Getting "Blocked mirror for repositories" maven error even after adding mirrors

maven maven-mirroring

38,660

Solution 1

Maven now disables all insecure http://* mirrors by default. Here is explanation from maven mainteners: http://maven.apache.org/docs/3.8.1/release-notes.html#cve-2021-26291

More and more repositories use HTTPS nowadays, but this hasn’t always been the case. This means that Maven Central contains POMs with custom repositories that refer to a URL over HTTP. This makes downloads via such repository a target for a MITM attack. At the same time, developers are probably not aware that for some downloads an insecure URL is being used. Because uploaded POMs to Maven Central are immutable, a change for Maven was required. To solve this, we extended the mirror configuration with parameter, and we added a new external:http:* mirror selector (like existing external:*), meaning “any external URL using HTTP”. The decision was made to block such external HTTP repositories by default: this is done by providing a mirror in the conf/settings.xml blocking insecure HTTP external URLs.

The solution (not recommended for security reasons mentioned above) may be to remove <blocked> section from mirror list in default Maven settings.xml file (/usr/share/maven/conf/settings.xml)

Solution 2

If Stanislav Kardashov's solution doesn't help, just remove (or comment out) the whole http-blocker mirror in maven settings.xml.

Path (as pointed out in Stanislavs answer): /usr/share/maven/conf/settings.xml

    <!--
    <mirror>
      <id>maven-default-http-blocker</id>
      <mirrorOf>external:http:*</mirrorOf>
      <name>Pseudo repository to mirror external repositories initially using HTTP.</name>
      <url>http://0.0.0.0/</url>
      <blocked>true</blocked>
    </mirror>
        -->

Solution 3

If I had to guess, you're running the latest Maven, which disables HTTP. Try downgrading to Maven 3.6.

[Edit] That said, Stanislav's answer is the most correct.

Solution 4

Try converting the mirror from http to https if the maven repository that you are using have a secure endpoint available. This worked for me in case of confluent.

Solution 5

C:-> Users-> your_user_name -> .m2 -> settings.xml

Adding this mirror to your settings.xml file.

<mirror>
  <id>jaspersoft-third-party-mirror</id>
  <mirrorOf>jaspersoft-third-party</mirrorOf>
  <url>http://jaspersoft.jfrog.io/jaspersoft/third-party-ce-artifacts/</url>
  <blocked>false</blocked>
</mirror>

View more solutions

38,660

Author by

aratata

Updated on July 09, 2022

Comments

aratata 6 months

In my past project I had a problem with dependencies starting with http, just like this one Maven Build Failure -- DependencyResolutionException . Solution was to add mirrors for the project worked fine. Though now on another project I use the same dependencies, have the same setup and I am still getting the error. Any thoughts?