Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor: Remove unnecessary parameter from configureRepositories #48596

Closed
wants to merge 2 commits into from
Closed

refactor: Remove unnecessary parameter from configureRepositories #48596

wants to merge 2 commits into from
+113 −17

Conversation

cortinico
Copy link
Contributor

Summary:
The second parameter of configureRepositories was unused. Let's remove it.

Changelog:
[Internal] [Changed] - refactor: Remove unnecessary parameter from configureRepositories

Differential Revision: D68016105

@cortinico @facebook-github-bot
[skip ci] Make the addition of JitPack repository configurable (faceb…
72c32f6 
…ook#48595)

Summary:

Historically React Native used to include the JitPack repository be default in the default repositories.

This sadly exposes React Native projects to supply chain attacks as explained here:
https://blog.oversecured.com/Introducing-MavenGate-a-supply-chain-attack-method-for-Java-and-Android-applications/

Moreover, artifacts on Jitpack are not GPG signed it's complicated to verify the identity of artifact authors.
I'm introducing a Gradle property to control if Jitpack should be included by default or not.

User can control this behavior by changing their `gradle.properties` file as such:

```
includeJitpackRepository=false
```

The default value of this property is currently true, but we're looking into changing it to false in the future.


Changelog:
[Android] [Added] - Make the addition of JitPack repository configurable

Differential Revision: D68016028
@cortinico @facebook-github-bot
refactor: Remove unnecessary parameter from configureRepositories
aed9a51 
Summary:
The second parameter of `configureRepositories` was unused. Let's remove it.

Changelog:
[Internal] [Changed] - refactor: Remove unnecessary parameter from configureRepositories

Differential Revision: D68016105
@facebook-github-bot facebook-github-bot added the CLA Signed This label is managed by the Facebook bot. Authors need to sign the CLA before a PR can be reviewed. label Jan 10, 2025
@facebook-github-bot
Copy link
Contributor

This pull request was exported from Phabricator. Differential Revision: D68016105

@facebook-github-bot facebook-github-bot added the Merged This PR has been merged. label Jan 10, 2025
@facebook-github-bot
Copy link
Contributor

This pull request has been merged in 7bb92a3.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
CLA Signed This label is managed by the Facebook bot. Authors need to sign the CLA before a PR can be reviewed. fb-exported Merged This PR has been merged. p: Facebook Partner: Facebook Partner
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cortinico @facebook-github-bot