Central Repository Changelog

From now on, the only valid way to verify the ownership of a Domain is to use the TXT setting process. Redirect from the custom domain to a personal SCM (github, gitlab, etc) website is now not enough to prove Domain ownership.

You could find more information in how to set a TXT record in the FAQ Article How to set a TXT Record.

As the SKS Keyserver Network, used to publish and query gpg keys for Maven Central repository, is being deprecated it's recommended to use one of the gpg keyservers supported when publishing artifacts by Maven Central.

For more info, please check the supported keyservers in the Distributing Your Public Key article.

Great new capabilities are rolling out to help make the components you publish even safer and higher quality!

For more info, please check the New Maven Central security capabilities article.

With this new relaunch of https://central.sonatype.org you will have some new features like Search inside the docs, dark theme and a faster experience.

com.github will no longer be supported as a valid groupId prefix. Github has announced that they will stop redirecting GitHub Pages sites from *.github.com to the *.github.io domain, and requested that coordinates for individual projects only use io.github prefixes from now on.

Current projects already using the com.github groupId in Central are not affected by this change.

New projects will be allocated in the new server s01.oss.sonatype.org. Old projects using oss.sonatype.org instance are not affected by this change.

For more info, please check the New Users on s01.oss.sonatype.org article.

Access to http://repo1.maven.org, central.maven.org, uk.maven.org was disabled. Please use the recommended secure https access https://repo1.maven.org

For more info, please check the Central HTTP deprecation update article.

There is a new status page available at https://status.maven.org. The site provides more granular insights into the status of Maven Central, including uptime for Search, OSSRH, and our Content Delivery Network. Central users will notice that the Maven Central status field at https://status.sonatype.com now redirects to https://status.maven.org for consistency.

The new status page provides system metrics relevant for publishers to the Central repository including publish latency and search indexing latency. Users can now subscribe to receive updates directly via email.

Visit and subscribe to the new status page here. You may also reach the new status page via the integrated status widget in the top right of our homepage.

Unsecure access https://insecure.repo1.maven.org enabled. This URL will continue to be supported after the January 2020 TLS only cutover date. it's recommended to use secure access (http://repo1.maven.org) where possible.

As part of the update to NXRM 2.11 the enforcing of valid dependencies was enabled. This will only affect you if you are using Gradle and the Apache Ivy version range syntax for selecting latest sub-revision e.g. 16+.

For more info please check the Enforcing valid dependency versions article.

It is live! Within an extremely short turnaround time the Sonatype Operations team has coordinated certificates and other setup with our excellent CDN provider Fastly and you can now all enjoy the content of the Central Repository via HTTPS/SSL.

Going forward we urge all upstream projects to adopt the secure URL as part of their default configuration. In the mean time we have updated the instructions for consuming components from the Central Repository with all the details necessary for your repository manager, build tool or other access mode you are using.

We hope you enjoy this new feature and look forward to your feedback!