Maven central package manager information.
Maven Central is tier .
| Control | Status | Comments |
|---|---|---|
| Strong Authentication | Optional | |
| MFA To Push Artifacts | Optional | |
| Security Contacts | No | |
| Packages Can Notify of Security Issues | ??? | |
| Code package tied to source code | No | |
| Update notifications | No | |
| Code signing | ??? | |
| Code analysis (static) | No | |
| Code Dependency Analysis | No | |
| Package Manager Does Not Run Code | Yes | |
| Package Manager Does Not Collect Info | Yes | |
| Project Roles Guide | No | |
| Project Roles Review | No | |
| Account Level Library Tagging | No |