Using a private registry is easy
Get started with Bytesafe
1. Create your workspace
The Bytesafe workspace is where you store your data and manage your team. It contains all your registries, packages and configurations. It provides a unique URL to access Bytesafe, such as workspace.bytesafe.dev
.
A workspace can contain any number of registries. Each registry is unique. Create your own or use the predefined one.
- Claim your own custom and unique namespace
2. Access Bytesafe with the tools of your choice
Add access to Bytesafe from your regular clients, like npm
/ yarn
/ pnpm
/ nuget
, build tools mvn
/ gradle
or even IDE’s like Visual Studio
.
Add the registry URL and access token to your configuration. Simple as that!
- Easy and secure integration with the tools you use.
3. Add open source dependencies or publish private packages
Install, publish or restore your project dependencies using your Bytesafe registry.
Versions not available directly in Bytesafe are proxied from upstreams like Npmjs
, Maven Central
or NuGet Gallery
.
- Add all your packages. Instantly available in Bytesafe.
Done! Your are now in control of your supply chain
A firewall for all your dependencies, private and public, across all your projects.
Know and control the packages you depend on, their dependents and from what sources. Quality and deterministic results for all team members, all the time!
- One secure source for your organizations dependencies!
After packages are added to Bytesafe
Know and secure your supply chain
Adding your packages to Bytesafe allows you to know the true extent of the dependencies you are using. Continuously monitor your dependencies, don't rely on point-in-time scans. Identify and get notified of any issues - stay up to date with your registries!
Identify and remediate vulnerabilities
Automatically scan dependencies for potential threats. Users can opt-in to automatically quarantine undesirable packages - before they enter their environment.
Versions are scanned as they are added, no need to wait for point in time scans during the build chain. Get notified directly on any issues found.
- Shift left - use Bytesafe for all your teams. Find and fix issues early
- Track and remediate security issues through their lifecycle
Identify open source licenses
All packages added to Bytesafe are scanned for OSS licenses. License information is displayed both aggregated and for individual packages.
The License scanner plugin notifies you on unlicensed or non-standard licenses in the packages you use.
- Instant overview of the open source licenses you use
- Scans all package files - not only
package.json
Information made available to everyone
With Bytesafe the responsibility for package dependencies are no longer locked to developers alone.
Identify key metrics & issues, track recent activity, risk exposure and trends. Turn secure management of dependencies into a team effort - for business stakeholders too!
- Reduce noise - access the metrics you need with Dashboards
Make the most out of Bytesafe
Adaptable registries - to your needs
Bytesafe is customizable and suitable for all types of users. Regardless if you need a single registry for your private packages or require a network of registries for your organization and 3rd party partners. Don't let yourself be restricted to single registries, create what you need for your current use case instead!
Create a registry setup that matches your organization
Upstreams are linked registries. Package versions can be pulled from an upstream down into a registry. Packages can also be pushed from registries to upstreams.
Create as many registries as you require and connect the package flow using upstreams!
- Connect registries to other external or internal sources
- Proxy public packages and cache them in Bytesafe
Make plugins and policies do the work for you
Each registry supports a unique set of policies and plugins that can automate package workflow and limit actions for the registry contents.
Avoid dependency confusion by creating firewall registries and blocking internal packages from being fetched from external sources. Automate publish to public registries and token management. Freeze registries completely. All according to your needs!
- Create rules to block, limit or allow actions with Policies
- Let Bytesafe perform actions for you with Plugins
One package source for all parts of the software development cycle
Managing packages in Bytesafe enables deterministic results for every part of the DevOps cycle.
Prepare curated registries and make sure the same package versions are available for all stages of development, test, build and deployment.
- Dependable package installs - don’t spend time troubleshooting dependencies
- Reduce risks of untested code being released into production environments
- Recreate a specific state or release - archive and freeze sets of dependencies