As you are the first one to notice this, I would think it would be or your local computer or your company repository. Which repositories are you using for your project?
With regards, Nick Stolwijk ~Java Developer~ IPROFS BV. Claus Sluterweg 125 2012 WS Haarlem http://www.iprofs.nl On Tue, Sep 22, 2009 at 9:47 AM, Richard Taylor <rjtay...@taz.qinetiq.com> wrote: > Hi > > I am completely new to maven, just running through some ServiceMix > tutorials (completely new to that too). > > Tracking down a 'mvn install' failure that said: > > [INFO] > ------------------------------------------------------------------------ > [ERROR] BUILD FAILURE > [INFO] > ------------------------------------------------------------------------ > [INFO] Compilation failure > > error: error > reading > /home/rjt/.m2/repository/org/springframework/spring-dao/2.0.6/spring-dao-2.0.6.jar; > error in opening zip file > error: error > reading > /home/rjt/.m2/repository/org/springframework/spring-support/2.0.6/spring-support-2.0.6.jar; > error in opening zip file > error: error > reading /home/rjt/.m2/repository/xerces/xerces/2.0.2/xerces-2.0.2.jar; > error in opening zip file > > I discover that the contents of these files are all spam web pages with > the title: "Truck Performance Chips". I then searched my local > repository for the same string and I get: > > grep -r Truck\ Performance\ Chips * > commons-collections/commons-collections/2.1/commons-collections-2.1.pom:<title>Car > & Truck Performance Chips</title> > commons-pool/commons-pool/1.2/commons-pool-1.2.pom:<title>Car & > Truck Performance Chips</title> > commons-pool/commons-pool/1.3/commons-pool-1.3.pom:<title>Car & > Truck Performance Chips</title> > org/springframework/spring-beans/2.0.6/spring-beans-2.0.6.pom:<title>Car > & Truck Performance Chips</title> > org/springframework/spring-core/2.0.6/spring-core-2.0.6.pom:<title>Car > & Truck Performance Chips</title> > org/springframework/spring-dao/2.0.6/spring-dao-2.0.6.pom:<title>Car > & Truck Performance Chips</title> > org/springframework/spring-dao/2.0.6/spring-dao-2.0.6.jar:<title>Car > & Truck Performance Chips</title> > org/springframework/spring-context/2.0.6/spring-context-2.0.6.pom:<title>Car > & Truck Performance Chips</title> > org/springframework/spring-support/2.0.6/spring-support-2.0.6.jar:<title>Car > & Truck Performance Chips</title> > org/springframework/spring-support/2.0.6/spring-support-2.0.6.pom:<title>Car > & Truck Performance Chips</title> > xerces/xerces/2.0.2/xerces-2.0.2.jar:<title>Car & Truck Performance > Chips</title> > xerces/xerces/2.0.2/xerces-2.0.2.pom:<title>Car & Truck Performance > Chips</title> > > This all looks very worrying. It suggests that one of the online > repositories has been infiltrated. > > Is there anyway to discover which repository these files came from? > > I am beginning to worry about safety of using all this code pulled > automatically from online repositories :-( > > Regards > > Richard > > > > The information contained in this E-Mail and any subsequent > correspondence is private and is intended solely for the intended > recipient(s). The information in this communication may be > confidential and/or legally privileged. Nothing in this e-mail is > intended to conclude a contract on behalf of QinetiQ or make QinetiQ > subject to any other legally binding commitments, unless the e-mail > contains an express statement to the contrary or incorporates a formal > Purchase Order. > > For those other than the recipient any disclosure, copying, > distribution, or any action taken or omitted to be taken in reliance > on such information is prohibited and may be unlawful. > > Emails and other electronic communication with QinetiQ may be > monitored and recorded for business purposes including security, audit > and archival purposes. Any response to this email indicates consent > to this. > > Telephone calls to QinetiQ may be monitored or recorded for quality > control, security and other business purposes. > > QinetiQ Limited > Registered in England & Wales: Company Number:3796233 > Registered office: 85 Buckingham Gate, London SW1E 6PD, United Kingdom > Trading address: Cody Technology Park, Cody Building, Ively Road, > Farnborough, Hampshire, GU14 0LX, United Kingdom > http://www.qinetiq.com/home/notices/legal.html > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@maven.apache.org > For additional commands, e-mail: users-h...@maven.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org
