Oct 17, 2018 | announcements
packagecloud is changing the way certain older repositories have their metadata signed with GPG keys. Only a small set of repositories on packagecloud with Debian and RPM packages are affected. All other repositories do not need migration. Any unmigrated repositories will be automatically migrated by our system on January 7, 2019. You can see...
Feb 26, 2018 | announcements
We’re excited to announce the release of our on-premises software packagecloud:enterprise 2.0! This new release includes a complete UI makeover, numerous performance improvements, support for Node.js packages and NPM registries, improved support for Android packages and much, much more. packagecloud:enterprise is run and managed by you, on your existing infrastructure, within your existing security...
Feb 21, 2018 | debian-guide
This blog post takes a closer look at some attacks against APT repositories outlined in the academic paper A Look In the Mirror: Attacks on Package Managers and how they apply to recent versions of APT software. It is a common misconception that simply signing your packages and repository metadata with GPG is enough...
Jan 24, 2018 | npm-guide
This blog post dives in to the NPM registry metadata format and core APIs. We’ll cover the different metadata files that make up an NPM registry, what the files mean, and show how a user can inspect metadata using command lines tools. What is an NPM registry? An NPM registry is a collection of...
Jan 11, 2018 | npm-howto
This post outlines how to inspect the registry information of an NPM package using the npm view command, download an NPM package directly from a registry using the npm pack command, and extract the contents of the package tarball.
Dec 27, 2017 | announcements
We are thrilled to announce that you can now upload Node.js packages to your packagecloud repositories! You can upload using npm publish, the packagecloud CLI or the packagecloud API. The NPM registry support added to packagecloud includes support for scoped Node.JS packages and the Yarn package manager right out of the box, with no...
Jun 8, 2017 | announcements
You can now upload package signing GPG keys to packagecloud.io! Adding package signing keys will cause them to be automatically installed and prepared for use by users of your repositories. Your users will benefit from this feature because the package management system will now verify GPG signatures on the packages themselves using keys that...
Apr 28, 2017 | talks-and-slides
These are the slides from Joe Damato’s talks at the Great Indian Developer Summit 2017 (GIDS 2017) titled: “Infrastructure as code might be literally impossible” and “All your network monitoring is (probably) wrong”. The talks cover: C, assembly, package managers, puppet, chef, scary stories, network monitoring, Linux and more!
Apr 21, 2017 | talks-and-slides
These are the slides from Joe Damato’s talk at Deconstruct 2017, titled “All programmers must learn C and Assembly.” This talk covers: C, assembly, system calls, operating systems, kernels, and more! Video Once Deconstruct posts videos, we’ll update this blog post! Slides
Mar 26, 2017 | maven-howto
This post will detail how to setup a private Maven repository in order to easily share Java, Scala, Clojure, and Android libraries with internal teams. Our example will use Jenkins CI to push an example library that will be used by an internal using Maven and an external team using Gradle. Overview As microservice...
Mar 23, 2017 | debian-howto
This blog post will explain the steps needed for creating a Debian APT repository using command line tools. Quick start The fastest, easiest, and most secure way to create a Debian repository is to sign up at packagecloud.io. You will take advantage of numerous features like SSL and consistent APT repositories without needing to...
Mar 17, 2017 | python-howto
This post covers how to extract and list the contents of python eggs and python wheels on the command line. Extract python egg A python egg is a simple Zip file, so you can extract it using any program that reads Zip files: $ unzip /path/to/file.egg NOTE: You may need to rename the file...
Mar 15, 2017 | java-howto
This post covers how to extract and list the contents of JAR files using the command line. Extract JAR file $ jar xvf /path/to/file.jar Easy to use Maven repositories, free. Sign up! Extract JAR file without jar command line tool JAR files are Zip files but with a different name. You can use any...
Mar 14, 2017 | maven-howto
In this blog post, we’ll examine the UseLinuxPosixThreadCPUClocks command line flag to the JVM. Starting in a patch update of the Sun JVM 1.6, the default value of this switch was changed to true, yielding a nice performance boost, roughly 10x in our test. Users of more recent JVMs get this behavior by default,...
Mar 9, 2017 | maven-guide
Similar to our APT Repository Internals and YUM Repository Internals posts, this post aims to illustrate the inner workings of a Maven repository. Read on if you have ever been curious as to how mvn compile figures out which dependencies to download and how to retrieve them in order to build your project.
Mar 8, 2017 | linux
This blog post dives into an interesting finding: two frequently used system calls (gettimeofday, clock_gettime) are much slower on AWS EC2. Linux provides a mechanism for speeding up those two frequently used system calls by implementing the system call code in userland and avoiding the switch to the kernel entirely. This is done via...
