Recently Maven build jobs running in Jenkins are failing with the below exception saying that they couldn't pull dependencies from Maven Central and should use HTTPS. I'm not sure how to change the requests from HTTP to HTTPS. Could someone guide me on this matter?
[ERROR] Unresolveable build extension:
Plugin org.apache.maven.wagon:wagon-ssh:2.1 or one of its dependencies could not be resolved:
Failed to collect dependencies for org.apache.maven.wagon:wagon-ssh:jar:2.1 ():
Failed to read artifact descriptor for org.apache.maven.wagon:wagon-ssh:jar:2.1:
Could not transfer artifact org.apache.maven.wagon:wagon-ssh:pom:2.1 from/to central (http://repo.maven.apache.org/maven2):
Failed to transfer file: http://repo.maven.apache.org/maven2/org/apache/maven/wagon/wagon-ssh/2.1/wagon-ssh-2.1.pom.
Return code is: 501, ReasonPhrase:HTTPS Required. -> [Help 2]
Waiting for Jenkins to finish collecting data[ERROR]
Plugin org.apache.maven.plugins:maven-clean-plugin:2.4.1 or one of its dependencies could not be resolved:
Failed to read artifact descriptor for org.apache.maven.plugins:maven-clean-plugin:jar:2.4.1:
Could not transfer artifact org.apache.maven.plugins:maven-clean-plugin:pom:2.4.1 from/to central (http://repo.maven.apache.org/maven2):
Failed to transfer file: http://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-clean-plugin/2.4.1/maven-clean-plugin-2.4.1.pom.
Return code is: 501 , ReasonPhrase:HTTPS Required. -> [Help 1]
The reason for the observed error is explained in Central 501 HTTPS Required
Effective January 15, 2020, The Central Repository no longer supports
insecure communication over plain HTTP and requires that all requests
to the repository are encrypted over HTTPS.
It looks like latest versions of Maven (tried with 3.6.0, 3.6.1) are already using the HTTPS URL by default.
Here are the dates when the major repositories will switch:
Your Java builds might break starting January 13th (if you haven't yet switched repo access to HTTPS)
Update: Seems like from maven 3.2.3 maven central is accessed via HTTPS
See https://stackoverflow.com/a/25411658/5820670
Maven Change log
(http://maven.apache.org/docs/3.2.3/release-notes.html)
I am facing the same problem. There are two solutions that I tried, and both works fine for me.
Update the Maven version repository (Maven version >= 3.2.3)
Restrict the current Maven version to use HTTPS links.
Update the Maven version repository:
Download the Apache Maven binary that includes the default https addresses (Apache Maven 3.6.3 binary). And open the Options dialog window in tools of NetBeans menu bar (Java Maven Dialog View). And select browse option in Maven Home List Box (Maven Home List Box View). After adding the Apache Maven newly downloaded version (Updated Maven Home List Box View), the project builds and runs successfully.
Restrict the current Maven version to use HTTPS links:
Include the following code in pom.xml of your project.
<project>
...
<pluginRepositories>
<pluginRepository>
<id>central</id>
<name>Central Repository</name>
<url>https://repo.maven.apache.org/maven2</url>
<layout>default</layout>
<snapshots>
<enabled>false</enabled>
</snapshots>
<releases>
<updatePolicy>never</updatePolicy>
</releases>
</pluginRepository>
</pluginRepositories>
<repositories>
<repository>
<id>central</id>
<name>Central Repository</name>
<url>https://repo.maven.apache.org/maven2</url>
<layout>default</layout>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
</repositories>
</project>
Effective January 15, 2020, The Central Repository no longer supports
insecure communication over plain HTTP and requires that all requests
to the repository are encrypted over HTTPS.
If you're receiving this error, then you need to replace all URL
references to Maven Central with their canonical HTTPS counterparts.
