Why Maven Fails After Updating IntelliJ IDEA 2021.3 and How to Fix It
After upgrading IntelliJ IDEA to version 2021.3, Maven 3.8.1 blocks HTTP repositories by default, causing private‑repo download failures, but you can resolve the issue by adjusting the Maven settings or switching to HTTPS.
Reason
Updating IntelliJ IDEA to 2021.3 upgrades the bundled Maven to version 3.8.1. Maven 3.8.1 introduces a security change (CVE‑2021‑26291) that blocks downloads from HTTP repositories by adding a default mirror called maven-default-http-blocker to prevent potential man‑in‑the‑middle attacks.
Because the private Maven repository is deployed on an internal network without HTTPS, Maven now refuses to download dependencies from it.
Solution
The simplest fixes are to downgrade IDEA, stop using the bundled Maven, or upgrade the private repository to use HTTPS. If you want to keep the current setup, remove the default mirror entry from settings.xml:
<mirror>
<id>maven-default-http-blocker</id>
<mirrorOf>external:http:*</mirrorOf>
<name>Pseudo repository to mirror external repositories initially using HTTP.</name>
<url>http://0.0.0.0/</url>
<blocked>true</blocked>
</mirror>If you installed IDEA via Toolbox on Windows, the configuration file is typically located at:
C:\Users\YourUser\AppData\Local\JetBrains\Toolbox\apps\IDEA-U\ch-0\<em>numeric_folder</em>\plugins\maven\lib\maven3\confOtherwise, look for the \maven\lib\maven3\conf directory inside the IDEA installation’s plugins folder.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Programmer DD
A tinkering programmer and author of "Spring Cloud Microservices in Action"
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.