'Allow insecure protocols, android gradle
I recently updated my android studio to Arctic Fox and got an error in my project
A problem occurred configuring root project 'so10'.
> Could not resolve all dependencies for configuration ':classpath'.
> Using insecure protocols with repositories, without explicit opt-in, is unsupported. Switch Maven repository
'maven3(http://oss.sonatype.org/content/repositories/snapshots)' to redirect to a secure protocol (like HTTPS) or allow insecure protocols.
See https://docs.gradle.org/7.0.2/dsl/org.gradle.api.artifacts.repositories.UrlArtifactRepository.html#org.gradle.api.artifacts.repositories.UrlArtifactRepository:allowInsecureProtocol for more details.
This is my gradle where the problem occurs
repositories {
// maven { url 'https://maven.fabric.io/public' }
maven { url "https://jitpack.io" }
maven { url 'https://raw.github.com/Raizlabs/maven-releases/master/releases' }
maven { url 'http://oss.sonatype.org/content/repositories/snapshots'}
maven { url "https://plugins.gradle.org/m2/" }
maven { url 'https://maven.google.com' }
google()
mavenCentral()
jcenter()
}
How do I solve it?
Solution 1:[1]
For insecure HTTP connections in Gradle 7+ versions, we need to specify a boolean allowInsecureProtocol as true to MavenArtifactRepository
closure.
Since you have received this error for sonatype
repository, you need to set the repositories as below:
- Groovy DSL
repositories {
maven {
url "http://oss.sonatype.org/content/repositories/snapshots"
allowInsecureProtocol = true
}
// other repositories ...
}
- Kotlin DSL
repositories {
maven {
url = uri("http://oss.sonatype.org/content/repositories/snapshots")
isAllowInsecureProtocol = true
}
// other repositories ...
}
Solution 2:[2]
or you can just replace HTTP
with HTTPS
.
Solution 3:[3]
For those using the Kotlin DSL, the property name is different isAllowInsecureProtocol
maven {
url = uri("http://oss.sonatype.org/content/repositories/snapshots")
isAllowInsecureProtocol = true
}
Solution 4:[4]
Note that Gradle 7 onwards, any insecure URL is blocked, not only for repositories, so applying scripts would also fail.
apply from: "http://mycompany.com/buildscript.gradle"
Applying script plugins from insecure URIs, without explicit opt-in, is unsupported.
If you can't use HTTPS for whatever reasons, then do the following:
apply from: resources.text.fromInsecureUri("http://mycompany.com/buildscript.gradle")
However, if I were a Gradle dev, I'd provide a org.gradle.allow-insecure-protocol=true
to be set in the gradle.properties
and be done. I've opened https://github.com/gradle/gradle/issues/18006 for that.
Solution 5:[5]
Add allowInsecureProtocol = true for all unsecure http in repositories e.g.
maven {
url "http://storage.googleapis.com/r8-releases/raw"
allowInsecureProtocol = true
}
maven {
url "http://tokbox.bintray.com/maven/"
allowInsecureProtocol = true
}
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
Solution | Source |
---|---|
Solution 1 | |
Solution 2 | basaveshwar lamture |
Solution 3 | Ahmed Ashour |
Solution 4 | |
Solution 5 | basaveshwar lamture |