(source)
We have made the following changes in my project's build.gradle:
Old:
repositories {
maven { url "http://repo.maven.apache.org/maven2" }
}
New:
repositories {
maven { url "https://repo.maven.apache.org/maven2" }
}
Try to hit the below URL in any browser. It will return 501
http://repo.maven.apache.org/maven2/org/apache/maven/wagon/wagon-ssh/2.1/wagon-ssh-2.1.pom
Please try with https. It will download a pom.xml file:
https://repo.maven.apache.org/maven2/org/apache/maven/wagon/wagon-ssh/2.1/wagon-ssh-2.1.pom
Please add it (https://repo.maven.apache.org/maven2) in the setting.xml file:
<repositories>
<repository>
<id>Central Maven repository</id>
<name>Central Maven repository https</name>
<url>https://repo.maven.apache.org/maven2</url>
</repository>
</repositories>
I was using a clean install of Maven/Java on a Docker container.
For me, I had to cd $M2_HOME/conf and edit the settings.xml file there. Add the following block inside <mirrors>...</mirrors>
<mirror>
<id>central-secure</id>
<url>https://repo.maven.apache.org/maven2</url>
<mirrorOf>central</mirrorOf>
</mirror>
Update the central repository of Maven and use https instead of http.
<repositories>
<repository>
<id>central</id>
<name>Central Repository</name>
<url>https://repo.maven.apache.org/maven2</url>
<layout>default</layout>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
</repositories>
Add this in pom.xml file. It works fine for me
<pluginRepositories>
<pluginRepository>
<id>central</id>
<name>Central Repository</name>
<url>https://repo.maven.apache.org/maven2</url>
<layout>default</layout>
<snapshots>
<enabled>false</enabled>
</snapshots>
<releases>
<updatePolicy>never</updatePolicy>
</releases>
</pluginRepository>
</pluginRepositories>
<repositories>
<repository>
<id>central</id>
<name>Central Repository</name>
<url>https://repo.maven.apache.org/maven2</url>
<layout>default</layout>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
</repositories>
Maven is moving to HTTPS and disabling HTTP access
Short story, from January 15, 2020, Maven Central repository is not longer supporting HTTP connections (other repositories are doing the same). Therefore, you will indicate your Maven/Gradle settings to use an HTTPS URL.
Solution:
You can choose one of the following three approaches.
Add a repository in your project´s pom.xml file
<project>
...
<repositories>
<repository>
<id>central maven repo</id>
<name>central maven repo https</name>
<url>https://repo.maven.apache.org/maven2</url>
</repository>
</repositories>
</project>
Add the repository into a profile in the settings.xml file.
<profile>
<id>my profile</id>
<repositories>
<repository>
<id>central maven repo</id>
<name>central maven repo https</name>
<url>https://repo.maven.apache.org/maven2</url>
</repository>
</repositories>
</profile>
Update you maven version to a new one that uses https values as default. The lastest one at this moment 3.6.3 Download here
For Gradle:
Only replace the URL for the HTTPS version.
repositories {
maven { url "https://repo.maven.apache.org/maven2" }
}
I was added following code segment to setting.xml and it was resolved the issue,
<mirrors>
<mirror>
<id>maven-mirror</id>
<name>Maven Mirror</name>
<url>https://repo.maven.apache.org/maven2</url>
<mirrorOf>central</mirrorOf>
</mirror>
</mirrors>
I was using an outdated version of Maven (3.0.3 and 3.1). These older versions no longer supports http repositories (as mentioned above). Upgrading to Maven 3.6 was the fix for me.
As stated in other answers, https is now required to make requests to Maven Central, while older versions of Maven use http.
If you don't want to/cannot upgrade to Maven 3.2.3+, you can do a workaround by adding the following code into your MAVEN_HOME\conf\settings.xml into the <profiles> section:
<profile>
<id>maven-https</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<repositories>
<repository>
<id>central</id>
<url>https://repo1.maven.org/maven2</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<id>central</id>
<url>https://repo1.maven.org/maven2</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
</pluginRepository>
</pluginRepositories>
</profile>
This will be always an active setting unless you disable/override it in your POM when needed.
I have the same issue, but I use GitLab instead of Jenkins. The steps I had to do to get over the issue:
My project is in GitLab so it uses the .yml file which points to a Docker image I have to do continuous integration, and the image it uses has the http://maven URLs. So I changed that to https://maven.
That same Dockerfile image had an older version of Maven 3.0.1 that gave me issues just overnight. I updated the Dockerfile to get the latest version 3.6.3
I then deployed that image to my online repository, and updated my Maven project ymlfile to use that new image.
