artiFACTS is your monthly roundup of new Cloudsmith product releases, industry news, and helpful resources. Thanks as always for checking out what's new in Cloudsmith and see you in 2026 with our next update! 

NEW

Mirror external file structures with the new Generic format

Cloudsmith’s new Generic package format offers a flexible way to upload and manage any file or binary within Cloudsmith. This release includes upstream proxying and caching, enabling teams to fetch assets from external sources that don’t fit into standard package ecosystems.

This brings your custom scripts, installers, and zipped binaries into your managed supply chain, automating ingestion and ensuring that your internal URLs remain consistent with upstream sources.

PRODUCT UPDATES 

What's new in Cloudsmith?

🔊 Public Broadcasts are now generally available

Public Broadcasts make it easier than ever to deliver software to your end users through a branded, trustworthy, and developer-friendly distribution experience. Broadcasts allow you to distribute artifacts directly from your Cloudsmith repositories using a polished, customizable user interface that reflects your brand, integrates with native developer tooling, and provides visibility into how your software is being adopted.

✈️ Support for Maven parallel deployment

Cloudsmith now supports parallel deployment for Maven artifacts. This allows Maven users to upload multiple components concurrently, reducing publish times for large projects and improving CI/CD performance without changes to your existing workflows.

🌇 Timeline to sunset the old documentation site (help.cloudsmith.io)

The legacy documentation site at help.cloudsmith.io will be sunsetted at the end of March 2026. All content is being consolidated into our new documentation experience to provide clearer navigation, faster updates, and a single source of truth. We recommend updating any internal links or bookmarks ahead of the transition.

🔗 New URL structure for repositories on the web app

Cloudsmith repositories on the web app now use a clearer, more consistent URL structure. This update improves readability, aligns URLs more closely with repository ownership and naming, and makes links easier to share, bookmark, and automate against - without changing existing repository behavior.

✅ Multi-select package actions on the web app

Cloudsmith web app now supports multi-select for packages, letting teams apply actions across multiple packages at once. You can copy packages, trigger resyncs, quarantine content, and more - making large-scale repository management faster and more consistent.

One of the best ways to support the Cloudsmith community is by sharing your experience. A quick G2 review helps future users evaluate their options, and if you send us a screenshot of your post, we’ll send you a $50 Amazon gift card as a thank-you.

INDUSTRY ROUND UP 

Resources we think you'll love

🎥 Webinar | How to securely source your LLM models from Hugging Face
Join us to learn the real risks of sourcing open models - from mutable artifacts to unclear provenance - and see how your team can securely manage Hugging Face models using Cloudsmith. A practical watch for anyone deploying LLMs into production environments. Join us February 5th: Register here.

🔥 Hackathon | Hack the AI Stack: Cloudsmith x Chainguard
Join Cloudsmith and Chainguard for a hands-on hackathon where you’ll build and hack a real AI workload on Kubernetes, uncover supply chain risks unique to LLM workloads, and learn how to prevent adversaries from exploiting your workloads. Join us February 24th: Register here.

🙎 Blog | Authenticate to Cloudsmith with your AWS identity
Learn how to authenticate to Cloudsmith using your existing AWS identity. This post walks through reducing credential sprawl, improving security posture, and simplifying access management by integrating Cloudsmith with AWS-native authentication.

🔒 Blog | Secure containers by default with Cloudsmith and Docker hardened images
Explore how Docker hardened images and Cloudsmith work together to help teams ship containers that are secure by default. The post covers trusted base images, controlled distribution, and policy enforcement across container workflows.

🖼️ Blog | Eliminating ambiguity: The case for explicit Docker image paths
Ambiguous image references can introduce real supply chain risk. This article explains why explicit Docker image paths matter and how they improve traceability, security, and confidence in production container deployments.

👩‍🍳 Blog | From ingredient list to control point: SBOM-based component-level security
SBOMs are more than compliance artifacts. This post shows how teams can turn SBOM data into actionable security controls, enabling better visibility, faster response, and more proactive supply chain defense.

🤖 Blog | Securing AI-generated code with Cloudsmith
As AI-generated code becomes more common, so do the risks. This article looks at how Cloudsmith helps teams secure AI-produced dependencies and artifacts with the same rigor applied to human-written code.