Bytesafe is a package management platform for a secure code supply chain.
A firewall for dependencies with secure hosting of all your dependencies in private registries. Continuous analysis, monitoring and scanning for potential issues. Read more
Software applications depend on both internal proprietary code as well as open source code developed by others.
Like any other supply chain, all externally sourced code an application uses need to be managed in terms of availability, security, licensing etc to avoid business risks involved.
Private & public packages included in Bytesafe are scanned for changes in composition, security & licenses compliance issues as well as compared to any Policies (rules) set in place.
By continuously monitoring registries users are able to identify issues early and avoid surprises at build time.
A dependency is an external piece of code or package version that is used by your project in some way. It is not uncommon for projects to have 100+ dependencies.
Direct dependencies are package versions specified in a projects configuration files, like
pom.xml. Indirect (or transitive) dependencies are dependencies of direct dependencies.
Access Bytesafe with:
pnpm), Maven clients (
gradle) or NuGet clients (
dotnet) - Work with packages using regular command line tools.
The appropriate tool depends on the use case.
Yes. Public registries can easily be configured as upstreams (linked package sources). Bytesafe even supports proxying multiple upstreams for each registry. To learn more, see the documentation on Upstreams.
Yes. Bytesafe offers unlimited hosted registries for all workspaces. Create as many registries as you wish and connect them into workflows that suit your needs. Need inspiration? See the Use case section of the Bytesafe docs.
Bytesafe offers pre-built integrations for both Slack and GitHub. In addition, Bytesafe can be integrated as a package source / destination for any CI/CD or other service that supports custom package configurations.
Yes, with Bytesafe Policies. Policies are rules that are checked before any registry action is applied. Example include Secure Policy, that only allows package versions without known vulnerabilities in registries.
Yes, with the Vulnerability Scanner Plugin. The plugin scans all packages in a registry to identify any known vulnerabilities from the Bytesafe advisory database. Users are notified in Bytesafe or directly in their Slack channels.
Packages hosted in Bytesafe registries are automatically scanned for license information. This includes package files in addition to the information in
package.json. Identified licenses are displayed in Bytesafe together with any identified license issues. Read more
Yes, with the License Compliance Plugin. Packages in a registry are scanned and compared to the active license policy to identify problematic, unlicensed or non-standard licenses. Users are notified through email, in Bytesafe and directly in their Slack channels.
Bytesafe support is available either via email (email@example.com) or using the chat widget from either this site or from inside Bytesafe.
During sign up you select your desired workspace name and sign up with a user (social login or email). No other information is required. You do not have to provide any payment method or billing information.
Yes. Login to Bytesafe to manage team members and invites.
Yes! Our Developer plan allows you to use a large set of the Bytesafe features for free. Workspaces that require advanced features and more users for collaboration can upgrade to a premium plan without friction. More information about the premium plans can be found on the Pricing page.
Yes, you can cancel at any time. The account remains active until the end of your current billing period, meaning you can still use your account during this period.
After trial, billing is performed at the start of each billing period. Adding users incur an immediate billing for the remaining period.
No. All credit card activity and information is handled by our trusted third-party providers, Chargebee and Stripe.
Yes! However, we will inactivate all but one user and any corresponding security tokens. We recommend you to verify that no service disruptions occurs in your services by manually inactivating users prior a downgrade.
Bytesafe is completely free for individual users and will continue to be so. All accounts automatically activate a free trial of our premium plan on sign up (no credit card required). If you have any questions related to features related to out premium plans, feel free to contact firstname.lastname@example.org.
Yes, we support the community and Bytesafe is provided free of charge for public open source projects! To get a Community account, just sign in to Bytesafe and contact email@example.com with info about your project.
Unless otherwise stated, the Subscription Charges do not include any taxes, levies, duties or similar governmental assessments, including value-added, sales, use or withholding taxes assessable by any local, state, provincial or foreign jurisdiction (collectively “Taxes”).
Yes! Your account will be upgraded to the new plan with attached benefits as soon as payment has been processed. Your account will have the benefits attached to the new plan for as long as payment is provided.
If you’re on a paid plan that doesn’t fit your needs, you can downgrade to a lower tier. You will keep your current features and limits until the next billing cycle. The next bill will reflect your changes.
Prices in different currencies are shown for informational purposes and updated infrequently. Our services are priced and billed in Euro (EUR, €)