTPS only, unless there is some reasonable argument

is related to

JBEAP-22608 EAP 8.0 Maven repository contains poms with repository definitions

Resolved

Details

Description

Attachments

Issue Links

Activity

People

Dates