https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/libraries/java/Recent content in Chainguard Libraries for Java onHugo -- gohugo.ioen-USTue, 25 Mar 2025 08:04:00 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/libraries/java/overview/Tue, 25 Mar 2025 08:04:00 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/libraries/java/overview/Introduction Chainguard Libraries for Java provides enhanced security for the Java ecosystem by rebuilding popular Maven dependencies with the latest patches and comprehensive supply chain protection. As the first supported ecosystem in Chainguard Libraries, this service addresses critical vulnerabilities in the vast Java/JVM ecosystem that spans hundreds of projects from organizations like the Apache Software Foundation, Eclipse Foundation, and numerous independent maintainers. Chainguard Libraries for Java provides access to all open source libraries commonly used.https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/libraries/java/global-configuration/Tue, 25 Mar 2025 08:04:00 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/libraries/java/global-configuration/Java and JVM library consumption in a large organization is typically managed by a repository manager. Commonly used repository manager applications are Cloudsmith, Google Artifact Registry, JFrog Artifactory, and Sonatype Nexus Repository. The repository manager acts as a single point of access for developers and development tools to retrieve the required libraries. At a high level, adopting the use of Chainguard Libraries consists of the following steps: Add Chainguard Libraries as a remote repository for library retrieval.https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/libraries/java/build-configuration/Tue, 25 Mar 2025 08:04:00 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/libraries/java/build-configuration/The configuration for the use of Chainguard Libraries depends on your build tools, continuous integration, and continuous deployment setups At a high level adopting the use of Chainguard Libraries consists of the following steps: Remove local caches on workstations and CI/CD pipelines. This step ensures that any libraries that were already sourced from other repositories are requested again and the version from Chainguard Libraries is used instead of other binaries. Change configuration to access Chainguard Libraries via your repository manager after the changes from the global configuration are implemented.https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/libraries/java/management/Tue, 25 Mar 2025 08:04:00 +0000https://deploy-preview-3175--ornate-narwhal-088216.netlify.app/chainguard/libraries/java/management/Chainguard Libraries for Java operates transparently after completing the global configuration and build configuration, automatically providing security-enhanced versions of your Maven dependencies. New artifacts and versions are retrieved from Chainguard’s hardened repository when available, while Maven Central and other configured repositories provide fallback access to ensure continuous development workflow without interruption. The following sections detail optional management, maintenance, and auditing steps on the repository manager and the build tool. Source verification Use chainver to verify that a specific library or file originates from Chainguard in an automated fashion or follow the steps in this section for manual verification.