End of Life Announcement

Privacy Policy

2016-04-04 - 2018-07-06 v1.3.0 - v1.7.0

This Plugin is fully EU General Data Protection Regulation (GDPR) compliant and follows the principles of Privacy By Design and Privacy By Default.

Description of Function

The Maven Releaseinfo Macro in short MRIM is a plugin for Atlassian Confluence which runs as an OSGi Bundle inside Confluence.

The Plugin provides a way to visualize Maven-Releases provided by pom.xml files that are loaded from external resources (http).

Data Storage

A MRIM macro stores the pom-URLs, optional auth-username and optional auth-password in the macro-settings.

During a Confluence-Page-Render of a Page containing a MRIM Macro the following happens:

  • Firstly the CacheManager is asked if a cached version of the Maven-Release exists. If YES continue with 'Fourthly'.
    If NO then a temporary directory is created in the global temp-directory [System.getProperty("java.io.tmpdir")].
  • Secondly the Maven-Release pom.xml files are downloaded via a HTTP-Library into sub-directory of the temp-directory.
  • Thirdly the downloaded pom.xml files are parsed into memory into the MRIM Data-Structure and lastly stored via the CacheManager in the Cache.
  • Fourthly the Macro displays the cached MRIM Data-Structure as HTML as part of the Confluence Page.

No other Data is stored.

Network Connection

The plugin opens either HTTP-connections on TCP Port 80 or HTTPS-connections on TCP Port 443 to the pom.xml-URLs you specify. As described in 'Data Storage' the pom.xml files are downloaded for temporary processing.

MRIM does not download any other Data than the pom.xml URLs you specify. It also does not upload any data to third party Endpoints.

Collection of Personal Information

No personal information is collected.

Security Measures

The plugin uses built in Atlassian Objects to enforce Authorization meaning it depends on the security configuration of your confluence. Whoever has the permissions to edit a Confluence Page can also edit the MRIM macro settings.

It depends on the user-input if the pom.xml files are loaded via HTTPS or plain HTTP. You are encouraged to only use HTTPS Connections.

The plugin is provided over a secure TLS (https) connection when installed via the Atlassian Marketplace.

The user of CEP should enable TLS (https) for Confluence to secure Application against ethernet sniffing to avoid insecure authorization.