On April 30, 2026, the Mini Shai-Hulud campaign moved beyond npm and into Packagist. Attackers replaced the contents of 

, Intercom's official PHP client, with over 20.7 million lifetime installs, with a credential-stealing payload that executed at install time, before any application code ever called the library. PHP teams, Laravel applications, and continuous integration (CI) pipelines that updated to that version may need to treat affected environments as compromised.

The attack exploited two properties of Packagist that most PHP developers have little reason to question.

Packagist versions are not immutable. The registry mirrors tags from upstream Git repositories, and those tags allow force-updates to point to a different commit. The attacker force-pushed a malicious commit behind the existing 

 tag, replacing a known-good release without changing its version number. Any developer or CI system that ran 

 after 20:53 UTC on April 30 received the compromised artifact, even with an explicit version pin.

 as a Composer plugin, subscribing it to the 

 hooks. Composer ran attacker-controlled code as a natural part of installation so it didn’t require an import. The plugin executed a shell script that downloaded Bun 1.3.13 from GitHub Releases and ran an 11.7 MB obfuscated JavaScript payload called 

 as a background daemon. A legitimate PHP SDK has no business doing any of that.

 harvests credentials broadly: GitHub CLI tokens, npm tokens, SSH private keys, cloud credentials across AWS, Azure, and Google Cloud Platform (GCP), Docker registry credentials, Kubernetes configuration, HashiCorp Vault tokens, and 

 files. It also queries cloud secret-management services directly, e.g., AWS Secrets Manager, Azure Key Vault, GCP Secret Manager, and Kubernetes Secrets.

The payload encrypts stolen data with AES-256-GCM before exfiltrating it to a hardcoded endpoint at 

. If that channel fails, it falls back to GitHub-based exfiltration using any GitHub credentials it has already harvested.

It also carries supply chain propagation logic. Stolen npm tokens let it republish modified packages with injected install-time scripts. It writes payload files into GitHub repositories using commit messages like 

, designed to disappear into normal developer workflows.

The Mini Shai-Hulud Packagist attack follows the same pattern as the 

: a trusted package, a payload injected silently at install time, and a detection window too narrow for teams pulling directly from public registries to rely on.

Cloudsmith sits between your teams and public registries, applying security controls before packages reach build environments or developer machines. Age-based (

) policies would have identified the compromised 

 artifact immediately on publication, blocking it from entering any build until it cleared a configured minimum age threshold. According to internal data, in 2025, 99% of malicious npm packages received official verification within 72 hours. A cooldown policy buys exactly that kind of margin.

Cloudsmith continuously ingests threat intelligence from OSV.dev and the OpenSSF Malicious Packages project. Continuous package enrichment matches cached packages to malicious identifiers. A positive match triggers security policies, which automatically take the prescribed action that users define, e.g., block, quarantine, tag, etc., without requiring manual triage. Routing all Composer requests through Cloudsmith as an upstream proxy also gives your team a full audit trail of which package versions entered your artifact store and when. These are the first questions you need to answer when scoping an incident like this.

If you want to understand how these controls apply to your current Packagist and Composer setup, 

Mini Shai-Hulud reaches Packagist: the intercom/intercom-php compromise explained

Software delivery is often the last, yet frequently neglected, mile of the development lifecycle. For independent software vendors (ISVs), SDK providers, and teams shipping internal tools, the “how” of distribution is just as critical as the “what.” Too often, teams find themselves building and maintaining custom download pages, hosting infrastructure, and complex access controls that add zero value to their core product. These DIY systems are expensive to run, difficult to scale globally, and notoriously easy to misconfigure from a security standpoint.

When software downloads live on generic, third-party domains or lack clear, professional access controls, you risk losing the very thing your product depends on: developer trust. Distribution is an early trust checkpoint for many developers. If a developer hesitates to adopt your software because the delivery method feels disconnected or insecure, you’ve hit a roadblock that slows down your entire adoption funnel.

Software distribution should meet basic expectations for security, access control, and traceability without requiring you to become an infrastructure company. 

Cloudsmith Broadcasts

Broadcasts is Cloudsmith’s built-in, dedicated software distribution capability designed for delivering packages to customers and partners. It allows your team to publish software through secure, branded endpoints hosted under your own domain. Essentially, it acts as a professional front door for your artifacts, abstracting away the headache of building or maintaining custom download portals.

