In keeping with our focus on security, we are pleased to announce that you can now run on-demand vulnerability scans against supported package types, and also get the results of these scans via our API.
This builds upon our existing package scanning functionality, which scans supported packages types upon upload. Now you can surface any new vulnerabilities that may be discovered over time.
Gain more visibility and control over your scans, and stay ahead of issues as they arise
Cloudsmith can help with our self-service approach to managing and defining storage and bandwidth limits to keep costs under control while allowing you to scale when needed. After all, no one wants to be caught between an unexpected bill for overages or any interruption to their business, no matter how minor. Now you can automate a solution that works for you using either our API or CLI to always stay on top of your storage and bandwidth limits.
Check out our blog on how to track your bandwidth and storage with our Quota API.
Following in the footsteps of Debian and Maven, we're very pleased to announce that RPM is the latest package format to support upstream caching and proxying.
With Upstream Proxying, Cloudsmith will allow RPM clients configured to use your repository to see and download your existing repository packages, as well as all those defined in any connected upstream repositories.
When upstream caching is turned on, fetches made for packages resolved to an upstream can be cached and synchronised to your Cloudsmith repository - helping to protect your software dependencies from outages, improve visibility, and apply fine-grained access controls for your teams, customers and users.
Check out more our blog, where Dan goes into depth on how to configure and use an RPM upstream.
Now you can go beyond measuring your bandwidth usage and regain control via Cloudsmith's new bandwidth controls for Entitlement tokens. You can craft tokens with individual usage limits using the UI, API, and CLI, allowing you to decide the exact level of usage for each token.
Combining the new and existing limits for entitlement tokens, allowances are configurable to provide fine-grained control for any combination of properties. For example, the total amount of bandwidth, number of unique clients using a token, or the maximum number of downloads a token can perform on an individual token basis. Also, you can also scope your tokens by restrictions for advanced control of tokens.
Check out our blog on how to get restore authority with Token Bandwidth Controls.
With the introduction of the Package Activity API and accompanying CLI command, you can now quickly and easily check your entire repository for packages' activity status or even take a detailed approach and view packages individually (per day/per package).
You can save on your storage costs by eliminating inactive packages and retaining only the packages you or your users derive value from storing and distributing via Cloudsmith.
Check out our blog on how to get started with monitoring your package activity.
If you're making use of Cloudsmith's custom domains feature, you can now request that the top-level (i.e. root page) of your domain (e.g. npm.example.com) redirects to a location of your choice.
This provides a little more "discoverability" for your users, by sending them to the right place if they go to the domain directly. Whether you want to redirect them to the UI for your repositories, or to your customer support page, we've got you covered.
If you wish to update your domains with this feature, please contact us and we'll be happy to help.