Package Quarantine

Package quarantine allows you to temporarily block any downloads of a package until you release the package from quarantine.

This is useful in any case where you wish to remove the ability to access a package that is present in your Cloudsmith repository, for example, in a case where a security vulnerability is discovered after you have published a package. Unlike deleting a package, you can restore access to the specified package at a later stage if required.

We provide the ability to quarantine a package in three ways:

  • Quarantine via the Website UI.
  • Quarantine via the Cloudsmith CLI
  • Quarantine via the Cloudsmith API

In the following examples:

IdentifierDescription
OWNERYour Cloudsmith account name or organization name (namespace)
REPOSITORYYour Cloudsmith Repository name (also called "slug")
PACKAGEThe unique identifier for a package, see Package Identification for further details

Quarantine via the Website UI

Add to quarantine

You can quarantine a package using the quarantine button on the Package Details page, or from the packages view using the Package Actions:

1313

Quarantine Button on Package Details

1321

Confirmation that you'd like to quarantine the package

Once you have quarantined a package, the synchronization status will change from "Completed" to "Quarantined".

Release from quarantine

You can remove a package from quarantine using the Unquarantine button on the Package Details page:

1341

Unquarantine Button on Package Details


Quarantine via the Cloudsmith CLI

Quarantine operations via the Cloudsmith CLI are performed using the cloudsmith quarantine command.

Before you can add or remove a package from quarantine using the CLI, you first need to identify the package. See Package Identification for full instructions on identifying packages.

Add to quarantine

To quarantine a package, use the command cloudsmith quarantine add as follows:

cloudsmith quarantine add OWNER/REPOSITORY/PACKAGE

For example:

cloudsmith quarantine add demo/examples-repo/IB6FYhIvaoAy

1106

CLI add to quarantine

Release from quarantine

To release a package from quarantine, use the command cloudsmith quarantine remove|rm|restore as follows:

cloudsmith quarantine remove OWNER/REPOSITORY/PACKAGE

For example:

cloudsmith quarantine remove demo/examples-repo/IB6FYhIvaoAy

1157

CLI remove from quarantine


Quarantine via the Cloudsmith API

Please see the Cloudsmith Interactive API Reference for details on the Quarantine Package API endpoint



Cloudsmith is the new standard in Package / Artifact Management and Software Distribution

With support for all major package formats, you can trust us to manage your software supply chain.


Start My Free Trial Now
Cookie Declaration (Manage Cookies)