Built on Cloudsmith’s cloud-native architecture, Broadcasts handles the heavy lifting of global scaling and replication. Whether you are distributing a public CLI tool to thousands of developers or a proprietary SDK to a handful of enterprise partners, Broadcasts ensures your software delivery is available, secure, and on brand. It supports both open-source and commercial distribution, and manages access through granular entitlements and seamless integration with native developer tools.

Professional delivery with your own branding

Your brand shouldn’t stop at your documentation page. Many teams struggle with package endpoints that feel disconnected from their identity, leading to confusion and reduced trust among the developer community. Broadcasts solve this by enabling teams to present their distribution experience with their own identity, featuring the same branding, domain, and look and feel that users expect.

By using custom domains and tailored presentation settings, you provide extra reassurance. When a user decides whether to install a package, seeing your company’s domain and branding reinforces that the software is authentic and supported.

Beyond aesthetics, Broadcasts give you control over the technical presentation of your packages. You can configure how to display package information, download links, and license details to end-users. This flexibility ensures that you are providing the exact context a developer needs to successfully integrate your software, all without compromising Cloudsmith’s built-in security and reliability.

Not all software is meant for everyone. Whether you are protecting commercial IP or managing internal tools, Broadcasts provide a range of access models to fit your distribution strategy.

For community tools or public-facing software, public Broadcasts make all packages from a repository openly accessible. This is ideal for increasing the reach of your software without forcing users through unnecessary authentication hurdles.

Protecting proprietary content–like premium SDKs or internal artifacts–is a major challenge for many organizations. Setting up secure, access-controlled methods often requires significant engineering time.

Private Broadcasts provide a dedicated, access-controlled portal where you manage access through secure entitlement tokens. This ensures that only authorized partners or internal teams can view and download your packages. It guarantees robust security, compliance, and IP protection without compromising the end-user experience. You get the security of a private repository with the professional interface of a public one.

The best distribution platform is the one developers don’t have to think about. Developers expect to fetch packages through native tools, whether it’s npm, pip, maven, or a system-level CLI. If your distribution method doesn’t align with these workflows, you create friction that slows down adoption.

Broadcasts are built to integrate directly with native developer tooling. Users can access artifacts through their preferred CLI or CI/CD tools, creating a smooth, workflow-friendly experience. By meeting developers where they already work, you remove the roadblocks that can stall the rollout of new software versions.

Distributing software shouldn’t be a black box. Many teams ship artifacts without knowing which versions users actually download, who is using them, or whether adoption is trending up or down.

Broadcasts include built-in analytics that provide clear visibility into software distribution and adoption. You can track:

: Understand the raw volume of software consumption.

: See which versions are popular and which are being phased out.

: Identify where in the world your users are located.

: Monitor trends over time to predict infrastructure needs or marketing success.

These insights help teams optimize their delivery strategies and understand user behavior more deeply. This data is accessible through both the Cloudsmith web app and the API, allowing you to feed these metrics into your own internal business intelligence tools.

One of the primary differentiators of Broadcasts is its ease of use compared to DIY alternatives. You don’t need to spend weeks designing a portal or configuring web servers.

You can enable a Broadcast instantly from any existing Cloudsmith repository. This immediately creates a professional interface for your end-users without the need for additional infrastructure.

Upload your logo, set your brand colors, and configure your custom domain.

: Navigate to your repository and enable the Broadcast feature.

: Choose between public or private access and generate entitlement tokens for your users if necessary.

: Monitor your performance through the built-in analytics dashboard.

For more information about specific settings, check out the 

The goal of Cloudsmith Broadcasts is to remove the burden of distribution infrastructure. By reducing operational overhead and security risks, Broadcasts help your team stay focused on what matters most: building your core product.

By aligning distribution with your brand identity and providing the tools for secure, manageable access, you can deliver a professional experience that reinforces trust and accelerates adoption. Stop building custom portals and start broadcasting your software with Cloudsmith.

 to discuss your unique distribution needs.

Cloudsmith Broadcasts: Distribute software on your own terms

, with participation from our existing investors, to build the operating system for the modern software supply chain. The timing matters because AI is changing what it means to build software.

We’ve been doing it long enough to see the internet change how we distribute software. We’ve seen open source change how we reuse components. We’ve seen CI/CD change how we build and deploy. We’ve seen cloud change how we run infra. We’ve seen SaaS change how we architect applications.