And lastly, I updated my main projects POM file to reference https://maven... instead of http://maven
I realize that is more specific to my setup. But without doing all of the steps above I would still continue to get this error message
Return code is: 501 , ReasonPhrase:HTTPS Required
For me (corporate coder) also adding a mirror repository in the settings.xml fixed the issue. I am also using Maven inside a docker container.
<mirrors>
<mirror>
<id>https-mirror</id>
<name>Https Mirror Repository</name>
<url>https://repo1.maven.org/maven2</url>
<mirrorOf>central</mirrorOf>
</mirror>
</mirrors>
For all the corporate coders, ideally,
if you get this error, it means that your code base is still being built from open-source community. You need to over ride the "central" repository with your in house company Maven repository manager.
You can go to your settings.xml and override your central repository URL from http:// to https://
<M2_HOME>/conf/settings.xml
Find the mirrors sections and add the following entry:
<mirror>
<id>other-mirror</id>
<name>Other Mirror Repository</name>
<url>https://other-mirror.repo.other-company.com/maven2</url>
<mirrorOf>central</mirrorOf>
</mirror>
In the URL section, if you were using either http://repo1.maven.org/maven2/ or http://repo.maven.apache.org/maven2/ then
Replace http://repo1.maven.org/maven2/ with https://repo1.maven.org/maven2/
Replace http://repo.maven.apache.org/maven2/ with https://repo.maven.apache.org/maven2/
You need to ideally use your company source control management/repository URL over here. As this will block any contact with open source Maven repository community.
As mentioned in other answers, effective from 15 January 2020, the central Maven repository doesn't support insecure communication over plain HTTP.
If you are using Netbeans older version, you have to make changes in maven to use https over http
Open C:\Program Files\NetBeans8.0.2\java\maven\conf\settings.xml
and paste below code in between mirrors tag
<mirror>
<id>maven-mirror</id>
<name>Maven Mirror</name>
<url>https://repo.maven.apache.org/maven2</url>
<mirrorOf>central</mirrorOf>
</mirror>
It will force maven to use https://repo.maven.apache.org/maven2 url.
Using Ubuntu 16.04, java 1.8.0_201.
I un-installed old maven and installed Maven 3.6.3,
still got this error that Maven dependencies are failing with a 501 error.
Realized it could be a truststore/keystore issue associated with requiring https.
Found that you can now configure -Djavax options using a jvm.config file, see: https://maven.apache.org/configure.html.
As I am also using Tomcat I copied the keystore & truststore config from Tomcat (setenv.sh) to my jvm.config and then it worked!
There is also an option to pass the this config in 'export MAVEN_OPTS' (when using mvn generate) but although this stopped the 501 error it created another: it expected a pom file.
Creating a separate jvm.config file works perfectly, just put it in the root of your project.
Hopefully this helps someone, took me all day to figure it out!
Same issue is also occuring for jcenter.
From 13 Jan 2020 onwards, Jcenter is only available at HTTPS.
Projects getting their dependencies using the same will start facing issues. For quick fixes do the following in your build.gradle
instead of
repositories {
jcenter ()
//others
}
use this:
repositories {
jcenter { url "http://jcenter.bintray.com/"}
//others
}
The error:
Failed to transfer file: http://repo.maven.apache.org/maven2/org/apache/maven/wagon/wagon-ssh/2.1/wagon-ssh-2.1.pom.
Return code is: 501 , ReasonPhrase:HTTPS Required.
Root cause analysis:
Maven central is expecting that the clients use https, but the client is making plain HTTP request only.
Therefore, the request for downloading the package named 'wagon-ssh-2.1.pom' had failed.
How to fix the problem?
Replace the URL "http://repo.maven.apache.org/maven2"
with "https://repo.maven.apache.org/maven2"
in pom.xml file or build.gradle file of the project.
My current environment does not support HTTPS, so adding the insecure version of the repo solved my problem: http://insecure.repo1.maven.org as per Sonatype
<repositories>
<repository>
<id>Central Maven repository</id>
<name>Central Maven repository insecure</name>
<url>http://insecure.repo1.maven.org</url>
</repository>
</repositories>
The following link got me out of the trouble,
https://support.sonatype.com/hc/en-us/articles/360041287334-Central-501-HTTPS-Required
You could make the changes either in your maven, apache-maven/conf/settings.xml.