Mar 6, 2017 | linux
This blog post is a followup on our previous post How setting the TZ environment variable avoids thousands of system calls. In this post, we’ll explore a particularly prominent case where a micro-optimization (like removing a system call in a hot path) had a drastic effect on software performance.
Feb 22, 2017 | announcements
You can now upload your Android projects (AAR files) to packagecloud.io! Easily share them publicly or privately. Read on to find out the different ways to upload, download, and depend on AAR files. How to upload AAR files There are various ways to upload your Android project files to packagecloud.io. You can use Gradle/Maven...
Feb 21, 2017 | linux
This blog post explains how setting an environment variable can save thousands (or in some cases, tens of thousands) of unnecessary system calls that can be generated by glibc over small periods of time. This has been tested on Ubuntu Precise (12.04) and Ubuntu Xenial (16.04). It likely applies to other flavors of Linux,...
Feb 6, 2017 | linux
This blog post explains how computers running the Linux kernel send packets, as well as how to monitor and tune each component of the networking stack as packets flow from user programs to network hardware.
Jan 17, 2017 | python-howto
This post will go through the steps needed to implement an automated software pipeline for Python packages. On every tagged commit pushed to Github, Travis CI will automatically build this project and push it to packagecloud.
Dec 15, 2016 | debian-howto
This post goes over the creation of a debian package containing shell scripts using dh_make and debuild. Starting from structuring the packaging directory to building the final debian package, this tutorial covers the process of creating a debian package with just a few simple steps.
Nov 21, 2016 | announcements
We’re excited to announce that we’ve added support for package promotion, which allows repository owners and collaborators to easily move packages between repositories! This feature can be used via the package promote API or via the package_cloud command line tool.
Nov 14, 2016 | maven-howto
In this post we’ll go over setting up the popular mitmproxy tool on an external host and configuring your Java programs to proxy traffic through it, allowing you to debug misbehaving HTTP clients and libraries.
Oct 17, 2016 | announcements
Summary We’re excited to announce that we’ve added official support for zypper, the package manager that is widely used on openSUSE and SUSE Enterprise Linux Server (SLES)! Create a package repository in less than 10 seconds, free. Sign up! Uploading packages To upload a package for openSUSE or SLES you can either upload via our...
Oct 17, 2016 | debian-howto
Summary We’re excited to announce that we’ve backported APT 1.2.10 to Ubuntu Trusty (14.04) and Ubuntu Precise (12.04)! This version of APT includes a new feature called Acquire-by-hash which completely eliminates the “Hash sum mismatch” errors. You can read more about this APT feature on our blog. Create an APT repository in less than 10...
Oct 11, 2016 | linux
This blog post expands on our previous blog post Monitoring and Tuning the Linux Networking Stack: Receiving Data with a series of diagrams aimed to help readers form a more clear picture of how the Linux network stack works. Create a package repository in less than 10 seconds, free. Sign up! There are no...
Sep 28, 2016 | talks-and-slides
These are the the slides from Joe Damato’s keynote at Automacon 2016, titled “Infrastructure as code might be literally impossible part 2”. This talk covers: package managers, ssl, linux, scary stories, and more! Slides
Sep 27, 2016 | announcements
The APT repository metadata format is inherently racy. This bug makes it impossible to guarantee that: Frequently updated APT repositories will remain consistent for users Mirrors of APT repositories will be consistent A new feature has been added to APT 1.2.0 and newer to prevent this race condition. Support for this feature has been...
Aug 22, 2016 | announcements
You can now deploy your Scala packages directly from SBT to your packagecloud repositories (including SNAPSHOT versions)! Also, we’ve released support for deployment JARs, also known as “fatjars” or “uberjars” to the packagecloud CLI! Read on to find out how to take advantage of these new features.
Aug 18, 2016 | announcements
IPv6 APT, YUM, PyPI, RubyGem and Maven package repositories We are pleased to announce that IPv6 support for packagecloud has now entered public beta! The changes have been rolled out site-wide. The website, all package repositories, and all API endpoints are now accessible with both IPv4 and IPv6. No changes are necessary for our users;...
Jul 7, 2016 | announcements
packagecloud now fully supports public and private maven2 repositories! Deploy releases and SNAPSHOTs right from your favorite build tool: Maven, Gradle, or Leiningen!
Jun 29, 2016 | talks-and-slides
These are the slides from Joe Damato’s talk at Monitorama 2016 titled “All Your Networking Monitoring is (probably) Wrong”. This talk covers: parts of the Linux kernel, networking, and some tips and tricks for understanding and gathering network monitoring statistics.
Jun 22, 2016 | linux
This blog post explains how computers running the Linux kernel receive packets, as well as how to monitor and tune each component of the networking stack as packets flow from the network toward userland programs. UPDATE We’ve released the counterpart to this post: Monitoring and Tuning the Linux Networking Stack: Sending Data. UPDATE Take...
- Page: 1 of 3 Next