Skip to content

xdev-software/central

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
.github/workflows
.github/workflows
 
 
README.md
README.md
 
 

Repository files navigation

Central

Central repository for XDEV's GitHub packages

How to use it?

Note

Related GitHub documentation

~/.m2/settings.xml

<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
                      http://maven.apache.org/xsd/settings-1.0.0.xsd">

  <activeProfiles>
    <activeProfile>github-xdev</activeProfile>
  </activeProfiles>

  <profiles>
    <profile>
      <id>github-xdev</id>
      <repositories>
        <repository>
          <id>central</id>
          <url>https://repo.maven.apache.org/maven2</url>
        </repository>
        <repository>
          <id>github</id>
          <url>https://maven.pkg.github.com/xdev-software/central</url>
          <snapshots>
            <enabled>true</enabled>
          </snapshots>
        </repository>
      </repositories>
    </profile>
  </profiles>

  <servers>
    <server>
      <id>github-xdev</id>
      <username>USERNAME</username>
      <password>TOKEN</password>
    </server>
  </servers>
</settings>

FAQ

Why not publish into each corresponding repo?

Because we currently have around 50 individual repos that would all require you to add them to your settings.xml. This is impossible to manage and also massively degrades performance.

Snapshots?

Can be published into the repo but will be automatically deleted after a few days.

Snapshot Cleanup

Are the artifacts cryptographically signed?

Last updated: 2025-09

Yes, all artifacts should be signed with

-----BEGIN PGP PUBLIC KEY BLOCK-----

mDMEYanFmRYJKwYBBAHaRw8BAQdAwe6KCL97lXybaEP0YmvILxEra1NKqUy6MPyJ
1YslrwK0JVhERVYgU29mdHdhcmUgPGluZm9AeGRldi1zb2Z0d2FyZS5kZT6IkAQT
FggAOAIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBByUKHSrxufW8XAY4hTr
jkjDgOqqBQJlX1QbAAoJEBTrjkjDgOqqKrwBAJ+eAxW+JyUiD1ctvAeYllJlbUk0
d5O4DG93rrJNRnQNAQCEeDefKB1u/L3LuB9WSCHF7ferP+JZW2OMUHJq/QksB4iW
BBMWCAA+FiEEHJQodKvG59bxcBjiFOuOSMOA6qoFAmGpxZkCGwMFCQPCZwAFCwkI
BwIGFQoJCAsCBBYCAwECHgECF4AACgkQFOuOSMOA6qo5KgD/V0W56P++dbDWCEsG
G88luba7+P0VfHdMr92XsOEEtFwBAMrpkuXwLekBr2u6Ttn3iPtemQcX4mL2ng7k
PcuW2MgAuDgEYanFmRIKKwYBBAGXVQEFAQEHQHhTpH1gPCN99Lx9KGPbduU3h1Xm
XAoESkpyk40j/IdPAwEIB4h+BBgWCAAmAhsMFiEEHJQodKvG59bxcBjiFOuOSMOA
6qoFAmVfViUFCQmUfowACgkQFOuOSMOA6qqXWgD+MwUo/DI8rcDBq1drikcSSxJY
gxGC9+f/BDmbKpDF3EoA/0ybnShW/o41eRWnF/rMbjsedRkR0oW81PodEfgsyJYF
=XpZV
-----END PGP PUBLIC KEY BLOCK-----

Available at keyserver.ubuntu.com.
You can also inspect the public key online using tools like https://cirw.in/gpg-decoder/.

Additionally you can check the signed artifacts using maven plugins like the pgpverify-maven-plugin:
mvn org.simplify4u.plugins:pgpverify-maven-plugin:show -Dartifact=software.xdev:<artifactId>:1.2.3

Older releases (before 2022) might use different keys.

About

Central repository for XDEV's GitHub packages

github.com/orgs/xdev-software/packages?repo_name=central

Topics

packages maven central

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Packages