Or, if you are specifying in your pom.xml, make the change there.
Before,
<repository>
<id>maven_central_repo</id>
<url>http://repo.maven.apache.org/maven2</url>
</repository>
Now,
<repository>
<id>maven_central_repo</id>
<url>https://repo.maven.apache.org/maven2</url>
</repository>
Note the change from http to https
Sharing this in case anyone needs it:
Old Gradle config( without Gitlab , Docker deployments , for simple projects)
repositories {
google()
jcenter()
maven { url "http://dl.bintray.com/davideas/maven" }
maven { url 'https://plugins.gradle.org/m2/' }
maven { url 'http://repo1.maven.org/maven2' }
maven { url 'http://jcenter.bintray.com' }
}
New config :
repositories {
google()
jcenter()
maven { url "https://dl.bintray.com/davideas/maven" }
maven { url 'https://plugins.gradle.org/m2/' }
maven { url 'https://repo1.maven.org/maven2' }
maven { url 'https://jcenter.bintray.com' }
}
Notice the https. Happy coding :)
Originally from https://stackoverflow.com/a/59796324/32453 though this might be useful:
Beware that your parent pom can (re) define repositories as well, and if it has overridden central and specified http for whatever reason, you'll need to fix that (so places to fix: ~/.m2/settings.xml
AND also parent poms).
If you can't fix it in parent pom, you can override parent pom's repo's, like this, in your child pom (extracted from the 3.6.3 default super pom, seems they changed the name from repo1 as well):
<repositories>
<repository>
<id>central</id>
<name>Central Repository</name>
<url>https://repo.maven.apache.org/maven2</url> <!-- the https you've been looking for -->
<layout>default</layout>
<snapshots>
<enabled>false</enabled> <!-- or set to true if desired, default is false -->
</snapshots>
</repository>
</repositories>
This error occured to me too. I did what Muhammad umer said above. But, it only solved error for spring-boot-dependencies and spring-boot-dependencies has child dependencies. Now, there were 21 errors. Previously, it was 2 errors. Like this:
Non-resolvable import POM: Could not transfer artifact org.springframework.cloud:spring-cloud-dependencies:pom:Hoxton.SR3 from/to central
and also https required in the error message.
I updated the maven version from 3.2.2 to 3.6.3 and java version from 8 to 11. Now, all errors of https required are gone.
To update maven version
Download latest maven from here: download maven
Unzip and move it to /opt/maven/
Set the path export PATH=$PATH:/opt/maven/bin
And, also remove old maven from PATH
On an old grails environment the only thing that works without upgrading is:
settings.xml
<settings>
<mirrors>
<mirror>
<id>centralhttps</id>
<mirrorOf>central</mirrorOf>
<name>Maven central https</name>
<url>http://insecure.repo1.maven.org/maven2/</url>
</mirror>
</mirrors>
</settings>
I downloaded latest eclipse and tarted to use from here https://www.eclipse.org/downloads/packages/release/ which resolved my problem.
I hit this problem with the latest version (August 2020) (after not using Maven on this machine for ages) and was scratching my head as to why it could still be an issue after reading these answers.
Turns out I had an old settings.xml sitting in the .m2/ folder in my home directory with some customisations from years ago.
However, even deleting that file didn't fix it for me. I ended up deleting the entire .m2 folder.
I don't think there was anything else in it except for downloaded resources. Maybe just deleting folders like repository/org/apache/maven/archetype would have been sufficient.
I downloaded the last netbeans version 12.2, and the problem was resolved.
Add the following repository in pom.xml.
<project>
...
<repositories>
<repository>
<id>central</id>
<name>Maven Plugin Repository</name>
<url>https://repo1.maven.org/maven2</url>
<layout>default</layout>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
</repositories>
...
</project>
I've inherited a badly written Java/Spring project. I'm using Eclipse STS as an IDE. Every time I'm trying to set up another computer for development, I'm entering a world of pain. After a lot of tinkering and fighthing, I've narrowed the problem down to one reoccurring issue - Maven's Repository.
I've opened the project in STS on a new computer. The project won't build, because it claims some Spring jar is missing or invalid. The file is there ( in the .m2) directory. Deleting it an updating the Maven dependencies downloads a correct version of the file, and the error disappears. Only to be replaced with another error, about another jar file.
