SBOM, VDR, and Maven: Transforming the Apache Logging experience to a common pattern

By Hervé Boutemy on March 29, 2024 vulnerabilities

8 minute read time

CycloneDX Maven Plugin helps publish software bills of materials (SBOMs) and vulnerability disclosure reports (VDRs) and benefits open source projects

The history of Maven Central and Sonatype: A journey from past to present

By Aaron Linskens on November 14, 2023 Software Supply Chain

11 minute read time

Explore the evolution of Maven Central, highlighting its crucial role in the Java ecosystem and software development overall and its connection to Sonatype

Software packages, do we even need them?

6 minute read time

Explore the evolution of package managers & the benefits of binary packages in software ecosystems. Learn how they enhance DevOps, security, & efficiency.

New design, new feature: Maven Central improvements for developers

By Amanda Yeo on March 28, 2023 open source security

2 minute read time

Hosted by Sonatype, Maven Central has a refreshed interface and new features to improve the developer experience.

Best practices in dependency management: Cooking a meal of gourmet code

5 minute read time

Close to 85% of every application is open source software. Better understanding your software supply chain starts with understanding dependency management.

PGP vs. sigstore: A recap of the match at Maven Central

7 minute read time

We put code-signing tools PGP and sigstore in a head-to-head match with Maven Central users to find a winner. The results may surprise you.

Wicked Good Development Episode 22: Fall 2022 Maven Central updates

By Kadi Grigg on December 02, 2022 Community

15 minute read time

Get the latest Maven Central updates, how we're addressing pain points, and the latest features that make Maven more unified and powerful than before. 

Wicked Good Development Episode 14: The Secret Life of Maven Central

By Kadi Grigg on August 26, 2022 Community

27 minute read time

Joel Orlina, an Engineering Manager at Sonatype, joins Kadi to share his insights on the previously unknown history of Maven Central.

Wicked Good Development Episode 3: A look at the past, present, and future of Maven Central

By Kadi Grigg on March 24, 2022 Everything Open Source

30 minute read time

If you utilize Java or any other JVM, there’s a good chance you know the Maven Central repository. Hear from experts on its past, present, and future.