With each evolution, we expand what developers can achieve and how quickly they can move. We evolve our way of working and the tools we use. AI may be the most consequential evolution yet because it touches every area I just listed.

Developers will always play a central role, even as bots update dependencies, CI/CD systems continuously consume artifacts, agents write code and push changes through systems at a scale that humans can’t manually review at the same pace. Developers know what to build and why, but there’s been a change in the laws of physics for software.

We want developers to move faster. We want teams spending less time fighting infrastructure and more time building things that matter. Our tools must make building software safe, so we trust developers to run at maximum tilt.

Software is becoming easier to create than to trust.

Cloudsmith sits at a critical point in the trust chain. That is why this Series C matters: it gives us the fuel to deliver on that promise at a time when software is becoming easier to create than to trust.

Artifact management was always the control point

When Cloudsmith began, artifact management was still seen as busywork and plumbing - necessary, but boring. You wrote code, pushed packages somewhere, pulled them into another system, and moved on. But Cloudsmith didn’t see it that way.

When you think about how we construct software, source code matters, but really, most software actually exists as “artifacts” - our word for packages, containers, dependencies, metadata, SBOMs, signatures, provenance, and builds.

Artifacts are the threads that connect modern software creation, consumption, governance, and delivery.

Artifact management was seen as repositories, storage, and developer convenience - a place to hold packages. But things have gotten… complicated. The explosion of open-source packages, evolving threats to the software supply chain, and the rise of agentic AI software development have shown that artifacts are, in fact, the critical control point.

Cloudsmithers are true believers. The market has now caught up with that belief.

There were easier ways to build Cloudsmith. But we had the conviction that artifact management is what ultimately mattered most. We chose to focus on the fundamentals: simple by design, secure by default, and genuinely cloud-native. We also chose to build a multi-tenant-only platform that would benefit everyone plugged into it. That was not always the cheapest approach, nor was it always the obvious one. But we believed it was the right one.

Software and AI have entered the age of assembly

Software is assembled far more than it’s authored. We build software by combining ingredients - what developers call “dependencies” - into something useful. The flow of ingredients is what we call the software supply chain. The shift from “write code myself” to “assemble software from components” has been happening for decades; AI agents have accelerated this to a breathtaking scale.

Think of this as the AI software factory - a place where we build pipelines for AI to assemble software. Humans decide what to build and oversee the process. Agents write and change the code. CI/CD systems build and test the components they produce. Partner tools inspect them. Registries and package managers supply additional ingredients. Deployment systems ship the final product.

 that over 1.1 million public repositories import LLM SDKs, with 518 million merged PRs, growing 29% annually. I’m certain that’s accelerated in the past 6 months.

Every dependency use is a trust decision, and every artifact has provenance: where it came from. Every artifact should also have a policy: how it should be used. And every artifact has ownership: who is responsible for it. Because every artifact has a blast radius: what happens if it is vulnerable, malicious, or misconfigured?

These decisions matter, whether you make them explicitly or you just let them happen. We’ve collectively let our guard down when it comes to software supply chain trust, and threat actors know it. Their attacks are increasing, they’re creative and ever-changing, and they’re effective enough that every serious organization has to care.

 in March 2025 affected more than 23,000 code repositories and exposed CI/CD secrets in workflow logs. Axios, one of the npm ecosystem’s most widely used HTTP clients, was 

 (April 2026) through malicious npm releases that deployed a cross-platform Remote Access Trojan (RAT), at a scale of 100 million downloads per week. Those represent huge surface areas of potential impact.

Despite these incidents, we’re going to keep building software using components, and if anything, we’re speeding up. “Don’t use dependencies” isn’t an option. The only viable path is forward - to control the flow of components (we’d say “artifacts” at Cloudsmith).

Automating the control point for the new age

Humans have traditionally been the control surface for the software supply chain. Developers are trained to pull packages from public registries. For example, every Python 101 course teaches “pip install” on the first day, accepting that the default target is PyPI. It’s not until advanced courses (if ever) that developers start asking, “Where exactly do those packages come from, anyway?”

As you assemble teams to build software, you typically add some rigor to dependency management, with manual reviews, metrics, logs, and dashboards. You might already have reactive security scanning that blocks unwanted packages when PRs are merged, at the end of the development process. But that approach no longer scales. To keep up with modern software velocity, teams need automation, along with, by default, machine-enforceable, context-rich guardrails that are fast enough to prevent bottlenecks.

Cloudsmithers are optimistic by nature. We’re not into fear, uncertainty, and doubt. We’re more about clarity, control, and confidence. Clarity means knowing which packages are being used. Control means governing how they move and how they are distributed. Confidence means developers and agents can move fast without breaking trust.

Visibility here matters - we need SBOMs, SCA, and inventory tools to see and understand the software supply chain. But we actually need more than to see the problem space; we need to control it. That’s what makes artifact management so critical to governing the software supply chain.

We say at Cloudsmith that you need visibility to get control, and you need control to get security. Security is ultimately a by-product of strong controls and visibility.

Cloudsmith isn’t an application security tool; we’re infrastructure, and our role in the modern software factory is to serve as the artifact control plane. We sit where software components cross boundaries: from upstreams into the enterprise, from developers into builds, from builds into environments, and beyond. Cloudsmith is where you manage software artifacts, attach metadata, prove provenance, enforce policy, and govern distribution.

Stronger security is a by-product of a stronger underlying control point.

Cloudsmith 2.0: the operating system for the modern software supply chain

Cloudsmith 2.0 is our vision for the operating system of the modern software supply chain. It’s our underlying architecture, and it’s what makes Cloudsmith more than just a registry service for artifacts.

We use the operating system metaphor deliberately because operating systems are foundational. They provide shared primitives and guarantees that make it easier, faster, and safer to build complex systems. The modern software supply chain needs the same thing: artifact identity, metadata, provenance, policy, audit, routing, caching, and delivery, all working together across a global graph of producers, consumers, partners, and ecosystems.

The Cloudsmith 2.0 operating system is built around three core layers:

A record layer that gives you a durable source of truth for artifacts, identity, metadata, and provenance.

A control layer that lets you make fast, enforceable, and auditable decisions.

A delivery layer that distributes software efficiently to your developers, pipelines, and external customers.

Partners can plug data, signals, workflows, and expertise into those layers, while customers build their own software supply chain workflows on top. Together, those layers turn artifact management into a shared data and control plane, where components are governed and delivered at web scale.

Cloudsmith is built for this because we are global, cloud-native, and multi-tenant by design. Our DNA is different from legacy, per-installation, single-tenant registry architecture that dominated the artifact management space before we came along. The Cloudsmith 2.0 operating system means package health intelligence, actionable feedback, data pre-computation, and fast policy decisions compound across the ecosystem.

A big benefit of Cloudsmith 2.0 is that more work can be done in advance. Artifacts are ingested, canonicalized, enriched, stored, and linked before they are requested. Actionable policy decisions happen quickly because the system already has the data. Software delivery is more predictable with a platform built on global routing, caching, and connectivity.

That’s pretty technical, but the outcomes are clear: safer, faster software, at any scale. One signal protects many customers. Each trusted record reduces duplicated work. A unified control plane helps cross-functional, distributed teams make better trust decisions and consume software with the right evidence and controls.

Accelerating Cloudsmith’s vision with partners, investors, and customers

Our Series C financing is fuel for the mission we’ve been on since we started.

We will accelerate Cloudsmith 2.0, with AI-native workflows, stronger software supply chain controls, a deeper automated policy engine, richer provenance and insights, package-aware delivery and connectivity, and more pluggability with partner tools.

Cloudsmith believes in partnerships. Surprisingly, this is still a fairly radical notion in the artifact management market. But we just don’t think any one vendor will supply the definitive scanner, CI/CD pipelines, security data source, and workflow tooling an enterprise needs. The better approach is an open control plane where partners combine their signals, workflows, and expertise into a central software component control point.

“Docker has always been where developers build and ship software, and security has to be the default, not an afterthought. Docker Hardened Images and Docker Hardened System Packages set a new standard for trusted containers. With Cloudsmith, enterprises can manage those hardened components at scale and deliver secure software without friction."

“Cloudsmith has become one of the most important pieces of infrastructure in the modern SDLC - the cloud-native artifact registry that replaces legacy tools and actually scales with how enterprises ship software. Our joint customers integrate it with Endor Labs for malicious package firewalling, function-level reachability, and automated remediation. That combination is powerful for securing the AI coding era.”

