We’ve added support for PEP-658, allowing Python package clients to fetch only metadata from the Simple API during dependency resolution.
Cloudsmith's Python Simple API index now includes .metadata links alongside package distribution files. When a compliant client like uv resolves dependencies, it fetches only the small metadata file for each candidate package rather than downloading the full archive. This allows the full dependency tree to be resolved efficiently upfront.
Previously, Python clients had to download entire packages just to read their dependency metadata. This put unnecessary strain on upstream caches and caused builds to be slow and unreliable. PEP-658 helps you identify vulnerable packages in your transient Python dependencies earlier in the build process, reducing failed resolution attempts and making builds faster and more reliable.
Customers using Cloudsmith Python repositories with the Python Simple API enabled.
Private Broadcasts lets you put your brand front and center throughout the entire distribution experience, distributing software securely to your partners, customers and internal users through your own branded portal. Full customization and built-in analytics give you control over the experience and visibility into adoption, while entitlement tokens keep access tightly managed, so your software reaches exactly the right people…
Multi-select package actions now support delete. Select up to 100 packages and remove them in a single action. Deleted packages will be moved to recently deleted packages for 7 days…
Cloudsmith has always retained deleted packages for 7 days before permanently removing them — but until now, restoring a deleted package required contacting Cloudsmith support. The new “Recently deleted packages” view lets your team find and restore packages directly, whether they were removed manually, by a retention rule, or via a bulk action, without raising a support request…
Cloudsmith should adapt to the way you work, and today we're releasing a significant new feature to meet this objective - table personalization…
We've made a series of usability improvements to Upstreams in the web app…
Upstream logs are now available in the web app. Each upstream's log shows successful requests from the last 12 hours and failed requests from the last 24 hours, making it easier to monitor activity and diagnose issues as they arise…