Glossary

Key terms and definitions used throughout CloudRepo documentation.

API Key: A secure token used for programmatic access to CloudRepo. API keys are preferred over passwords for automation and CI/CD integration.
Artifact: A file produced by a software build process. Examples include JAR files, Python wheels, Docker images, or any compiled binary. Artifacts are the primary content stored in CloudRepo repositories.
Artifactory: JFrog’s artifact repository manager. CloudRepo provides an affordable, managed alternative.
Audit Log: Record of all repository activities. CloudRepo maintains detailed audit logs for compliance.
Blob Store: The underlying storage system for artifacts. CloudRepo manages blob storage automatically.
Build Tool: Software that automates compiling, packaging, and testing code. Examples: Maven, Gradle, pip, npm.
Cache: Temporary storage of downloaded artifacts. Both CloudRepo proxy repositories and clients maintain caches.
CDN: Content Delivery Network - CloudRepo uses a global CDN to ensure fast artifact downloads worldwide.
Checksum: A hash value (MD5, SHA-1, SHA-256) used to verify artifact integrity. CloudRepo automatically calculates and validates checksums.
CI/CD: Continuous Integration/Continuous Deployment - Automated software development practices that CloudRepo integrates with.
Classifier: Additional identifier for Maven artifacts. Used for variants like sources, javadoc, or platform-specific builds.
Coordinate: The unique identifier for an artifact. Format varies by package type (Maven GAV, Python name-version, etc.).
Dependency: An external library or module required by your software. CloudRepo stores and manages dependencies.
Deploy: The process of uploading artifacts to CloudRepo. In Maven: mvn deploy, in Python: twine upload.
Distribution Management: Maven/Gradle configuration for publishing artifacts. Specifies where to upload release and snapshot artifacts.
Downstream: Consumers of artifacts from a repository. Your build processes are downstream from CloudRepo.
Egress: Data transfer out of CloudRepo. Unlike competitors, CloudRepo doesn’t charge for egress (with reasonable limits per plan).
Extension: File type of an artifact (.jar, .war, .pom, .whl, .tar.gz, etc.).
GAV: Acronym for GroupId, ArtifactId, Version - the three components that identify a Maven artifact.
Group Repository: A virtual repository that aggregates multiple repositories under a single URL. Simplifies client configuration by providing a single endpoint for multiple artifact sources.
High Availability: System design ensuring continuous operation. CloudRepo provides built-in HA with automatic failover.
HTTPS: Hypertext Transfer Protocol Secure - All CloudRepo communication uses HTTPS for security.
Immutable: Cannot be changed. Release artifacts in CloudRepo are immutable to ensure reproducible builds.
Index: A catalog of available packages in a repository. Python repositories provide a “simple” index for pip.
LDAP: Lightweight Directory Access Protocol - Enterprise user directory integration with CloudRepo.
License Compliance: Verifying artifact licenses meet organizational requirements. CloudRepo can track license metadata.
Maven Central: The primary public repository for Maven artifacts. Often proxied through CloudRepo for caching.
Maven Coordinates: The combination of groupId, artifactId, and version that uniquely identifies a Maven artifact. Example: com.example:my-app:1.0.0
Metadata: Information about artifacts including version, dependencies, and description. Metadata helps package managers resolve dependencies.
Mutable: Can be updated. Snapshot artifacts are mutable during development.
Namespace: A grouping mechanism for artifacts. In Maven: groupId, in Python: package prefix.
Nexus: Sonatype’s repository manager. CloudRepo offers similar functionality as a fully managed service.
OAuth: Open Authorization - Protocol for secure API authorization without sharing passwords.
On-Premise: Self-hosted software. CloudRepo is SaaS-only, avoiding on-premise complexity.
Organization: Your CloudRepo account representing your company or team. Each organization has a unique identifier used in repository URLs.
Package Manager: Tool for installing and managing software dependencies. Examples: pip for Python, Maven for Java, npm for JavaScript.
Permission: Specific access rights for repositories. Permissions include read (download), write (upload), and admin (manage).
POM: Project Object Model - Maven’s XML file (pom.xml) that contains project information and configuration details.
Proxy Repository: A repository that caches artifacts from external sources like Maven Central or PyPI. Proxy repositories improve build performance and provide resilience against upstream outages.
PyPI: Python Package Index - The official repository for Python packages. CloudRepo can proxy PyPI and host private Python packages.
Registry: Another term for repository, commonly used for Docker and npm.
Release: A stable, versioned artifact intended for production use. Release versions are immutable - once published, they cannot be modified.
Repository: A storage location for artifacts. Repositories can be configured for specific package formats (Maven, Python, etc.) and access levels (private, public).
Repository Layout: The directory structure for storing artifacts. CloudRepo uses standard layouts for each package type.
Repository URL: The HTTPS endpoint for accessing a repository. Format: https://[org-id].cloudrepo.io/repository/[repo-name]
Resolve: The process of downloading dependencies from CloudRepo during builds.
REST API: Representational State Transfer Application Programming Interface - CloudRepo’s programmatic interface for automation.
Retention Policy: Rules for automatically removing old artifacts. Useful for managing storage and cleaning up snapshot versions.
Role: A set of permissions assigned to users. CloudRepo has three default roles: Admin, Developer, and Reader.
SaaS: Software as a Service - CloudRepo’s delivery model, eliminating infrastructure management.
SAML: Security Assertion Markup Language - Standard for SSO integration with CloudRepo.
Semantic Versioning: Version numbering convention: MAJOR.MINOR.PATCH (e.g., 2.1.0). CloudRepo supports but doesn’t enforce SemVer.
Simple Index: Python repository format defined in PEP 503. Used by pip to discover available packages.
SLA: Service Level Agreement - CloudRepo’s commitment to uptime and performance.
Snapshot: A development version of an artifact that can be updated. Snapshots typically have “-SNAPSHOT” suffix and are used during active development.
SSL/TLS: Secure Sockets Layer/Transport Layer Security - Encryption protocols used to secure communication with CloudRepo.
SSO: Single Sign-On - Enterprise feature allowing login via corporate identity provider.
Staging Repository: A temporary repository for validating artifacts before promoting to production repositories.
Transitive Dependency: A dependency of your dependencies. Package managers automatically resolve transitive dependencies from CloudRepo.
Two-Factor Authentication: Additional security requiring password plus verification code. Recommended for CloudRepo admin accounts.
Upstream: The source repository for a proxy repository. For example, Maven Central is upstream to a CloudRepo Maven proxy.
User: An individual with access to CloudRepo. Users can have different roles and permissions for various repositories.
Version: A unique identifier for a specific artifact release. CloudRepo supports semantic versioning and custom schemes.
Virtual Repository: A repository that doesn’t store artifacts but aggregates other repositories. Similar to group repositories.
Vulnerability Scanning: Automated detection of security issues in artifacts. Available as an add-on feature.
Webhook: An HTTP callback triggered by repository events. Webhooks enable integration with external systems and automation workflows.
Wheel: A built distribution format for Python packages (.whl files). Wheels are faster to install than source distributions.