librelist archives

« back to archive

[ANN] Leiningen 2.4.3

[ANN] Leiningen 2.4.3

From:
Phil Hagelberg
Date:
2014-08-05 @ 23:53
Hello everyone.

I'm happy to announce the release of Leiningen 2.4.3. This release
includes a number of small fixes and one big fix: access to the Central
repository now occurs over HTTPS since Sonatype opened up public SSL
access to Central yesterday[1]. Please upgrade your copy of Leiningen to
get this important security fix. If for some reason you are unable to
upgrade, you can put this code in your user profile[2] to get SSL access
From older versions of Leiningen:

    :mirrors {"central" {:name "securedcentral" 
                         :url "https://repo1.maven.org/maven2"}}

Note that this only works under Leiningen 2.x; users of Leiningen 1.x
should upgrade to get secure access.

Here's a full list of user-visible changes:

* Allow implicit hooks/middleware to be disabled. (Phil Hagelberg)
* Print compilation errors as they occur. (Paul Legato)
* Switch Central repository to using HTTPS. (Manfred Moser)
* Add `LEIN_NO_USER_PROFILES` to avoid loading user profile. (Hugo Duncan)
* Fix deploy task to work with signature files. (Phil Hagelberg)
* Allow vcs tags to be created with a prefix. (Yannick Scherer)
* Default to warning when version ranges are present. (Phil Hagelberg)
* Let templates be loaded from `:plugin-repositories`. (Jason Felice)

As usual, `lein upgrade` will pull in the latest version, and `lein
downgrade 2.4.2` will go back to the previous version if something in
the new version is broken for you.

Thanks to everyone who helped make this release happen.

-Phil

[1] - http://blog.sonatype.com/2014/08/https-support-launching-now

[2] - If you don't have a user profile yet, paste this into ~/.lein/profiles.clj:

{:user {:mirrors {"central" {:name "securedcentral" 
                             :url "https://repo1.maven.org/maven2"}}}}