Malware Scanning

Malware scanning on every package at the point of upload helps to ensure that your ecosystem is free from malware and other potentially unsafe constructs. Watch this space for additional vulnerability management.

Why wait? Let us handle the package management for you, today.

* No credit card is required.

The Complete Toolkit For Your Packaging

Inter-Slack Workspace

Got Slack? Cloudsmith utilises Slack for all of its internal team communication. With the inter-Slack workspace, we will give you a dedicated channel between our Slack instance and yours, for the ultimate in contact with our team. We'll be on-hand to provide support when you need us, as if we were a part of your organisation.

Priority Support

We pride ourselves on the world-class support that we provide to each and every person that uses the service. Despite this, we still need to prioritise each request that comes in. With priority support we'll consider your requests more urgently than those without priority.

Whitelabelled Domains

Access your packages and APIs via 'white-labelled' custom domains specified by you. If your company brand and trust is important to you and your customers, whitelabelling will allow you to present your own company domains as the endpoint for distribution, APIs and configuration (e.g. retrieving GPG keys). This is fantastic for vendors that sell/license their software via Cloudsmith.

Custom EULAs

For legal or compliance reasons you can enforce users to agree to your custom End-User License Agreement (EULA) before they can download your packages. This is especially useful if you're a vendor or would like to disclaim warranties prior to usage.

Org/Team Management

Collaborate securely with other users in an organisation with no per-seat pricing - In other words, there is no limit to amount of users/seats within an organisation (and no limit to number or size of teams).

Private Repositories

Private/internal repositories limit package access to authorised clients and users, without sharing packages to the world. If you need internal software distribution mechanics, or if you want to support license-based software distribution, then private repositories facilitates these.

Repository Entitlements

Entitlements allow you to control who has read-only access to your package repositories. Whether you're automating server or application installs, or you're building a license-only software distribution, entitlements facilitates these.

Historical Statistics

Track advanced usage of your repositories with detailed usage statistics/metrics. If you need to supplement the builtin views we also offer an API to programmatically access statistics so that you can build your own (soon).

Invoice Billing

Invoice-based billing allows you to pay for your Cloudsmith account as an invoice rather than via debit/credit cards. This is a convenient option for larger organisations or where there are strict requirements in how vendors are paid. It also tends to be much cheaper than other payment methods.

Secure Packages

Security is paramount at Cloudsmith, and we take pride in taking every precaution to secure the service. All communication and storage is encrypted in-transit and at-rest (with 256-bit or hardware-based encryption). Checksums and GPG signatures are provided to detect tampering. For increased trust you can also provide your own GPG key for signing.

Retention Lifecycle

Automated retention/lifetime rules allows you to automatically manage storage for packages by deleting or moving packages that fall outside of the defined retention rules.

Webhooks

Webhooks instruct Cloudsmith to contact your application, or integration when events happen, such as new packages being added. Build complex automated CI/CD pipelines in order to accelerate your DevOps practices.

Single Sign-On / SAML

Management and on-boarding of users for your team can be problematic, especially when working at scale. With SSO you'll be able to link Cloudsmith to an external authentication service, for automatic provisioning of users. In other words, you can user your existing directory services to manage your Cloudsmith organisation.

Service Level Agreement

We pride ourselves as a top-tier managed service, and will always work to ensure continuity of service for you. With a guaranteed SLA of 99.5% we'll take additional measures to ensure that your account is maintained as a matter of priority, especially following unplanned downtime.

Firehose Export API

Going hand-in-hand with audit trails is the ability for retrieve all events for your account via the firehose API. The firehose API will allow you to hook Cloudsmith into your own monitoring systems to ensure total visibility and control. This unlocks a new level of capability for business intelligence and/or outlier detection.

Custom Signing Keys

Use your own custom signing (GPG/RSA) keys for packages, to assert ownership and traceability. If you don't have one, don't worry, we'll generate a per-repository signing key for you.

Granular Access Controls

Add granular access controls to your repositories and packages to give appropriate access to collaborators or teams within your organization. Need read-only access for junior developers or one single repository for contractors?

Global Distribution

All packages are distributed around the world by a blazing fast global Content Delivery Network (CDN). Let us take off the pressure of having to manage and maintain Enterprise-level software distribution.

License Governance

Achieving understanding of how software is licensed and used isn't simple or easy. With license governance Cloudsmith will provide you with insight on licenses across all of your software, and how you use them. You will also be able to set controls on which licenses are permitted, in order to minimise your legal liability for incorrect use.

In-Depth Access Logs

Drill down into the detailed download and upload access logs for your packages. You can view your logs on the site as a snapshot or in real-time, or download the raw logs for offline processing. Keep track of who is using your packages with Access Logs.

Audit Trails

Get detailed insight into all actions and events across your account, and get them in an auditable and exportable format. If you have strict requriements around regulation, compliance, and/or security, audit trails will ensure you have ultimate insight into how your account changes over time.

Geo/IP Restriction

Restrict or grant access to your packages based on geographical location, IP ranges or specific IP addresses. If you need to add physical location security to your package management, then Geo/IP Restriction is what you need.

Drop Copy / Sync

Although Cloudsmith takes care of all your storage and distribution needs, sometimes it pays to have an offline or secondary Cloud backup of your entire package portfolio. With drop copy, we'll synchronise the raw content for all of your repositories to a target destination of your choice.

Upstream Proxying

With upstream proxying we'll cache upstream packages for you, for convenient access from Cloudsmith. You can reduce the amount of external repositories you depend on, and you can protect your software and servers from downtime and slowness of official main repositories.

Raw File Repositories

Raw/generic file repositories allow you to upload/store and distribute any kind of file, with the same level of access control and features as any other managed repository.

Priority Uploads

The priority upload queue has higher precedence than the non-priority upload queues, and more processing power. When on the priority upload queue your packages will be processed quicker, and will have priority over other packages.
[% trans 'Previous' %} Next

Integrate with the Package Formats you Love

(beta)

(beta)

(beta)

(beta)

Get Started In 60 Seconds

Get Started Now
Top