Package Quarantine

Package quarantine allows you to temporarily block any downloads of a package until you release the package from quarantine.

This is useful in any case where you wish to remove the ability to access a package that is present in your Cloudsmith repository, for example in a case where a security vulnerability is discovered after you have published a package. Unlike deleting a package, you can restore access to the specified package at a later stage if required.

We provide the ability to quarantine a package in three ways:

  • Quarantine via the Website UI.
  • Quarantine via the Cloudsmith CLI
  • Quarantine via the Cloudsmith API

In the following examples:

Identifier

Description

OWNER

Your Cloudsmith account name or organisation name (namespace)

REPOSITORY

Your Cloudsmith Repository name (also called "slug")

PACKAGE

The unique identifier for a package, see Package Identification for further details


Quarantine via the Website UI

Add to quarantine

You can quarantine a package using the quarantine button on the Package Details page, or from the packages view using the Package Actions:

Quarantine Button on Package DetailsQuarantine Button on Package Details

Quarantine Button on Package Details

Quarantine Option in Package ActionsQuarantine Option in Package Actions

Quarantine Option in Package Actions

Once you have quarantined a package, the synchronization status will change from "Completed" to "Quarantined".

Release from quarantine

You can remove a package from quarantine using the restore button on the Package Details page, or from the packages view using the Package Actions:

Restore Button on Package DetailsRestore Button on Package Details

Restore Button on Package Details


Quarantine via the Cloudsmith CLI

Quarantine operations via the Cloudsmith CLI are performed using the cloudsmith quarantine command.

Before you can add or remove a package from quarantine using the CLI, you first need to identify the package. See Package Identification for full instructions on identifying packages.

Add to quarantine

To quarantine a package, use the command cloudsmith quarantine add as follows:

cloudsmith quarantine add OWNER/REPOSITORY/PACKAGE

For example:

cloudsmith quarantine add demo/examples-repo/IB6FYhIvaoAy

CLI add to quarantineCLI add to quarantine

CLI add to quarantine

Release from quarantine

To release a package from quarantine, use the command cloudsmith quarantine remove|rm|restore as follows:

cloudsmith quarantine remove OWNER/REPOSITORY/PACKAGE

For example:

cloudsmith quarantine remove demo/examples-repo/IB6FYhIvaoAy

CLI remove from quarantineCLI remove from quarantine

CLI remove from quarantine


Quarantine via the Cloudsmith API

Please see the Cloudsmith Interactive API Reference for details on the Quarantine Package API endpoint



Did this page help you?