Package quarantine allows you to temporarily block any downloads of a package until you release the package from quarantine.
This is useful in any case where you wish to remove the ability to access a package that is present in your Cloudsmith repository, for example in a case where a security vulnerability is discovered after you have published a package. Unlike deleting a package, you can restore access to the specified package at a later stage if required.
We provide the ability to quarantine a package in three ways:
- Quarantine via the Website UI.
- Quarantine via the Cloudsmith CLI
- Quarantine via the Cloudsmith API
In the following examples:
|OWNER||Your Cloudsmith account name or organisation name (namespace)|
|REPOSITORY||Your Cloudsmith Repository name (also called "slug")|
|PACKAGE||The unique identifier for a package, see Package Identification for further details|
You can quarantine a package using the quarantine button on the Package Details page, or from the packages view using the Package Actions:
Once you have quarantined a package, the synchronization status will change from "Completed" to "Quarantined".
You can remove a package from quarantine using the restore button on the Package Details page, or from the packages view using the Package Actions:
Quarantine operations via the Cloudsmith CLI are performed using the
cloudsmith quarantine command.
Before you can add or remove a package from quarantine using the CLI, you first need to identify the package. See Package Identification for full instructions on identifying packages.
To quarantine a package, use the command
cloudsmith quarantine add as follows:
cloudsmith quarantine add OWNER/REPOSITORY/PACKAGE
cloudsmith quarantine add demo/examples-repo/IB6FYhIvaoAy
To release a package from quarantine, use the command
cloudsmith quarantine remove|rm|restore as follows:
cloudsmith quarantine remove OWNER/REPOSITORY/PACKAGE
cloudsmith quarantine remove demo/examples-repo/IB6FYhIvaoAy
Please see the Cloudsmith Interactive API Reference for details on the Quarantine Package API endpoint
Updated 8 months ago