fetchMavenArtifact: switch mirrors to https

Maven repositories are disabling HTTP support for security. Even though Nix adds some security with its own hash validation, broken mirrors are a, well, suboptimal experience. I don't know of any plans by sonatype, but it seems like a matter of time. https://www.lightbend.com/blog/lightbend-to-require-https-on-repos-starting-august-5-2020
4 years ago · f0568c2228
parent 10fafe2125
commit f0568c2228
2 changed files with 7 additions and 7 deletions
--- a/pkgs/build-support/fetchmavenartifact/default.nix
+++ b/pkgs/build-support/fetchmavenartifact/default.nix
@ -3,10 +3,10 @@
 { fetchurl, stdenv }:
 let
  defaultRepos = [
-    "http://repo1.maven.org/maven2"
-    "http://oss.sonatype.org/content/repositories/releases"
-    "http://oss.sonatype.org/content/repositories/public"
-    "http://repo.typesafe.com/typesafe/releases"
+    "https://repo1.maven.org/maven2"
+    "https://oss.sonatype.org/content/repositories/releases"
+    "https://oss.sonatype.org/content/repositories/public"
+    "https://repo.typesafe.com/typesafe/releases"
  ];
 in

--- a/pkgs/development/interpreters/clojurescript/lumo/deps.nix
+++ b/pkgs/development/interpreters/clojurescript/lumo/deps.nix
@ -4,9 +4,9 @@
 let repos = [
      "https://repo.clojars.org/"
      "https://repo1.maven.org/"
-      "http://oss.sonatype.org/content/repositories/releases/"
-      "http://oss.sonatype.org/content/repositories/public/"
-      "http://repo.typesafe.com/typesafe/releases/"
+      "https://oss.sonatype.org/content/repositories/releases/"
+      "https://oss.sonatype.org/content/repositories/public/"
+      "https://repo.typesafe.com/typesafe/releases/"
    ];

 in rec {