After repeating the process several times, I no longer get the invalid jar file error. Instead I got a strange error saying assembly is an invalid XML element.
I delete the .m2 folder entirely and let Maven repopulate it, the error has not disappeared. Only after I copied the .m2 folder from another computer (where the project does compile and work) did the problem disappear.
There are no Maven related errors in the Eclipse error log. All I see are compilation errors in the Problems pane.
Why does Maven keep downloading corrupted JAR files? And how can I avoid this problem every time?
CLARIFICATION: We're not using a proxy, and we do not experience any networking issues downloading any other file. Python's pip, Node's npm, Microsoft's nuget and even bower all work flawlessly, several times a day, sometimes on projects just as big. This is a Maven only issue, and numerous machines.
ADDITIONAL INFO:
I'm using STS 3.9.0.RELEASE (which is based on Eclipse 4.6.3). I'm using the STS embedded Maven, which is version 3.3.9/1.7.0.20160603-1931 (that's a very elaborate version number, I'm not sure exactly what it means...).
I do not have a ~/.m2/settings.xml file (I deleted the entire .m2 directory)
Here is the repositories section from pom.xml:
<repositories>
<!-- For main Spring releases -->
<repository>
<id>org.springframework.maven.release</id>
<name>Spring Maven Release Repository</name>
<url>http://maven.springframework.org/release</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
<!-- For testing against latest Spring snapshots -->
<repository>
<id>org.springframework.maven.snapshot</id>
<name>Spring Maven Snapshot Repository</name>
<url>http://maven.springframework.org/snapshot</url>
<releases>
<enabled>false</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
<!-- For developing against latest Spring milestones -->
<repository>
<id>org.springframework.maven.milestone</id>
<name>Spring Maven Milestone Repository</name>
<url>http://maven.springframework.org/milestone</url>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
<repository>
<id>jboss</id>
<name>JBoss repository</name>
<url>https://repository.jboss.org/nexus/content/repositories/releases</url>
</repository>
<repository>
<id>Servlet-api</id>
<name>Servlet-api repository</name>
<!-- <url>http://repo1.maven.org/maven2/javax/servlet/javax.servlet-api/3.0.1/</url> -->
<url>http://search.maven.org/</url>
</repository>
</repositories>
I have installed Maven 3.5.0 and told Eclipse to use it. For now it seems to be working.
Perhaps one thing you could do is to prevent maven from downloading snaphots, or explicitly define versions in your pom file for jar files which you are confident work. Within the repository tag you could add the snapshot tag. Maybe releases will be more stable.
<repository>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
In <DistributionManagement> ... </DistributionManagement>
and <Repositories> ... <Repositories> sections, there can be a
<Repository> ... </Repository>
definition. What's the difference between the two definition? This is one example:
<distributionManagement>
<downloadUrl>https://github.com/marytts/marytts/releases</downloadUrl>
<repository>
<id>bintray</id>
<url>https://api.bintray.com/maven/marytts/marytts/marytts</url>
</repository>
<snapshotRepository>
<id>bintray</id>
<url>http://oss.jfrog.org/artifactory/oss-snapshot-local</url>
</snapshotRepository>
</distributionManagement>
And
<repositories>
<repository>
<id>marytts-dependencies</id>
<name>marytts-dependencies</name>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
<url>file://${project.local.repository.path}</url>
</repository>
<repository>
<id>central</id>
<name>jcenter</name>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
<url>http://jcenter.bintray.com</url>
</repository>
</repositories>
Distribution Management
Distribution management acts precisely as it sounds: it manages the
distribution of the artifact and supporting files generated throughout
the build process. Starting with the last elements first:
Repository
Where as the repositories element specifies in the POM the location
and manner in which Maven may download remote artifacts for use by the
current project, distributionManagement specifies where (and how) this
project will get to a remote repository when it is deployed. The
repository elements will be used for snapshot distribution if the
snapshotRepository is not defined.
Deploy using the repository layout
To deploy your file using the maven layout you should define the distribution management location :
<project>
...
