Verify and inspect Docker images
Cloudsmith now displays Docker image signatures and SBOMs (Software Bill of Materials) directly in the web app, giving you greater trust and visibility into the images you use…
We’ve improved how Docker images are displayed and navigated in the web app, making it easier to work with tags, architectures and metadata to quickly find what you need.
These improvements help you quickly find what you need and give clearer insights into an image’s content and supply chain integrity, and are available today in the web application today. Contact us if you have questions or feedback.
Cloudsmith now displays Docker image signatures and SBOMs (Software Bill of Materials) directly in the web app, giving you greater trust and visibility into the images you use…
You can now host and distribute your machine learning (ML) models and datasets using Cloudsmith. This brings the same security, governance, and cloud-native performance you already rely on for packages, containers, and binaries to your AI workflows…
You can now filter vulnerabilities by Common Vulnerabilities and Exposures (CVE) severity in the package vulnerability view, using the quick filter selectors…
Cloudsmith now detects malicious packages using data from OSV.dev and the OpenSSF Malicious Packages project so you can see, stop, and govern open source packages designed to attack your supply chain before they reach your builds or customers…
You can now use Cloudsmith’s package search syntax to refine the scope of your repository's retention rules when configuring them via the Cloudsmith web application and via the Cloudsmith Terraform provider. This functionality builds on the existing support to scope retention rules by package search syntax via the API, and makes it easier to target exactly which packages to keep or remove…
Today we are releasing a refreshed and re-architected documentation website for Cloudsmith…