Update java.bzl best practices regarding HTTPS

While HTTP is faster and SHA256 already guaranteed data hasn't been tampered with, it does give visibility over the wire regarding which jars are being transmitted. The true purpose of this change is to bring these practices into greater consistency with Google's broader vision of using HTTPS as much as possible. PiperOrigin-RevId: 175328286
author: jart <jart@google.com> 2017-11-10 22:29:13 +0100
committer: Damien Martin-Guillerez <dmarting@google.com> 2017-11-10 23:28:16 +0100
commit: 1c639ab3d40ca5ae38440d7c0ee01248707c5da3 (patch)
tree: 45b7ea636e24004510672ccea3cd983eb1c99bfa
parent: 5d6d28e07f58600090055da7e62454cfc2677fbf (diff)
1 files changed, 0 insertions, 1 deletions
diff --git a/tools/build_defs/repo/java.bzl b/tools/build_defs/repo/java.bzl
index 7f3657bc69..766cb18109 100644
--- a/tools/build_defs/repo/java.bzl
+++ b/tools/build_defs/repo/java.bzl
@@ -46,7 +46,6 @@ The recommended best practices for downloading Maven jars are as follows:
 4. Make the second URL the original repo1.maven.org URL
 5. Make the third URL the maven.ibiblio.org mirror, if it isn't 404
 6. Always specify the sha256 checksum
-7. Prefer http over https unless curl -I says the http URL redirects to https
 
 Bazel has one of the most sophisticated systems for downloading files of any
 build system. Following these best practices will ensure that your codebase
author	jart <jart@google.com>	2017-11-10 22:29:13 +0100
committer	Damien Martin-Guillerez <dmarting@google.com>	2017-11-10 23:28:16 +0100
commit	1c639ab3d40ca5ae38440d7c0ee01248707c5da3 (patch)
tree	45b7ea636e24004510672ccea3cd983eb1c99bfa
parent	5d6d28e07f58600090055da7e62454cfc2677fbf (diff)