 – Varun Badhwar, Founder and CEO, Endor Labs

“Cloudsmith has been a great partner with Aikido. We're both re-inventing what it means to secure the software supply chain. We're seeing Cloudsmith a lot more in our customer base, and they're great to work with.”

 — Roeland Delrue, Co-founder and COO, Aikido

Software supply chain attacks, regulatory pressure, and enterprise platform consolidation make artifact management a board-level concern.

Enterprises see artifact management platforms as the crucial enabler of engineering speed, security control, compliance evidence, and software trust.

Our lead investors, TCV and Insight Partners, understand that shift. They invested in our Series B last year, and we’re grateful for their growing belief and conviction:

“Having led Cloudsmith’s Series B and now its Series C, TCV is proud to deepen our partnership with a company we see as defining artifact management for the AI era. As AI shapes the software supply chain, we believe Cloudsmith is uniquely positioned to become a platform enterprises rely on for compliance, control, and security at global scale.”

“In an era increasingly defined by AI-driven development, securing the software supply chain is critical. As a cloud-native offering, Cloudsmith is well-positioned to do this – providing the scale and reliability needed to power enterprise and AI-driven builds and mitigate emerging risks. We believe in Cloudsmith’s vision to secure the software supply chain by serving as a curated, AI-ready solution for enterprises of all sizes.”

 — Thomas Krane, Managing Director, Insight Partners

. We’re serving a rapidly growing range of technology and software companies, AI startups, mid-market companies, and mainstream enterprises. They all want a software supply chain that’s fast enough for developers, safe enough for security teams, clear enough for audit and compliance, scalable enough to keep up with their ambitions, and simple enough that it just works.

Cloudsmith just works - whether it’s failover, automation, or support. It’s the first platform we’ve used that feels like a true partner in how we build and operate software.

We’d like to think that the best infrastructure companies are ahead of their time, and that the foundations Cloudsmith laid down years ago are paying off today.

In the compiler era, we converted human intent into reliable software. In the cloud era, we operated software at a global scale for the first time. In the AI era, we need to figure out how to use and trust software that’s created, assembled, and changed faster than humans can manually inspect or even fully understand.

Cloudsmith is here to help answer that question.

When we started, artifact management was not a sexy part of developer infrastructure. It was seen as low value. Open source was ‘free’. But we could see the risks emerging as more and more software teams increasingly relied on packages, registries, and automation. That dependency is now massive, and so is our responsibility.

A heartfelt thank you to our customers. You’ve trusted Cloudsmith, sometimes before it was obvious why our software category was so important. You’ve consistently pushed us to build better because you rely on us for critical infrastructure, engineering, security, and platform workflows. We take that responsibility seriously.

Every Cloudsmither can take pride in our passion for our craft and in the hard work that has made Cloudsmith the company it is today - a special place. The market is pulling toward the problems we set out to solve from the beginning. This is our moment, and it’s time to earn it.

We’re by developers, for developers, and we always have been. We feel a kinship with the builders, platform teams, security professionals, and enterprise leaders who want to build safely in the age of AI. Because software is becoming easier to create than to trust.

We’ve got Cloudsmith 2.0 and the future of the software supply chain to build.

Check out press coverage, a video from our leadership team, and a note from our investors

Learn about our Series C

We built Cloudsmith for this moment

 have identified a new software supply chain attack on the 

”. A series of malicious packages are masquerading as a new AI coding agent called 

, the malicious package was reported minutes after being identified as containing a malicious payload on the 

 community did a great job in removing these suspicious packages from the registry so quickly, the 

 advisories weren’t able to classify these packages in time. But that’s okay, since they have successfully been removed and pose no threat right now.

OSM scanned the binaries, and the payload appears to be infostealers focused on cloud and AI credential harvesting across 

 storage. These payloads are adjusted for Windows and MacOS environments. A list of 

As always, if you’re a Cloudsmith user, you can apply age-based (

) policies to block newly published packages. In the case of the stardrop campaign, the malicious npm packages were all removed less than a day after the campaign began.

 is one of the most effective ways to stop this class of attack, giving security researchers (like our friends at OSM) time to identify the suspicious payload. In 2025, 

99% of malicious npm packages were identified and officially verified within 72 hours

, so implementing a simple cooldown policy significantly reduces this kind of attack vector.

