Uploaded image for project: 'Apache Drill'
  1. Apache Drill
  2. DRILL-7270

Fix non-https dependency urls and add checksum checks

    XMLWordPrintableJSON

Details

    • Task
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 1.16.0
    • 1.19.0
    • Security
    • None

    Description

      Review any build scripts and configurations for insecure urls and make appropriate fixes to use secure urls.

      Projects like Lucene do checksum whitelists of all their build dependencies, and you may wish to consider that as a
      protection against threats beyond just MITM.

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. DRILL-7529 Building depends on poorly configured uncommon maven repositories

          • Trivial - Cosmetic problem like misspelt words or misaligned text.
          • Resolved
          is part of

          Improvement - An improvement or enhancement to an existing feature or task. DRILL-7878 Fix LGTM Alerts

          • Major - Major loss of function.
          • Open
          links to

          Web Link DRILL-7270 Working branch

          Activity

            People

              bohdan Bohdan Kazydub
              arina Arina Ielchiieva
              Vova Vysotskyi Vova Vysotskyi
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: