What’s happening Maven Central has begun enforcing new rate limits on requests. Customer jobs that download dependencies from Maven Central are receiving HTTP 429 responses as a result. Additional background is available in Sonatype’s FAQ on 429 errors.
What’s impacted Customers running jobs that pull dependencies from Maven Central.
What can you expect Affected jobs will see 429 responses when downloading dependencies from Maven Central. Thank you for your patience while our engineers investigate options to mitigate or reduce these issues.
Update: Resolved
We have worked with Sonatype to allowlist CircleCI’s dedicated IP ranges, and they have temporarily paused automatic blocking of new IPs. Builds should no longer be failing due to Maven Central rate limits.
Customers using our IP Ranges feature should no longer see Maven Central rate limits affecting their jobs.
If your jobs failed during this window, you can safely rerun them; no configuration changes are required at this time.
We are continuing work to implement a longer-term solution to fully address this for all customers. Thank you for your patience.
Update:
To reduce load on Maven Central and help avoid rate limit errors when pulling dependencies, CircleCI has introduced a registry cache and proxy. You can opt in to this by running the following command in your job before any dependency installation steps:
circleci experiment registry config --maven
This writes a Maven settings file to ~/.m2/settings.xml that routes Maven Central requests through the CircleCI proxy, and exports CIRCLECI_MAVEN_REGISTRY_ENDPOINT and CIRCLECI_REGISTRY_TOKEN to $BASH_ENV for use in subsequent steps.
Additional flags are available:
--gradle configures Gradle to use the proxy--lein configures Leiningen to use the proxy--all configures all three (Maven, Gradle, and Leiningen)--env exports the registry credentials as environment variables only, without writing config files
This is an experimental command and the interface may change. We plan to add support for additional package registries and to make this configuration automatic in future updates.