Stardrop: New cross-industry npm campaign

Figuring out a scalable way to secure AI continues to be a significant challenge for businesses everywhere. According to our 

 use AI to accelerate their software development cycles. We are building faster than ever, yet the infrastructure supporting this speed was largely designed for a pre-AI world.

As AI agents dictate the pace of production, they are also expanding software attack surfaces. Security practices that worked at human speed are buckling. At Cloudsmith, we see this as a two-sided challenge: securing the code AI writes (the output) and securing the models AI uses (the input).

Here is how the landscape is shifting and how a cloud-native approach to artifact management can provide the control necessary to future-proof your development.

AI agents prioritize functional results over security provenance. When an AI suggests a block of code, it can pull in new dependencies. When you factor in transitive dependencies, the situation gets even more complex. Our survey data shows that 

 feel very confident in the security of AI-generated code.

The problem: Manual validation is scaling poorly

 manually validating the dependencies introduced by AI. This “operational tax” chips away at the speed gains promised by AI adoption. Furthermore, AI is prone to hallucinating packages, suggesting names that don't exist, which attackers then register in public repositories to facilitate “

The solution: Automated quarantine and policy guardrails

Cloudsmith addresses this by acting as a sophisticated gatekeeper between your AI agents and the public internet.

 Instead of developers or AI agents pulling directly from public registries, everything flows through Cloudsmith.

 You can define rules (using OPA/Rego) that govern what you allow into your environment and what to block.

 Create policies that automatically quarantine packages that meet specific criteria. When an AI agent calls for a new, unknown package, you can inspect quarantined packages before they reach your development environment.

While AI generates code at scale, the models themselves don’t get the same scrutiny that regular binaries receive. Companies frequently store AI models in ad-hoc silos like local drives or unmanaged cloud buckets, detached from the standard software development life cycle.

Our findings show significant fragmentation in how companies handle AI models. Only 

 unify their model management with their standard artifact workflows. Meanwhile, 

 only perform basic integrity checks (like checksums), leaving them vulnerable to model tampering or malicious weight injections.

The solution: Models as first-class artifacts

To future-proof your AI initiatives, you must treat models exactly like other artifacts, like container images or npm packages.

 By using tools like Cosign within Cloudsmith, you can 

 your models. This ensures that the model running in production hasn't been tampered with and originated from your trusted pipeline.

 Cloudsmith scans the metadata and layers of these artifacts, ensuring that your “inputs” are as secure as your “outputs.”

Future-proofing: Building for machine scale

 isn't a temporary trend; it’s a fundamental change in how we build software. Traditional artifact managers – often on-prem and slow to update – cannot provide the visibility required for this new development velocity.

Cloudsmith helps you move from a reactive “trust then verify” posture to an automated, proactive “verify then trust” one. By centralizing code, containers, and AI models in a single, cloud-native platform, you gain the visibility needed to comply with international compliance standards and frameworks, like the EU’s Cyber Resilience Act, while giving your developers the freedom to move at machine speed.

Security should be the foundation for AI. By implementing automated quarantine workflows and a unified registry for models, you can reclaim the hours lost to manual validation and protect your organization from the unique risks of the AI era.

This post only scratches the surface of the shifts we’re seeing in the industry. Download the complete 

 to explore the full demographic breakdown, competitive findings, and our deep dive into the state of software supply chain security.

The AI speed trap: Securing the future of software supply chains

Developers work inside their editor. Every trip to a browser breaks focus and slows decisions.

The Cloudsmith VS Code Extension, which is also supported by Cursor and other IDEs built on the VS Code platform, started as a way to browse packages and inspect metadata without leaving your workflow. With v2.0.0, the extension has grown into a full package intelligence platform with security remediation, dependency health scanning, license compliance, upstream inspection, cross-repository promotion, and Infrastructure as Code export built directly into your development environment.

The result: fewer context switches, faster security decisions, and a tighter loop between what developers use and what security teams approve.

With software supply chain attacks growing in both frequency and sophistication, developers need security context where they're already working. Waiting for a CI build to discover that a dependency carries a critical vulnerability costs time at best and creates exposure at worst. The Cloudsmith VS Code Extension puts that context directly in the editor, so risks are visible at the point of decision rather than after the fact.

Export as Terraform: From repository to Infrastructure as Code

 feature represents a massive leap for developers who want to move beyond manual configuration and embrace IaC practices without the typical friction of writing HCL from scratch. By right-clicking a repository node, you can instantly bridge between your active development environment and a reproducible infrastructure setup.

