Blog | Resources | Cloudsmith

Elevating Software Distribution with Cloudsmith’s Broadcasts

Elevating Software Distribution with Cloudsmith’s Broadcasts

For organizations, distributing software artifacts effectively is crucial to building strong developer relationships and delivering a seamless experience. Yet, managing and personalizing the distribution of software packages—like SDKs or container images—can be challenging. Cloudsmith, a leader in cloud-native artifact management, has introduced Broadcasts to address these needs. With

Securely Store and Distribute OCI Artifacts

Securely Store and Distribute OCI Artifacts

As containerized environments evolve, effective artifact management is crucial for any organization using Kubernetes or similar ecosystems. Cloudsmith’s container registry now fully complies with the Open Container Initiative (OCI) distribution specification, allowing customers to store, secure, and distribute images and artifacts with greater efficiency. This release marks an evolution

Introducing Cloudsmith’s Advanced Observability Suite for Enterprise Artifact Management

Introducing Cloudsmith’s Advanced Observability Suite for Enterprise Artifact Management

As software complexity advances, understanding what’s happening across every part of your software supply chain becomes crucial. You need to see where artifacts are used, how secure they are, and whether they meet compliance standards. The ability to capture this is known as observability. Observability goes beyond data collection

Introducing Cloudsmith’s Enterprise Policy Manager

Introducing Cloudsmith’s Enterprise Policy Manager

In a rapidly evolving digital environment, organizations across various sectors—including technology firms, financial services, and manufacturing—rely on effective management of software artifacts to secure their software supply chains The risk of supply chain attacks has intensified, revealing vulnerabilities at every stage of artifact management. Compliance breaches, data leaks,

Your Ultimate KubeCon Guide

Your Ultimate KubeCon Guide

KubeCon is almost here, and if this is your first time attending or you’re a seasoned pro, you’re in for a treat! 🎉 Next week, KubeCon will take over Salt Lake City, bringing together the brightest minds in cloud-native tech. Whether you're a developer, engineer, or IT

Integrating Dependabot with Cloudsmith Using OIDC

Integrating Dependabot with Cloudsmith Using OIDC

This guide will walk you through configuring GitHub Dependabot to authenticate with Cloudsmith using OIDC.

GitOps Pipelines with Codefresh and Cloudsmith

Integrations Featured

GitOps Pipelines with Codefresh and Cloudsmith

Integrating Cloudsmith, a cloud-native artifact management platform, with Codefresh enhances your CI/CD workflows in several significant ways. Read this blog to learn more about this powerful combination, and its automation of artifact handling and simplification of deployments!

"Cloud Native" - Why it matters?

Cloudsmith Featured

"Cloud Native" - Why it matters?

The difference between "Cloud Native" and "Cloud Hosted" products lies in their architecture, design philosophy, and how they leverage cloud infrastructure. Let’s break down the key distinctions.

What happens when you upload a Package?

What happens when you upload a Package?

Packages in Cloudsmith repository are so much more than just “bits on disk”, and treating them as such is really doing them a disservice!

Cloudsmith is headed to Salt Lake City for KubeCon North America 2024

Cloudsmith is headed to Salt Lake City for KubeCon North America 2024

The Cloudsmith team is heading to KubeCon / CloudNativeCon North America in Salt Lake City, Nov ember 13-15.

How to Manage Your Package Promotion Workflows with Cloudsmith

How to Manage Your Package Promotion Workflows with Cloudsmith

Package promotion workflows are a great way to isolate and protect production repositories away from public upstreams, so they only receive clear and vetted packages.

Level up your private npm registries in Deno with Cloudsmith

Level up your private npm registries in Deno with Cloudsmith

We’re excited to announce that Deno, the modern JavaScript and TypeScript runtime, now supports private npm registries. You can now leverage Cloudsmith to securely host and share your npm modules directly within your Deno projects.

Reflecting on ShipItCon 2024: High-performing teams need flow

Reflecting on ShipItCon 2024: High-performing teams need flow

ShipItCon, one of Europe’s most vibrant indie tech conferences, just wrapped up in Dublin last week. It brought together software engineers and technologists to tackle a central theme - Flow.

Announcing the Release of Cloudsmith CLI GitHub Action 🚀

Announcing the Release of Cloudsmith CLI GitHub Action 🚀

We just released the Cloudsmith CLI GitHub Action. This new GitHub Action simplifies the process of installing and pre-authenticating the Cloudsmith CLI using OpenID Connect (OIDC) or an API Key. Whether managing packages, pushing artifacts, or automating your CI/CD workflows, this action is designed to streamline your experience and

Cloudsmith CEO Glenn Weinstein chatting with team

What Makes Cloudsmith Special: Reflections on 1 Year as CEO

Find out what Glenn sees as Cloudsmith's three winningest characteristics as he looks back on his first 12 months as CEO.

Using Cloudsmith as a Dependency Firewall

Using Cloudsmith as a Dependency Firewall

Cloudsmith does more than store and manage artifacts. It protects them, too. In this article, we explain how you can prevent software supply chain threats by using our platform as a vital isolation layer between your binaries and risks in public open source repositories.

blue and green graphic

5 Lessons on the Evolution From DevOps to Platform Engineering

Get the highlights from our July webinar on platform engineering, featuring senior Cloudsmithers and Humanitec's Luca Galante.

Fortify Dependency Management With Cloudsmith + Dependabot

Protect ALL of your packages and deliver consistent builds by combining Dependabot's automated dependency updates with Cloudsmith's package centralization, upstream capabilities, and security controls.

Implementing Zero Trust Security With Cloudsmith in 5 Steps

Learn how to strengthen and maintain your Zero Trust security posture, improve compliance, and reduce risk with Cloudsmith's armory of access, pipeline, publishing, and monitoring controls.

Kong Entrusts Cloudsmith With Global Distribution

Kong Entrusts Cloudsmith With Global Distribution

API giant Kong has handed the reins of its software distribution to Cloudsmith. Learn why in this case study recap + video.

5 green flags on yellow background

12 Signs of Stellar Support in an Artifact Management Vendor

Prevent buyer's remorse. Use these ‘green flags’ from our Senior Director of Customer Success to find + pick a vendor that’ll keep you moving forward whenever the unexpected threatens to hold you back.

Enhance Security with Chainguard and Cloudsmith

Enhance Security with Chainguard and Cloudsmith

At Cloudsmith, we are excited to announce our support for the Chainguard Registry as an upstream source. By consolidating all your artifacts, packages, and now Chainguard Images into Cloudsmith, your organization can: * Reduce risk of attack with no/low vulnerability base images provided by Chainguard. * Effortlessly deploy and distribute your

Two Cathedrals: Cloudsmith + GitHub

Two Cathedrals: Cloudsmith + GitHub

Learn why using Cloudsmith with GitHub extends visibility, control + management beyond source code to your entire supply chain.

Streamline Kubernetes Workflows with Cloudsmith

kubernetes Featured

Streamline Kubernetes Workflows with Cloudsmith

Use Cloudsmith to store your Helm charts alongside your Docker images thanks to Cloudsmith’s support for multi-format repositories. This gives you a unified platform for all your K8s needs, ensuring all your dependencies are stored, managed, and delivered from a single, secure source.

Zero Trust Pipelines with OIDC, Cloudsmith, and GitHub Actions

Zero Trust Pipelines with OIDC, Cloudsmith, and GitHub Actions

In CI/CD workflows, leaked credentials pose a significant threat, potentially leading to unauthorized access, data breaches, and system compromises, ultimately disrupting development pipelines and undermining the integrity of software deployment processes.