Bintray and JCenter are shutting down on February 1st, 2022. Relying upon repositories that are deprecated or scheduled to be shutdown can have unintended consequences; for example, artifacts being resolved from a different artifact server or a total failure of the CI build.

When artifact repositories are left unmaintained for a long period of time, vulnerabilities may emerge. Theoretically, this could allow attackers to inject malicious code into the artifacts that you are resolving and infect build artifacts that are being produced. This can be used by attackers to perform a supply chain attack against your project's users.

Always use the canonical repository for resolving your dependencies.

The following example shows locations in a Maven POM file where artifact repository upload/download is configured. The use of Bintray in any of these locations is not advised.

JFrog blog: Into the Sunset on May 1st: Bintray, JCenter, GoCenter, and ChartCenter