Central Archives

Open Publishing, Commercial Scale

Brian Fox | June 16, 2026 | Central, central repository, development infrastructure, Maven, Modern Infrastructure, open source, Publishing to the Central Repository, Registry, scale

This is not just a Maven Central story ...

2024 Sonatype Blog

Open is Not Costless: Reclaiming Sustainable Infrastructure

Brian Fox | April 28, 2026 | Central

For years, the software industry treated public package registries like a law of nature. They were simply there. Immutable, invisible, and somehow outside the normal rules of cost, capacity, and responsibility ...

2024 Sonatype Blog

From Abuse to Alignment: Why We Need Sustainable Open Source Infrastructure

Brian Fox | September 23, 2025 | Central, central repository, Maven, open source, Thought Leaders

Open source doesn't run on any individual project, foundation, or company — it runs on shared infrastructure. That's why we've come together with other stewards to issue a Joint Statement on Sustainable Stewardship ...

2024 Sonatype Blog

Beyond IPs: Addressing organizational overconsumption in Maven Central

Brian Fox | June 10, 2025 | Central, central repository, community, Maven, The Central Repository

When we published Maven Central and the Tragedy of the Commons, we highlighted a disturbing pattern: just 1% of IP addresses accounted for 83% of Maven Central's total bandwidth, often traced back ...

2024 Sonatype Blog

Maven Central and Sigstore

Jason Swank | March 3, 2022 | Central, DevZone, Maven, Product, Product Strategy

This article also appears in the Maven Central blog. As custodians of the Maven Central registry, it’s important to us here at Sonatype to ensure Central remains accessible, secure, and modern for ...

Sonatype Blog

The Central Repository is Moving to HTTPS

Terry Yanko | December 20, 2019 | Central, central maven repository, Community Product, HTTPS, HTTPS/SSL, Maven, Product, The Central Repository

As stewards of Maven Central, Sonatype is responsible for hosting and transmitting a disproportionately high volume of the Java ecosystem’s open-source components. In the month of November 2019 alone, total requests to ...

Sonatype Blog

Central

Open Publishing, Commercial Scale

Open is Not Costless: Reclaiming Sustainable Infrastructure

From Abuse to Alignment: Why We Need Sustainable Open Source Infrastructure

Beyond IPs: Addressing organizational overconsumption in Maven Central

Maven Central and Sigstore

The Central Repository is Moving to HTTPS

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On