We’ve recently added support for Ultra customers to claim and verify their organization’s domain. ✨ This addition to the platform streamlines user provisioning and onboarding for SCIM-provisioned users by removing the unnecessary steps for new users to verify their identity via email and for existing users to accept an invitation to join the organi…
Cloudsmith’s support of OpenID Connect (OIDC) gives you a more secure method for programmatic access to Cloudsmith. 🔐 OIDC allows trusted systems - such as GitHub Actions - to authenticate to Cloudsmith using short-lived JWT tokens, eliminating the need for long-lived tokens in your pipelines. Today, we’ve added support for the wildcard operator…
As part of our transition to more secure authentication methods, we are beginning the 24-hour brownout for username and password authentication for API requests. 🚧 What this means: From 5 pm EDT September 16th to 5 pm EDT September 17th, API requests using username and password authentication will fail. This brownout period is designed to help…
Cloudsmith has extended its support for Maven by allowing users to upload multiple files (.pom, .jar, .zip, and -sources.jar) to a single Cloudsmith Maven package and cache from upstream sources. Previously, you could upload multiple but specific combinations of files (e.g., .pom + .jar + -sources.jar or .pom + .zip + -sources.jar), but not all at…
The new Cloudsmith command-line interface (CLI) GitHub Action is now available! This action simplifies your CI/CD workflows by automating the Cloudsmith CLI's setup and authentication process. With support for pre-authenticating with OpenID Connect (OIDC), you can securely authenticate without the need to manage API keys. Key benefits Easy instal…
You can now export Cloudsmith logs directly to Azure Blob Storage, in addition to our existing support for Amazon S3. 🥳 Log exports enable you to take control of your data by automating the export of client and audit logs from your Cloudsmith account. Customize the frequency and output format, and we’ll handle the rest, ensuring a seamless and has…
To ensure we provide a performant and reliable experience for all Cloudsmith customers, we will implement a repository size limit for index fetches using the Git interface for Cargo. Git-based index fetches will only show the latest 10,000 Cargo packages uploaded to a given repository. This limit will be effective Friday, August 16th, 2024. 📅 Th…
Great news for Cloudsmith customers who run their own infrastructure on Amazon Web Services (AWS)! Cloudsmith is now available on the AWS Marketplace, making it easier for you to procure Cloudsmith for your development teams. This integration brings several benefits for AWS customers, including: Simplified procurement: AWS Marketplace offers a s…
Earlier this year we expanded our System for Cross-domain Identity Management (SCIM) capabilities to include provisioning new Cloudsmith users. By integrating Cloudsmith with your identity provider (IdP) via SCIM, you can automate user provisioning and de-provisioning, allowing your IdP to serve as the single point for managing user access. This fe…
As part of our ongoing commitment to providing a safe, secure user experience, we will no longer allow users to authenticate requests to the Cloudsmith API using their Cloudsmith username and password. This follows the removal earlier in July of username and password authentication for package downloads, and just like that previous change, we’ll be…
