Cloudsmith Documentation Hub

Welcome to the Cloudsmith Documentation Hub. You'll find comprehensive guides and documentation to help you start working with Cloudsmith as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Troubleshooting Maven

Q. Maven maintains plain text passwords in settings.xml and credential files. How do we prevent exposure of such passwords?

The Maven tooling chain supports encrypted credentials. You can also use interpolation from environment variables instead so that you don't store them configuration files. We also support authentication by de-privileged entitlement tokens (i.e. read-only specific access) to minimise exposure.

Q. Why does Cloudsmith keep all snapshot versions of a .jar, and not only the last one? Usually, we only want the last version.

Mainly, it is because some people do it one way, and others do it another. Some people utilise or want to keep the chain of snapshots, so the reason we keep them is to facilitate those customers. For others, they'll need to delete them manually (or automatically with a retention policy)

Q. For some reason, my uploaded Maven artifact version was renamed from X.X.X-SNAPSHOT to X.X.X-20190815.205452-1. Can I set it so that it doesn’t rename?

Snapshots are handled differently from release artifacts because there can be many snapshots of the same version, which is why it got renamed. If you uploaded 1.0.0-SNAPSHOT multiple times, it would let you and it would sync as 1.0.0-<DATETIME>-1 , then 1.0.0.-<DATETIME>-2 and so on.

It isn't possible (yet) to disable this behaviour. However, despite what the UI says, you should still be able to refer to your package in dependencies as 1.0.0-SNAPSHOT and it will pick up the latest version of 1.0.0-SNAPSHOT uploaded. This is pretty standard for Maven-based repositories but might come as surprising unless you know about it.

Still Need Help?

Contact us here. We're always happy to help!

Updated about a year ago

Troubleshooting Maven

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.

Cloudsmith is the new standard in Package Management and Software Distribution

With support for all major package formats, you can trust us to manage your software supply chain.

Start My Free Trial Now
Cookie Declaration (Manage Cookies)