We've improved how package statuses are displayed and managed across the Cloudsmith web app to help you quickly understand if a package or container is available, safe, and compliant…
We’ve added a last_downloaded field to packages in Cloudsmith, extending search-based package retention rules to enable cleanup of unused packages. This feature allows you to create retention rules that automatically clean up packages in your repository based on usage, rather than just age or count, ensuring you retain only actively used packages…
You can now better assess a vulnerability's impact by exploring its key details directly within the vulnerabilities table for a package or container. We've introduced an expanded row layout that shows all available information for a specific finding, helping you make more informed decisions about your response. Additionally, we’ve added CVSS score…
We’ve recently released a set of improvements across the Cloudsmith web app focused on logs, error messaging, and usability…
We’ve improved how Docker images are displayed and navigated in the web app, making it easier to work with tags, architectures and metadata to quickly find what you need…
Cloudsmith now displays Docker image signatures and SBOMs (Software Bill of Materials) directly in the web app, giving you greater trust and visibility into the images you use…
You can now filter vulnerabilities by Common Vulnerabilities and Exposures (CVE) severity in the package vulnerability view, using the quick filter selectors…
We've reduced the delay between a download event and its appearance in Client Logs, giving you faster visibility into your package delivery pipeline. This makes it easier to analyze trends, troubleshoot issues, and keep your workflows moving…
Packages added to Cloudsmith are scanned for vulnerabilities and malware, and passed through our policy engine. When we identify vulnerable packages, we produce and collate a range of descriptive data to help explain those vulnerabilities. Previously, that data was only available in our legacy web app, and more recently via our API. We've now broug…
Client log exports now provide a more comprehensive overview of package delivery. In addition to GET requests, client log exports will include other HTTP request types, including HEAD, POST, and OPTIONS requests. This gives you a full view of package delivery, moving beyond just download tracking to include metadata checks and other repository interactions…
