TL;DR – Sonatype Nexus, the de facto package repository for Java, doesn't support 2FA. What shall Java package lifters do?
Sonatype Nexus is the de facto repository manager software in the Java ecosystem. Sonatype, next to hosting the biggest package repository in the Java world (i.e., Maven Central Repository), is used by major Java software providers, e.g., Apache Software Foundation. Even though Nexus supports 2FA, it is not available for Maven Central and Apache Repositories. This makes it impossible for lifters of Java packages to address "Packages that need 2FA enabled on the Package Manager" tasks in their dashboards. How shall Java package lifters address this shortcoming?