The Central Repository Stands to Support Sailors from Bintray – 3 steps to take now to protect your builds from failing

The shutdown of Bintray and JCenter comes as a rough entry in the 2021 Bingo card for many developers – most Android projects as well as Gradle and many others publish their artifacts via Bintray into JCenter. The migration timelines are tight for… Continue reading The Central Repository Stands to Support Sailors from Bintray – 3 steps to take now to protect your builds from failing

What Publishers Need to Know About Migrating from JCenter / Bintray to The Central Repository

We know the news about JFrog sunsetting Bintray/JCenter has been unsettling for many. Our goal is to make the migration to The Central Repository as easy as possible – whether you’re just consuming components or if you’re publishing them as well. … Continue reading What Publishers Need to Know About Migrating from JCenter / Bintray to The Central Repository

Dear Bintray and JCenter Users – Here’s What You Need to Know About The Central Repository

If you’re freaking out because JFrog announced it’s sunsetting Bintray and JCenter, and are concerned about moving your Java components into The Central Repository, I want to first and foremost say – don’t worry. We’re here for you and I personall… Continue reading Dear Bintray and JCenter Users – Here’s What You Need to Know About The Central Repository

Sonatype Stops Software Supply Chain Attack Aimed at the Java Developer Community

On January 7th, Sonatype became aware of 3 malicious brandjacking components which were published to the Maven Central Repository in the last week of 2020. 
The post Sonatype Stops Software Supply Chain Attack Aimed at the Java Developer Community… Continue reading Sonatype Stops Software Supply Chain Attack Aimed at the Java Developer Community

Microsoft Acquires npm: A Healthy Move for Critical Public Infrastructure

Today, news broke that GitHub and its parent company Microsoft, acquired npm and its public repository of open source JavaScript packages.
In 2018 when Microsoft acquired Github, many in the developer community had a cautious, even emotional respo… Continue reading Microsoft Acquires npm: A Healthy Move for Critical Public Infrastructure

Helm & Nexus: Steering Towards Faster Deployments in Nexus 3.21

The Nexus team is fully rigged as we steer into a big year for new features and releases in 2020! We are excited to announce the official release of Nexus Repository 3.21, stacked with new formats including native support for Helm in both Nexus Re… Continue reading Helm & Nexus: Steering Towards Faster Deployments in Nexus 3.21

The Central Repository is Moving to HTTPS

As stewards of Maven Central, Sonatype is responsible for hosting and transmitting a disproportionately high volume of the Java ecosystem’s open-source components. In the month of November 2019 alone, total requests to Maven Central across N… Continue reading The Central Repository is Moving to HTTPS

Removing Search Guard from the Central Repository

We at Sonatype take our responsibility as stewards of the Central Repository (Central) very seriously, and for well over a decade we have been dedicated to the ideal of immutability when it comes to serving components to the community that relies … Continue reading Removing Search Guard from the Central Repository