Hot Topics

The Central Repository

Wicked Good Development: A Look at the Past, Present, and Future of Maven Central

| | DevZone, Everything Open Source, FEATURED, Maven, The Central Repository
Wicked Good Development is dedicated to the future of open source. This space is to learn about the latest in the developer community and talk shop with open source software innovators and ...
Sonatype Blog

Why Namespacing Matters in Public Open Source Repositories

| | bintray, Community Product, FEATURED, namespace, News and Views, The Central Repository
Yesterday we saw the disclosure of a report showing how a security researcher was able to successfully infiltrate 35+ name brand companies, primarily via npm. Ironically, the mechanism used to perpetrate the ...
Sonatype Blog

The Central Repository Stands to Support Sailors from Bintray – 3 steps to take now to protect your builds from failing

| | Community Product, FEATURED, Product, The Central Repository
The shutdown of Bintray and JCenter comes as a rough entry in the 2021 Bingo card for many developers - most Android projects as well as Gradle and many others publish their ...
Sonatype Blog

What Publishers Need to Know About Migrating from JCenter / Bintray to The Central Repository

| | Community Product, Product, The Central Repository
We know the news about JFrog sunsetting Bintray/JCenter has been unsettling for many. Our goal is to make the migration to The Central Repository as easy as possible - whether you're just ...
Sonatype Blog

Dear Bintray and JCenter Users – Here’s What You Need to Know About The Central Repository

| | Community Product, FEATURED, News and Views, Product, The Central Repository
If you’re freaking out because JFrog announced it's sunsetting Bintray and JCenter, and are concerned about moving your Java components into The Central Repository, I want to first and foremost say - ...
Sonatype Blog

Sonatype Stops Software Supply Chain Attack Aimed at the Java Developer Community

| | Community Product, FEATURED, Product, The Central Repository, Vulnerabilities
On January 7th, Sonatype became aware of 3 malicious brandjacking components which were published to the Maven Central Repository in the last week of 2020.  ...
Sonatype Blog
The economics of open source by C J Silverio | JSConf EU 2019

Microsoft Acquires npm: A Healthy Move for Critical Public Infrastructure

| | FEATURED, GitHub, Javascript, Microsoft, News and Views, npm, The Central Repository
Today, news broke that GitHub and its parent company Microsoft, acquired npm and its public repository of open source JavaScript packages. In 2018 when Microsoft acquired Github, many in the developer community ...
Sonatype Blog

Helm & Nexus: Steering Towards Faster Deployments in Nexus 3.21

| | FEATURED, Helm, Nexus Repository, Product, The Central Repository
The Nexus team is fully rigged as we steer into a big year for new features and releases in 2020! We are excited to announce the official release of Nexus Repository 3.21, ...
Sonatype Blog

The Central Repository is Moving to HTTPS

| | Central, central maven repository, Community Product, HTTPS, HTTPS/SSL, Maven, Product, The Central Repository
As stewards of Maven Central, Sonatype is responsible for hosting and transmitting a disproportionately high volume of the Java ecosystem’s open-source components. In the month of November 2019 alone, total requests to ...
Sonatype Blog

Removing Search Guard from the Central Repository

| | Community Product, elasticsearch, FEATURED, floragunn GmbH, Product, Search Guard, The Central Repository
We at Sonatype take our responsibility as stewards of the Central Repository (Central) very seriously, and for well over a decade we have been dedicated to the ideal of immutability when it ...
Sonatype Blog