Allow insecure protocols, android gradle

android android-studio build.gradle

I recently updated my android studio to Arctic Fox and got an error in my project

A problem occurred configuring root project 'so10'.
> Could not resolve all dependencies for configuration ':classpath'.
   > Using insecure protocols with repositories, without explicit opt-in, is     unsupported. Switch Maven repository 
'maven3(http://oss.sonatype.org/content/repositories/snapshots)' to redirect to a secure protocol (like HTTPS) or allow insecure protocols.
 See https://docs.gradle.org/7.0.2/dsl/org.gradle.api.artifacts.repositories.UrlArtifactRepository.html#org.gradle.api.artifacts.repositories.UrlArtifactRepository:allowInsecureProtocol for more details.

This is my gradle where the problem occurs

repositories {
    // maven { url 'https://maven.fabric.io/public' }
    maven { url "https://jitpack.io" }
    maven { url 'https://raw.github.com/Raizlabs/maven-releases/master/releases' }
    maven { url 'http://oss.sonatype.org/content/repositories/snapshots'}
    maven { url "https://plugins.gradle.org/m2/" }
    maven { url 'https://maven.google.com'  }
    google()
    mavenCentral()
    jcenter()
}

How do I solve it?


Solution 1:

For insecure HTTP connections in Gradle 7+ versions, we need to specify a boolean allowInsecureProtocol as true to MavenArtifactRepository closure.
Since you have received this error for sonatype repository, you need to set the repositories as below:

repositories {
    //  maven { url "https://maven.fabric.io/public" }
    maven {
        url "https://jitpack.io"
    }
    maven {
        url "https://raw.github.com/Raizlabs/maven-releases/master/releases"
    }
    maven {
        url "http://oss.sonatype.org/content/repositories/snapshots"
        allowInsecureProtocol = true
    }
    maven {
        url "https://plugins.gradle.org/m2/"
    }
    maven {
        url "https://maven.google.com"
    }
    google()
    mavenCentral()
    jcenter()
}

Solution 2:

or you can just replace HTTP with HTTPS.

Solution 3:

For those using the Kotlin DSL, the property name is different isAllowInsecureProtocol

            maven {
                url = uri("http://oss.sonatype.org/content/repositories/snapshots")
                isAllowInsecureProtocol = true
            }

Solution 4:

Note that Gradle 7 onwards, any insecure URL is blocked, not only for repositories, so applying scripts would also fail.

apply from: "http://mycompany.com/buildscript.gradle"

Applying script plugins from insecure URIs, without explicit opt-in, is unsupported.

If you can't use HTTPS for whatever reasons, then do the following:

apply from: resources.text.fromInsecureUri("http://mycompany.com/buildscript.gradle")

However, if I were a Gradle dev, I'd provide a org.gradle.allow-insecure-protocol=true to be set in the gradle.properties and be done. I've opened https://github.com/gradle/gradle/issues/18006 for that.

Solution 5:

Add allowInsecureProtocol = true for all unsecure http in repositories e.g.

maven {
        url "http://storage.googleapis.com/r8-releases/raw"
        allowInsecureProtocol = true
    }

maven {
        url "http://tokbox.bintray.com/maven/"
        allowInsecureProtocol = true
    }

Related

Comparing two List<string> for equality
Count the number of items in my array list
How can I find whitespace in a String?
How to get the Stack trace when logging exceptions with NLog?
Julia compiles the script every time?
How to import data from text file to mysql database
What is the XPath expression to find only the first occurrence?
How to write SQL in a migration in Rails
RecyclerView and SwipeRefreshLayout
Handlebarsjs check if a string is equal to a value
If two objects are declared in a single line, in which order are they constructed?
Why are there dashes in a .NET GUID?