Best Practices in Dependency Management: Cooking a Meal of Gourmet Code

5 minute read time

Close to 85% of every application is open source software. Better understanding your software supply chain starts with understanding dependency management.

PGP vs. sigstore: A Recap of the Match at Maven Central

7 minute read time

We put code-signing tools PGP and sigstore in a head-to-head match with Maven Central users to find a winner. The results may surprise you.

Wicked Good Development Episode 22: Fall 2022 Maven Central Updates

By Kadi Grigg on December 02, 2022 Community

16 minute read time

Get the latest Maven Central updates, how we're addressing pain points, and the latest features that make Maven more unified and powerful than before. 

Wicked Good Development Episode 14: The Secret Life of Maven Central

By Kadi Grigg on August 26, 2022 Community

27 minute read time

Joel Orlina, an Engineering Manager at Sonatype, joins Kadi to share his insights on the previously unknown history of Maven Central.

Wicked Good Development Episode 3: A Look at the Past, Present, and Future of Maven Central

By Kadi Grigg on March 24, 2022 Everything Open Source

30 minute read time

If you utilize Java or any other JVM, there’s a good chance you know the Maven Central repository. Hear from long-time maintainers and contributors on its past, present, and future.

Maven Central and Sigstore

By Jason Swank on March 03, 2022 Product Strategy

2 minute read time

Sonatype has been investing heavily in Maven Central, modernizing the platform & providing a developer experience of contemporary software registries.

Find and Fix Vulnerabilities in Seconds using GitHub PR Reviews with Line Comments

By Kevin Miller on July 07, 2020 github

2 minute read time

Pull Request line comments highlight code that introduces a policy violation. This gives developers the information needed to remediate security risks.

How to Publish Docker Images on a Private Nexus Repository Using Jib Maven Plugin

By Awkash Agrawal on June 08, 2020 AppSec

4 minute read time

Learn how to publish Docker images to a private Nexus repository with the help of the Maven Jib plugin.

How to Use Nexus Repository With Maven Deploy [VIDEO]

By Awkash Agrawal on May 11, 2020 Maven

2 minute read time

This short video and outline of steps demonstrate how to deploy Maven from Nexus Repository.