You can use boolean logic (e.g. AND/OR/NOT) for complex search queries. For more help and examples, see the search documentation.
Search by package name:
my-package
(implicit)
name:my-package
(explicit)
Search by package filename:
my-package.ext
(implicit)
filename:my-package.ext
(explicit)
Search by package tag:
latest
(implicit)
tag:latest
(explicit)
Search by package version:
1.0.0
(implicit)
version:1.0.0
(explicit)
prerelease:true
(prereleases)
prerelease:false
(no prereleases)
Search by package architecture:
architecture:x86_64
Search by package distribution:
distribution:el
Search by package license:
license:MIT
Search by package format:
format:deb
Search by package status:
status:in_progress
Search by package file checksum:
checksum:5afba
Search by package security status:
severity:critical
Search by package vulnerabilities:
vulnerabilities:>1
vulnerabilities:<1000
Search by # of package downloads:
downloads:>8
downloads:<100
Search by package type:
type:binary
type:source
Search by package size (bytes):
size:>50000
size:<10000
Search by dependency name/version:
dependency:log4j
dependency:log4j=1.0.0
dependency:log4j>1.0.0
Search by uploaded date:
uploaded:>"1 day ago"
uploaded:<"August 14, 2022 EST"
Search by entitlement token (identifier):
entitlement:3lKPVJPosCsY
Search by policy violation:
policy_violated:true
deny_policy_violated:true
license_policy_violated:true
vulnerability_policy_violated:true
Search by repository:
repository:repo-name
Search queries for all Debian-specific (and related) package types
Search by component:
deb_component:unstable
Search queries for all Maven-specific (and related) package types
Search by group ID:
maven_group_id:org.apache
Search queries for all Docker-specific (and related) package types
Search by image digest:
docker_image_digest:sha256:7c5..6d4
(full hashref only)
Search by layer digest:
docker_layer_digest:sha256:4c4..ae4
(full hashref only)
Field type modifiers (depending on the type, you can influence behaviour)
For all queries, you can use:
~foo
for negation
For string queries, you can use:
^foo
to anchor to start of term
foo$
to anchor to end of term
foo*bar
for fuzzy matching
For number/date or version queries, you can use:
>foo
for values greater than
>=foo
for values greater / equal
<foo
for values less than
<=foo
for values less / equal
Need a secure and centralised artifact repository to deliver Alpine,
Cargo,
CocoaPods,
Composer,
Conan,
Conda,
CRAN,
Dart,
Debian,
Docker,
Go,
Helm,
Hex,
LuaRocks,
Maven,
npm,
NuGet,
P2,
Python,
RedHat,
Ruby,
Swift,
Terraform,
Vagrant,
Raw & More packages?
Cloudsmith is the new standard in Package / Artifact Management and Software Distribution.
With support for all major package formats, you can trust us to manage your software supply chain.
Tool-Specific Instructions
Although we use GPG (and RSA) keys across each repository and package format, client-side tools might have specific instructions that differ (or require manual steps). To add or use the signing key for these tools, please click on the package format specific tabs above.
Public GPG Key
GPG-based keys/signatures are used by:
The public GPG key for the rabbitmq/rabbitmq-server-dev is:
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v2
