From bbdb7c1bc608a432a51775f3768697a2f55cbe8e Mon Sep 17 00:00:00 2001
From: Adam Williams <lol768@lol768.com>
Date: Mon, 3 Apr 2017 19:14:08 +0100
Subject: [PATCH] Ensure archive fetch script uses HTTPS download

This is to prevent an MitM possible by downloading the releases
in plain text (using HTTP). Per scala/scala-lang#627 this script
appears to make artifacts available on scala-lang.org and so any
form of attack here could be problematic.
---
 scripts/jobs/release/website/archives | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/jobs/release/website/archives b/scripts/jobs/release/website/archives
index 870c6f30b..25016bb1a 100755
--- a/scripts/jobs/release/website/archives
+++ b/scripts/jobs/release/website/archives
@@ -2,7 +2,7 @@
 # need to re-declare it as an array, not sure how to do that directly in jenkins
 declare -a sshCharaArgs="$sshCharaArgs"
 
-url="http://downloads.lightbend.com/scala/$version"
+url="https://downloads.lightbend.com/scala/$version"
 
 if [[ "$version" =~ ^.*-(bin|pre)-[0-9a-f]+$ ]]
 then archivesDir="~linuxsoft/archives/scala/nightly/2.12.x"