Getting Started with Terraform Modules and Cloudsmith
A quick walkthrough of getting set up with a private repository for Terraform Modules on Cloudsmith, including uploading and downloading modules.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
Say Hello to Cloudsmith
Cloudsmith is the leading continuous packaging platform for engineers looking to set up a secure, cloud-native artifact repository in just 60 seconds. With support for 28+ package formats, 225 points of presence, and integrations with all of the tools you already use and love, when it comes to secure software delivery in the Cloud, we’ve got you covered.
Efforts to Secure OSS fired up after Log4Shell
Who would have thought software could rattle the White House? But a vulnerability in Log4J, a popular open source software project, exposed critical digital infrastructure to remote code execution attacks. This prompted the US Government to engage big tech, infosec professionals, and open source organizations to come together to help secure open source software.
Improvements to Dart Package Support
At Cloudsmith, our core mission is to be THE universal package repository. That is why we support so many different packages, artifacts, and image formats and constantly improve the functionality and support we provide. With this in mind, we are happy to announce the latest improvements to our support for Dart packages.
"Build It Yourself, They Said. It Will Be Worth It, They Said" Dev Week Enterprise Keynote Session
“We’ll build it ourselves!” We’ve all heard it, seen it, and likely been directly impacted by the decision to build a custom, in-house solution rather than use an existing one. Whether it’s a CI/CD tool, artifact management solution, or even the entire DevOps tech stack, it’s a common misconception that building it internally is easier, cheaper, and faster. When, in fact, the complete opposite is true!
Continuous Software Pipelines: Why Enterprises Are Going Cloud-Native Dev Week Enterprise Open Talk
Your entire tech stack is likely in the Cloud - so why aren’t your software packages? Whether you’re currently on-premise, have your own in-house solution or have a bit of a hybrid set up, join us in this session to explore:- Why enterprise organizations are making the move from on-premise solutions to completely Cloud-Native ones- What this means for improving, scaling, and securing their CI/CD pipelines- What the benefits of this are over cloud-hosted- How to easily set up a secure, cloud-native software pipeline in 60 seconds.
Package Management for Gaming Software Development
There is huge scope required when building video games. They are not just computer programs; they’re audio-visual artistic works. It’s a collaborative effort between software engineers, animators, scriptwriters, graphic designers, photographers and sound engineers. Working with these collaborators and assets leads to a different software pipeline than the average software project.
Continuous Software Pipelines: Why Enterprises Are Going Cloud-Native 2021 Dev Week Cloud Keynote
Why are enterprise organizations making a move from on-premise solutions to completely cloud-native? What does that mean for improving, scaling, and securing their CI/CD pipelines? And what exactly is continuous packaging, anyway? Join Dan McKinney in this Dev Week Cloud session he answers all of these questions, helping attendees understand the true difference between cloud-hosted and cloud-native, how to get started with migrating to a cloud-native solution, and the true benefits of being entirely within the cloud.
Cloud-Native Pipelines: Secure Software Delivery, Made Simple Dev Week Cloud Workshop Session
Your entire tech stack is likely in the Cloud - so why aren’t your software packages? Whether you’re currently on-premise, have your own in-house solution or have a bit of a hybrid set up, join us in this session to explore why the future is cloud-native, what the benefits of this are over cloud-hosted, and how to easily set up a secure, cloud-native software pipeline in 60 seconds.
All About Log4j/Log4Shell + Mitigation (CVE-2021-44228 and Beyond)
This article discusses the background, impact, identification, and mitigation of Log4Shell, one of the worst vulnerabilities to arise in the past decade. Here at Cloudsmith, security and privacy are paramount. As a hosted package management service helping customers distribute millions of packages worldwide, we're part of the story for securing software supply chains. Read on further to see how the vulnerability works and what you can protect yourself and your users.