<distributionManagement>
<repository>
<id>myrepository</id>
<url>file:D:/repository/</url>
</repository>
</distributionManagement>
</project>
Then you just need to execute the following command to get you artifact copied in your file system location
Maven command to deploy a file in the local file system
mvn deploy
Site Distribution
More than distribution to the repositories, distributionManagement is
responsible for defining how to deploy the project's site and
documentation.
In pom.xml, configure where to deploy your site within distributionManagement tag.
<distributionManagement>
<site>
<id>mkyongserver</id>
<url>dav:http://127.0.0.1/sites/</url>
</site>
</distributionManagement>
Relocation
Projects are not static; they are living things (or dying things, as
the case may be). A common thing that happens as projects grow, is
that they are forced to move to more suitable quarters. For example,
when your next wildly successful open source project moves under the
Apache umbrella, it would be good to give your users as heads-up that
the project is being renamed to org.apache:my-project:1.0. Besides
specifying the new address, it is also good form to provide a message
explaining why.
Repositories
Repositories are collections of artifacts which adhere to the Maven
repository directory layout. In order to be a Maven repository
artifact, a POM file must live within the structure
$BASE_REPO/groupId/artifactId/version/artifactId-version.pom.
$BASE_REPO can be local (file structure) or remote (base URL); the
remaining layout will be the same. Repositories exist as a place to
collect and store artifacts. Whenever a project has a dependency upon
an artifact, Maven will first attempt to use a local copy of the
specified artifact. If that artifact does not exist in the local
repository, it will then attempt to download from a remote repository.
The repository elements within a POM specify those alternate
repositories to search.
The repository is one of the most powerful features of the Maven
community. The default central Maven repository lives on
http://repo.maven.apache.org/maven2/. Another source for artifacts not
yet in iBiblio is the Codehaus snapshots repo.
Be remember you can add only one <repository> and one <snapshotRepository> child inside <distributionManagement>
How to declare proxy
Just go to Maven-> conf-> setting.xml file and add proxy
<proxies>
<proxy>
<id>myproxy</id>
<active>true</active>
<protocol>http</protocol>
<host>global.proxy.mycompany.com</host>
<port>8000</port>
<username></username>
<password></password>
<nonProxyHosts>localhost,127.0.0.1</nonProxyHosts>
</proxy>
</proxies>
I have just checked out some projects and need to build them, however I installed Maven quite some time ago (6 months maybe?) and really haven't used it since - the pom.xml for the project I have doesn't have this "http://repo1.maven.org/myurlhere" anywhere in it - it has the absolute url where the Maven repo is for the project, but Maven is still trying to download from the general Maven repo:
Macintosh:trunk$ mvn clean install
[INFO] Scanning for projects...
Downloading: http://repo1.maven.org/url/project/project/x.x/project-x.x.pom
[INFO] Unable to find resource 'url.project:project:pom:x.x' in repository central (http://repo1.maven.org/)
[INFO] ------------------------------------------------------------------------
[ERROR] FATAL ERROR
[INFO] ------------------------------------------------------------------------
[INFO] Failed to resolve artifact.
GroupId: url.project
ArtifactId: project
Version: x.x
Reason: Unable to download the artifact from any repository
url.project:project:pom:x.x
from the specified remote repositories:
central (http://repo1.maven.org/)
Can anyone help me with what I'm not doing right?
Basically, I have just checked the projects out from the command line, cd-ed into the directory and ran mvn clean install - nothing else.
Any help is greatly appreciated.
the pom.xml for the project I have doesn't have this "http://repo1.maven.org/myurlhere" anywhere in it
All projects have http://repo1.maven.org/ declared as <repository> (and <pluginRepository>) by default. This repository, which is called the central repository, is inherited like others default settings from the "Super POM" (all projects inherit from the Super POM). So a POM is actually a combination of the Super POM, any parent POMs and the current POM. This combination is called the "effective POM" and can be printed using the effective-pom goal of the Maven Help plugin (useful for debugging).
