Cloudsmith Visual Studio Code Extension

Installation

To install the extension, we recommend installing directly from the Visual Studio Code or OpenVSX marketplaces. Open the Extensions view, search for cloudsmith to filter results and select the Cloudsmith extension authored by Cloudsmith.

Connect to Cloudsmith

After installing, to connect to your Cloudsmith instance, you can utilize an API Key, Service Account Token, import from a local Cloudsmith CLI, or Sign in with SSO.

• API Key — Enter your API key directly in the extension settings.
• Service Account Token — Use a service account token for non-interactive authentication.
• CLI Credential Import — Reads API keys from ~/.cloudsmith/config.ini with cross-platform path detection. Auto-detects CLI credentials on extension activation with a prompt to import.
• SSO Sign-in (Experimental) — Browser-based SSO flow gated behind the experimentalSSOBrowser setting.
  • SSO terminal flow opens an integrated terminal to run cloudsmith auth -o {workspace} for interactive SAML/2FA authentication.

Features

Package Explorer

The Cloudsmith extension contributes a dedicated Cloudsmith view to VS Code. The Cloudsmith Explorer lets you browse and manage packages stored within your Cloudsmith assets: workspaces, repositories, and packages.

Show Packages or Package Groups

By default the extension returns individual packages. You can display them as package groups instead.

Package Details

A selection of important fields are available directly under a package. This varies depending on whether you are viewing packages or package groups. This is a subset of the full API response schema for packages and groups. You can inspect a package to obtain the full response.

You can right-click on each detail and copy the value to the clipboard.

Package Fields

• Status
• Format
• Name
• Slug
• Slug Perm
• Version
• Description
• License
• Size
• Number of downloads
• Tags
• Uploaded at date/time
• Checksum (SHA256)
• Repository
• Namespace

Package Group Fields

• Count of packages in group
• Format
• Name
• Version
• Description
• License
• Size
• Number of downloads
• Tags
• Last pushed date/time
• Namespace

Package Context Menus

The right-click menu provides access to the following commands, varying depending on whether you have enabled the package groups setting.

Package Commands

• Inspect package — View the full raw JSON API response for the package.
• Copy Install Command — Copy the installation command for the package to the clipboard.
• Show Install Command - Show the installation command for the package.
• Show vulnerabilities - Open a webview showing the vulnerabilities report for a package.
• View package in Cloudsmith - Open the package page in the Cloudsmith web UI for the configured workspace.
• Promote Package - Promote the package between configured repositories.
• Show Promotion Status - Show the current status of the package promotion request.
• Find safe version - Show possible safe versions of the package within Cloudsmith for quick remediation.

Repository Explorer

Browse all repositories within a workspace. Repositories are displayed as children of their parent workspace. Each repository shows its packages (or package groups) as children.

Workspace Switching

If you have access to multiple workspaces, the explorer lets you switch between them to browse different sets of repositories and packages.

Search & Filtering

• Search packages — Search for packages within a repository using a search query.
• Filter by format — Filter packages by their format type.
• Pagination support for large result sets.

Vulnerability Information

View vulnerability data associated with packages directly in the explorer, including security scan results when available.

Configuration & Settings

The extension exposes several settings under cloudsmith-vsc.*:

Commands

All commands are available via the Command Palette (Cmd+Shift+P):

License

Apache 2.0