The extension doesn't just dump a basic template, it actually crawls your existing Cloudsmith setup to generate a comprehensive HCL file that includes everything from format-specific permissions and storage regions to complex retention rules and upstream configurations. This process makes your current repository state portable, allowing you to sync environments or onboard new projects effectively in seconds rather than hours.

Beyond simple automation, this feature prioritizes security and best practices that are often overlooked during manual coding. By automatically deriving the correct 

 across various package formats and utilizing 

 for resource references, the generated code is inherently robust and ready for immediate use in production pipelines.

Crucially, the extension treats your security as a first-class citizen, which means that it never exports sensitive upstream authentication secrets as plaintext. Instead, it replaces those secrets with secure Terraform variable placeholders marked as 

, ensuring your credentials stay protected. Because the generated HCL opens directly in a new VS Code editor tab for review, you maintain total control over your configuration, allowing you to easily audit the logic before committing it to your codebase.

Before v2.0.0, the extension operated as a simple package browser. The new Package Search view supports the full Cloudsmith search syntax, giving developers the same query capability available through the API and web application, directly where development happens.

By integrating Cloudsmith's full-text query syntax directly into the VS Code interface, devs can hunt for specific components across their entire workspace or narrow their focus to individual repositories without ever leaving their editor. Results are paginated and scoped across your workspace.

A few examples of what you can run straight from the search bar:

name:flask AND format:python AND policy_violated:false

 to surface everything your policies have blocked

The addition of a guided, multi-step search is particularly powerful for maintaining software supply chain integrity, as it offers one-click filter presets that instantly surface quarantined packages, policy breaches, or license violations. A developer can use a single 

 command to immediately isolate risks using the 

 query syntax. This level of visibility ensures that dangerous packages are flagged and remediated long before they can break a build or compromise a production environment.

Efficiency is further baked into the workflow through smart history and pagination features that respect a developer's time. The ability to re-run recent searches with a single click, combined with a 

 option for deep-dive investigations, allows for a fluid, iterative debugging process.

Know what you're pulling before it enters your build

Every package includes a visual permissibility indicator. The package format icon identifies clean and completed packages. Yellow indicates vulnerabilities or other violations that may not block usage. Red flags quarantined or deny-policy-violated packages. A sync icon highlights packages still awaiting analysis.

These indicators appear in search results, repository views, and dependency analysis. You know whether a package is safe before it ever enters your build.

For those looking to dig deeper into the 

 behind a blocked package, the extension now surfaces granular policy violation details as expandable child nodes directly under each entry. Whether you are dealing with EPM or legacy/classic policies in Cloudsmith, the specific reasons for a failure are accessible without switching contexts to a browser.

Upstream Awareness improves the repository view from a previously flat list of files into a better map of your entire software supply chain. By introducing a dedicated proxy and cache indicator at the top of repository nodes, the extension immediately alerts you when a repository is backed by external sources.

This visibility extends down to the individual package level, where cached artifacts are clearly tagged with a 

 label. For developers, this eliminates the 

 guesswork, and instead it provides an explicit origin detail node that distinguishes between direct uploads and those pulled from various upstream mirrors.

To ensure this level of insight doesn't come at the cost of IDE performance, the extension employs lazy-loaded configuration fetching with a smart 10-minute cache, keeping the UI snappy while minimizing API overhead.

When you need to audit your sources more closely, the 

Cloudsmith Blog

The Miasma worm's path of destruction

What is a package cooldown policy? How to prevent malicious dependencies from entering your environment.

TanStack npm packages compromised in Mini Shai-Hulud attack

How artifact management closes the gaps that leave you exposed under the CRA

EU CRA compliance: building a defensible posture with Cloudsmith

AI is breaking your artifact governance – and not by writing bad code

Cloud Native Digest - May 2026

Performance matters: How infrastructure impacts CI/CD

Closing the enforcement gap: Why visibility isn’t enough for supply chain security

Mini Shai-Hulud reaches Packagist: the intercom/intercom-php compromise explained

Cloudsmith Broadcasts: Distribute software on your own terms

We built Cloudsmith for this moment

Stardrop: New cross-industry npm campaign

The AI speed trap: Securing the future of software supply chains

Cloudsmith in your IDE: Package intelligence, security remediation, and Infrastructure as Code inside your editor