Isn't Maven Central still using CDN for distribution?
I have been reading articles since 3 years ago highlighting why Jcenter is the best option for Maven Central, one of the main reasons for which is HTTPS transmission as a result of distribution over CDN. Maven Central had HTTP, is the Maven repository still using HTTP?
It would make sense for them to migrate to HTTPS comparing their competition (despite other areas where Jcenter excels). Have they done it yet?
Also, I would like to ask why using a CDN improves security. How does Maven Central distribute its libraries if not via CDN?
Thank you very much in advance.
source to share
HTTPS and CDN are two orthogonal distribution repository issues, and JCenter and Maven Central are both.
We (JFrog) have done a lot of experiments with CDNs (including the fast one that Maven Central uses) and went with the widest and fastest on the market today - Akamai. This means that your downloads will be served from servers closer to you and downloads will be faster.
But the differences are not limited to CDNs and the presence or absence of HTTPS. For example, having additional metadata such as maintainer, release notes, license information, etc. is critical to a modern distribution repository, and the ability to own your package when available through "canonical" repositories is also a huge benefit for developers. open source.
I'm with JFrog , the company behind 
bintray , jcenter and artifactory, see my profile for more details and links.
source to share