We've recently added support for downloading specific packages from a given repository using Cloudsmith's Terraform Provider. The cloudsmith_package data source allows you to list details and download a specific package from a given repository. Example Usage Customers can use this new functionality to better manage resource execution in Terrafor…
The team at Cloudsmith is always looking for ways our customers and community can leverage adjacent technologies within the DevOps and application development ecosystem to secure the software supply chain. Cloudsmith developed the first integration with Datadog, the Cloud Monitoring as a Service solution, a few years ago! We are excited to share th…
It's easier than ever to automate provisioning and updating Cloudsmith resources with the latest version of Cloudsmith's Terraform Provider. With the latest version, customers can now: Create and manage repositories, including updating repository settings Create and manage entitlement tokens, granting read-only access to end users Create and man…
Power users of the Cloudsmith API and CLI have long enjoyed search functionality of repository entitlement tokens. Today we're delighted to announce that our UI-using friends are now also covered! Entitlement token search uses the same query syntax as our other search fields and provides a simple way to perform searches based on name, kind, or ass…
Great news! Based on customer feedback, we've made improvements to how you manage access and permissions for Service Accounts, improving their usability and extending the capabilities of what a Service Account can do. What's changed? With this release, there are two key feature improvements. First, Service Accounts can now be assigned a manager…
To further strengthen the controls Cloudsmith offers organizations around user access, we've improved how we enforce 2-Factor Authentication (2FA) and SAML/SSO. Previously, both were only enforced when a user logged into the application and was not required to access the Cloudsmith API or for interactions in the same session beyond login. What Ch…
This is a heads up for our Debian users! As of today, we have updated our repository setup script and documentation to no longer rely on the recently deprecated apt-key binary. What does this mean? The apt-key binary was previously used within the Cloudsmith setup script for Debian systems to install the repository GPG key to the system keyring…
Good news! We've improved the UI and APIs for user management within organizations. Added The people management UI now shows the email addresses of members (redaction configurable). The organization members API can now show unredacted emails (if configured). A new setting for showing unredacted emails was added to the "Global Privileges" org se…
When designing upstream support for Cloudsmith, we always strived to ensure that we could build an understanding of every package available on a remote repository. This information is beneficial, helping inform performance, analysis, and security decisions. With this in mind, we're happy to announce an essential improvement to upstream support for…
Good news! As part of our efforts to further secure access for users in your org, we're introducing the ability to enforce SAML-only Authentication. Plus, a bonus is that SAML is now fully self-service configurable: With SAML-only Authentication configured, all members of your organization will no longer be able to use password-based or social-bas…