mQGNBGBlwC0BDAC3KannotVHJCYs2beWvxEGDYAeAC1925tb+mERDtHAijR18wTi
oi3r9ttaBrnGld2hznfjJKdous+U5X+SQVtKb4pQoUps7NHMIYPZCEJplAB6E6Ll
WlyTHGKp7bPNdGYYLYwul1g2GB54GKWwhpZLqX9fAEKbkKVw3fyQVHEsSByrS0zi
7vPg5x0PxzPbW63GrBvVXOaXijXdaTqr+rrIpogiqte8HMqLhjalQzsUqxVgfTiZ
5pvDcqe/biK/YLlR8rcP0I66Ovqjron7n0BFQWyygoK2BWMmkqL9IBTCIZx2G2n5
SF5RjLa/5et7uQWgdqZpuhRxRhIYTxy+OwLH3gmzhwjQFZLEQ2pZEIMlROLIngwT
6nKou60TalsasW1fVrXvMmBPP5hxxxrZhxfh6uPUEDxTyjeWRPV2RM3LCTro0hx6
GJbdsUUSZnmNocKgWglbyh1acyIfHM/ORHFa2Mm0YqQVfLxjGsq9/BXdrd8d9os1
wPumqtKSyCSFF6MAEQEAAbRJQ2xvdWRzbWl0aCBQYWNrYWdlIChyYWJiaXRtcS9y
YWJiaXRtcS1zZXJ2ZXItZGV2KSA8c3VwcG9ydEBjbG91ZHNtaXRoLmlvPokBtwQT
AQgAIQUCYGXALQIbLwULCQgHAwUVCgkICwUWAgMBAAIeAQIXgAAKCRB+6CBcMRXT
DXhbC/90UrA8Yik//BgCCbIsO69aR3vX56/ptZYPE1mQoW3wzqSjKCUBEoZIAGU1
4UUY9zqppcpsemtWQWrq/iWpz40l5pXuglGl/XL7NNQlFcLZ3iqzwdaJqhXydB7/
+Nr6nKY3iHxkWQc7HU3Id50EdjzIskQ0Y4zHRpVIeFndCNLhGD7Rniqs22E4nUqA
KVexF8J8eZRO8BGsXOBbszF9Sw9loJExhInyi+hdhhQ/Gz76PelU5cqUrM79368x
ScbUFRmONIfIBrPQ6B/1fZb/Pvd8TAsC9rZ5fOvh6nojKQEDn27sN6J+OIsY78vn
eFVBDxU8JSNxdKLvYXiFZpy//myQfuo4tYmcF2/1Cyg9l56UslFYP7hOElR9xN93
duExwpIy5s6qxs5WG4sJm3nSc775l/zhP0VzGCRPPVIqfLLTothKoUvDM5IdDz5T
H4lVw0aZ4xM8zYcOh83LA8EhcjYkYU2hsuS2Ky7EVdsffVi3Nxgq0IMKxMd7HOw4
0MqyNB8=
=jbdH
-----END PGP PUBLIC KEY BLOCK-----
It has the following long (20 bytes) and short (8 bytes) fingerprints:
B3442CBC7BDD3D26D9D2C7117EE8205C3115D30D
7EE8205C3115D30D
You can download the GPG key or fetch it via the command-line:
curl -1sLf 'https://dl.cloudsmith.io/public/rabbitmq/rabbitmq-server-dev/gpg.7EE8205C3115D30D.key'
Public RSA Key
RSA-based keys/signatures are used by:
The public RSA key for the rabbitmq/rabbitmq-server-dev is:
-----BEGIN PUBLIC KEY-----
MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEArwetaURnuW5aMJvNdQx7
vjVCWGaexTyksDWRpU9Ts+obnwfFfn/RUcdxKnYfUkEzQmMukEvpBoGJroP9hXzC
t0q36fta+Nls4bMnGvtfBF6X32hXJg2rTBT2g/x37yFCPoLbFp7pAK/ldBxPCNQb
Hglg+VbQp6HFaGWWbRXHPJJB9OKlpcJkTUOkJVh2MOUhtaIixBR9oFg9m2ytcbZz
a0sWolmQy2GYDbihYfecCh59lyD+V/4V+TsnaTZyw5x1eVt5SfSKdEynTtBXVUic
ZdipF3Qg78YerU2EJnmFPtrBBR+2NvaNgGU6S2Kc9Pm++gIxcNxeKPqrLeWpzLP/
x6z8zUC60Blu+NLnJArdrFpt88IXamy3i0WEp6HJxrSdf7peY2TqD2FsWy0sbGls
Vch0Hw9PH0ps/EQH4aBlKKv27ednJJFz8raTyfIloy16qLGkd79CeEYu8fXHO6yb
9PS//ougbM5D9l5KQMB+lThLYRBSg8d+nir4+iwIOA9BAgMBAAE=
-----END PUBLIC KEY-----
It has the following long (16 bytes) and short (8 bytes) fingerprints:
0881E24AEED9021AED8DA4DE653542AC
ED8DA4DE653542AC
You can download the RSA key or fetch it via the command-line:
curl -1sLf 'https://dl.cloudsmith.io/public/rabbitmq/rabbitmq-server-dev/rsa.ED8DA4DE653542AC.key'
Need Help?
If you couldn't find what you needed in our documentation, then you can always chat to a member of our team instead. It's our mission to be your dedicated off-site team for package management, and we mean it. Come and chat with us, anytime.
What's this page? All Cloudsmith repositories and packages are signed using GPG (or RSA) keys where supported. GPG (or RSA) signatures and checksums provide reliable mechanisms to ensure that the packages that you download/install are neither corrupt nor modified. GPG is generally preferred, but RSA is used for some package formats (such as Alpine). Learn more in the signing keys documentation.