As a representative of Sonatype. The reality of cross build injection has been discussed for many years, I even linked to an XBI talk in my blog post announcing the availability of SSL. The reality is that prior to…
Signatures have been required on Central for years and there are tools to verify them, including repository managers. We strongly do not believe that you should entrust your private key to anyone else for signing, which…
The project to offer ssl free to every user of Maven Central is already underway. Stay tuned for details.
As a representative of Sonatype. The reality of cross build injection has been discussed for many years, I even linked to an XBI talk in my blog post announcing the availability of SSL. The reality is that prior to…
Signatures have been required on Central for years and there are tools to verify them, including repository managers. We strongly do not believe that you should entrust your private key to anyone else for signing, which…
The project to offer ssl free to every user of Maven Central is already underway. Stay tuned for details.