Skip Navigation

Software Packages, Do We Even Need Them?

6 minute read time

Explore the evolution of package managers & the benefits of binary packages in software ecosystems. Learn how they enhance DevOps, security, & efficiency.

New Design, New Features: Maven Central Improvements for Developers

By Amanda Yeo on March 28, 2023 open source security

3 minute read time

Hosted by Sonatype, Maven Central has a refreshed interface and new features to improve the developer experience.

Best Practices in Dependency Management: Cooking a Meal of Gourmet Code

5 minute read time

Close to 85% of every application is open source software. Better understanding your software supply chain starts with understanding dependency management.

PGP vs. sigstore: A Recap of the Match at Maven Central

7 minute read time

We put code-signing tools PGP and sigstore in a head-to-head match with Maven Central users to find a winner. The results may surprise you.

Wicked Good Development Episode 22: Fall 2022 Maven Central Updates

By Kadi Grigg on December 02, 2022 Community

16 minute read time

Get the latest Maven Central updates, how we're addressing pain points, and the latest features that make Maven more unified and powerful than before. 

Wicked Good Development Episode 14: The Secret Life of Maven Central

By Kadi Grigg on August 26, 2022 Community

27 minute read time

Joel Orlina, an Engineering Manager at Sonatype, joins Kadi to share his insights on the previously unknown history of Maven Central.

Wicked Good Development Episode 3: A Look at the Past, Present, and Future of Maven Central

By Kadi Grigg on March 24, 2022 Everything Open Source

30 minute read time

If you utilize Java or any other JVM, there’s a good chance you know the Maven Central repository. Hear from long-time maintainers and contributors on its past, present, and future.

Maven Central and Sigstore

By Jason Swank on March 03, 2022 Product Strategy

2 minute read time

Sonatype has been investing heavily in Maven Central, modernizing the platform & providing a developer experience of contemporary software registries.

Find and Fix Vulnerabilities in Seconds using GitHub PR Reviews with Line Comments

By Kevin Miller on July 07, 2020 github

2 minute read time

Pull Request line comments highlight code that introduces a policy violation. This gives developers the information needed to remediate security risks.