• Home
• io.codemodder
• core-codemods
• 0.97.3
• source code
• description.md

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

io.codemodder.codemods.codeql.CodeQLMavenSecureURLCodemod.description.md Maven / Gradle / Ivy

This change replaces any HTTP URLs found in `` definitions with HTTPS URLs. Without this change, Maven will make requests to either publish or retrieve artifacts over a plaintext channel.

That plaintext channel can be [observed or modified by malicious actors](https://en.wikipedia.org/wiki/Man-in-the-middle_attack) on the network path between the host running Maven and their intended repository. These actors could then sniff repository credentials, publish malicious artifacts, etc. Simply switching to an HTTPS URL is sufficient to make all of these attacks impossible in almost all situations.

Our changes look something like this:

```diff
  
  
    ...
    
      
        my-release-repo
        Acme Releases
-       http://repo.acme.com
+       https://repo.acme.com
      
    
  
```