Package Quarantine

Package quarantine allows you to temporarily block any downloads of a package until you release the package from quarantine.

This is useful in any case where you wish to remove the ability to access a package that is present in your Cloudsmith repository, for example in a case where a security vulnerability is discovered after you have published a package. Unlike deleting a package, you can restore access to the specified package at a later stage if required.

We provide the ability to quarantine a package in three ways:

  • Quarantine via the Website UI.
  • Quarantine via the Cloudsmith CLI
  • Quarantine via the Cloudsmith API

In the following examples:

Identifier

Description

OWNER

Your Cloudsmith account name or organisation name (namespace)

REPOSITORY

Your Cloudsmith Repository name (also called "slug")

PACKAGE

The unique identifier for a package, see Package Identification for further details


Quarantine via the Website UI

Add to quarantine

You can quarantine a package using the quarantine button on the Package Details page, or from the packages view using the Package Actions:

13131313

Quarantine Button on Package Details

13211321

Quarantine Option in Package Actions

Once you have quarantined a package, the synchronization status will change from "Completed" to "Quarantined".

Release from quarantine

You can remove a package from quarantine using the restore button on the Package Details page, or from the packages view using the Package Actions:

13411341

Restore Button on Package Details

13201320

Quarantine via the Cloudsmith CLI

Quarantine operations via the Cloudsmith CLI are performed using the cloudsmith quarantine command.

Before you can add or remove a package from quarantine using the CLI, you first need to identify the package. See Package Identification for full instructions on identifying packages.

Add to quarantine

To quarantine a package, use the command cloudsmith quarantine add as follows:

cloudsmith quarantine add OWNER/REPOSITORY/PACKAGE

For example:

cloudsmith quarantine add demo/examples-repo/IB6FYhIvaoAy

11061106

CLI add to quarantine

Release from quarantine

To release a package from quarantine, use the command cloudsmith quarantine remove|rm|restore as follows:

cloudsmith quarantine remove OWNER/REPOSITORY/PACKAGE

For example:

cloudsmith quarantine remove demo/examples-repo/IB6FYhIvaoAy

11571157

CLI remove from quarantine


Quarantine via the Cloudsmith API

Please see the Cloudsmith Interactive API Reference for details on the Quarantine Package API endpoint



Did this page help you?

Cloudsmith is the new standard in Package / Artifact Management and Software Distribution

With support for all major package formats, you can trust us to manage your software supply chain.


Start My Free Trial Now
Cookie Declaration (Manage Cookies)