Open Source Package Hosting & Package Distribution Platform

Every package. Every container. Every pipeline. Every team.

Cloudsmith is an enterprise-grade open-source package repository and distribution platform built for modern engineering teams. Host, manage, and distribute every open-source package format, containers, ML models, and raw assets from one secure, fully-managed platform.

Universal format support

Simplify open source package hosting. Cloudsmith is a secure, cloud-native open source package repository supporting every format your teams use, from npm and Maven to Docker and Helm.

  • Open source package hosting for 30+ formats including npm, Maven, PyPI, and more
  • Docker container registry for open source and private images
  • Centralize ML model management alongside your open source package repository
  • Package distribution for raw files and assets of any type

Native package tools

Push and pull from your open source package repository using language-native tools with zero friction

Command-line interface

Automate open source package hosting and package distribution workflows with our powerful CLI

Package insights

Extract license, dependency and quality metadata from packages to drive policies

Package signing

Sign your software artifacts to ensure they are what they say they are
We’ve had no platform-impacting downtime for our artifact repository since migrating to Cloudsmith.

Dave Bresci

Senior Manager of Site Reliability Engineering

Before

PagerDuty was suffering with open-source package disruption and support bottlenecks. They needed first-class performance and developer-friendly service.

With Cloudsmith
  • Fully managed artifact management
  • Highly available solution
  • Fast, friendly service
Results
  • 50% cost savings
  • Reliable open source package distribution and pipeline stability
  • Better, faster issue management
Powerful Open Source Package Repository Tools. Simple Control.

Secure Container Registry

Streamline open source package distribution. Store public and private packages alongside containers in one fully Docker-compatible registry, built for teams that rely on open source at scale.

  • Docker feature complete; push and pull images as you would with Dockerhub
  • OCI compliant architecture built to support containers into the future

Simplify open source package hosting with one repository for every format. Structure your open source package repository exactly how your teams work, no compromises.

  • Structure repositories in your desired pattern
  • Use a single repo to store multiple formats
  • Move packages between repos using promotion rules

Take Control of your open source package repository. Replace direct pulls from public registries with Cloudsmith's secure proxy, apply policies and security checks on every open source package before it reaches your teams, and speed up package distribution with our global CDN.

  • Replace direct pulls from OSS registries with Cloudsmith
  • Apply policies and checks on OSS packages before they reach teams
  • Speed up your build times with Cloudsmith’s global availability

Improve decision-making across your package distribution workflows. Full visibility into every open source package flowing through your teams, with audit logs, egress tracking, and third-party integrations.

  • Complete client logs showing uploads, egress
  • Best in class web application designed for oversight
  • Log exports to feed into analysis projects and third-party tools

Protect your teams, customers, and reputation

Verify each and every software artifact before you build using Cloudsmith's scanning suite, package insights, and advanced policy engine.
security-scanning

Software distribution built for global enterprises

Boost productivity and get software to teams and customers using Cloudsmith’s global package distribution network
graph-distribute
Start managing your open source package repository with Cloudsmith