And indeed, if you run:
mvn help:effective-pom
You'll see at least the following:
<repositories>
<repository>
<snapshots>
<enabled>false</enabled>
</snapshots>
<id>central</id>
<name>Maven Repository Switchboard</name>
<url>http://repo1.maven.org/maven2</url>
</repository>
</repositories>
<pluginRepositories>
<pluginRepository>
<releases>
<updatePolicy>never</updatePolicy>
</releases>
<snapshots>
<enabled>false</enabled>
</snapshots>
<id>central</id>
<name>Maven Plugin Repository</name>
<url>http://repo1.maven.org/maven2</url>
</pluginRepository>
</pluginRepositories>
it has the absolute url where the maven repo is for the project but maven is still trying to download from the general maven repo
Maven will try to find dependencies in all repositories declared, including in the central one which is there by default as we saw. But, according to the trace you are showing, you only have one repository defined (the central repository) or maven would print something like this:
Reason: Unable to download the artifact from any repository
url.project:project:pom:x.x
from the specified remote repositories:
central (http://repo1.maven.org/),
another-repository (http://another/repository)
So, basically, maven is unable to find the url.project:project:pom:x.x because it is not available in central.
But without knowing which project you've checked out (it has maybe specific instructions) or which dependency is missing (it can maybe be found in another repository), it's impossible to help you further.
By default, Maven will always look in the official Maven repository, which is http://repo1.maven.org.
When Maven tries to build a project, it will look in your local repository (by default ~/.m2/repository but you can configure it by changing the <localRepository> value in your ~/.m2/settings.xml) to find any dependency, plugin or report defined in your pom.xml. If the adequate artifact is not found in your local repository, it will look in all external repositories configured, starting with the default one, http://repo1.maven.org.
You can configure Maven to avoid this default repository by setting a mirror in your settings.xml file:
<mirrors>
<mirror>
<id>repoMirror</id>
<name>Our mirror for Maven repository</name>
<url>http://the/server/</url>
<mirrorOf>*</mirrorOf>
</mirror>
</mirrors>
This way, instead of contacting http://repo1.maven.org, Maven will contact your entreprise repository (http://the/server in this example).
If you want to add another repository, you can define a new one in your settings.xml file:
<profiles>
<profile>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<repositories>
<repository>
<id>foo.bar</id>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
<url>http://new/repository/server</url>
</repository>
</repositories>
You can see the complete settings.xml model here.
Concerning the clean process, you can ask Maven to run it offline. In this case, Maven will not try to reach any external repositories:
mvn -o clean
tl;dr
All maven POMs inherit from a base Super POM.
The snippet below is part of the Super POM for Maven 3.5.4.
<repositories>
<repository>
<id>central</id>
<name>Central Repository</name>
<url>https://repo.maven.apache.org/maven2</url>
<layout>default</layout>
<snapshots>
<enabled>false</enabled>
</snapshots>
</repository>
</repositories>
I think what you have missed here is this:
https://maven.apache.org/settings.html#Servers
The repositories for download and deployment are defined by the repositories and distributionManagement elements of the POM. However, certain settings such as username and password should not be distributed along with the pom.xml. This type of information should exist on the build server in the settings.xml.
This is the prefered way of using custom repos. So probably what is happening is that the url of this repo is in settings.xml of the build server.
Once you get hold of the url and credentials, you can put them in your machine here: ~/.m2/settings.xml like this:
<settings ...>
.
.
.
<servers>
<server>
<id>internal-repository-group</id>
<username>YOUR-USERNAME-HERE</username>
<password>YOUR-PASSWORD-HERE</password>
</server>
</servers>
</settings>
EDIT:
You then need to refer this repository into project POM. The id internal-repository-group can be used in every project. You can setup multiple repos and credentials setting using different IDs in settings xml.
The advantage of this approach is that project can be shared without worrying about the credentials and don't have to mention the credentials in every project.
Following is a sample pom of a project using "internal-repository-group"
<repositories>
<repository>
<id>internal-repository-group</id>
<name>repo-name</name>
<url>http://project.com/yourrepourl/</url>
<layout>default</layout>
<releases>
<enabled>true</enabled>
<updatePolicy>never</updatePolicy>
</releases>
<snapshots>
<enabled>true</enabled>
<updatePolicy>never</updatePolicy>
</snapshots>
</repository>
</repositories>
Basically, all Maven is telling you is that certain dependencies in your project are not available in the central maven repository. The default is to look in your local .m2 folder (local repository), and then any configured repositories in your POM, and then the central maven repository. Look at the repositories section of the Maven reference.
The problem is that the project that was checked in didn't configure the POM in such a way that all the dependencies could be found and the project could be built from scratch.