Recent Updates

  • Home
  • Recent Updates

Added Issue tracking and Quarantine of unwanted packages

Big release that adds Issue tracking and automatic Quarantine of packages surpassing defined threshold levels.

Bytesafe automatically identifies and creates issues with a unique identifier. This improves traceability and visibility of where your attention is required. This is crucial to maintain your registries to understand, evaluate risks and identify remediation actions. Issues in Bytesafe help you get a holistic overview of what issues exist in your registries and which potentially can result negative impact for your applications and business.

Additionally, packages can automatically be quarantined based on your defined rules, protecting applications from exposure from potentially threatening events. Quarantine helps you protect your teams from using bad packages that contain known vulnerabilities, don’t comply with your license compliance or packages that have been deprecated.

Read more

Added Workspace Notifications

This release adds email and in-app notifications features for the Bytesafe Workspace.

Notifications help users to stay up to date on the latest updates in a workspace such as changes to the users, subscriptions or the account. Users can also be notified of any open issues in Bytesafe.

Read more

Added Internal flag for packages and registries

Prevent internal packages from being fetched from external upstreams by mistake. Packages flagged as internal will automatically be protected from dependency confusion.

  • Registries are by default flagged as internal
  • Package versions published, pushed or uploaded to an internal registry will automatically be flagged as internal
  • Fetching new versions of internal packages from upstream sources, will only consider upstreams containing internal versions of the same package

Read more

Added License Block Policy

The License Block policy prevents addition of packages with specific open source licenses to a registry.

This enables registries where specific open source licenses are blocked, ensuring license compliance from problematic licenses.

Read more

Extended package license information

The open source licenses information available for packages in Bytesafe has been extended, with:

  • Identification and support for custom or proprietary licenses from package.json metadata
  • Validation of standardized SPDX licenses
  • License issues now provide information on the issue origin on hover

Read more

Bytesafe Dashboards with metrics and completely new design

Big release that adds Dashboards in Bytesafe. All security issues, license issues and other relevant metrics from your registries in one place.

Bytesafe has also been completely redesigned to greatly improve the user experience across all devices.

Read more

Added package license analysis

The package license information available for packages stored in Bytesafe registries has been extended with package license analysis.

In addition to the licenses defined in package.json, Bytesafe will now scan packages and identify licenses information in other package files as well.

Read more

Added Block and Allow-only policies

Two new policies have been added to Bytesafe: Block and Allow-only. Both policies are used to enforce control over what packages or package versions are allowed in a registry.

The Block policy prevents specific packages from being added to a registry. Just the opposite, the Allow-only policy is used to only allow specific packages in a registry.

Read more

Added License scanner plugin

The License scanner plugin scans all packages in a registry and flags potential license issues.

Issues flagged by the scanner are displayed in Bytesafe and notifications will be sent to the configured Slack channels.

Read more

Bytesafe registries now support Git repository upstreams

Bytesafe now offers support for integration with Git repositories as upstreams to your registries.

This feature allows users to connect private and public Git repositories to Bytesafe as package sources. For the developer this means that node modules can be installed regardless if they are sourced from your private registry, an external npm registry or Git repository.

Bytesafe plugins and policies can also be applied on modules sourced from Git repositories.

Read more

Bytesafe documentation site is now live!

Bytesafe’s documentation site is now live! This is our resource for technical documentation on how to use Bytesafe.

The documentation will be the default resource to visit for users that have questions on how to use the Bytesafe product and will complement the blog.

Read more

Added support for read-only tokens

Bytesafe now supports read-only tokens. For example, these can be used in CI/CD pipelines where you only require read access or similar use cases.

Read more

Added support for the Teams subscription plan

The Teams plan enables teams management, basic access control, Slack integration and full access to all our plugins and policies.

Read more

Security Scanning features + Slack Integration

The release brings Security Scanning features to Bytesafe registries, by adding a Vulnerability Scanner plugin and three security related policies.

We are also releasing a Slack integration which allows you to be notified when new vulnerabilities are found in your workspace.

Read more

Release management features: Promote package and Autoincrement Plugin

Two main features of the release related to release management: Promote functionality for package versions as well as Version auto increment plugin has been added.

Promote package, lets you select a existing package version and promote it to a new version (and possible new target registry), removing the need to re-publish from your project and running the risk of including unplanned changes.

Read more

Deprecated package versions

The npm deprecate command is now supported with Bytesafe registries.

Additionally, deprecate information linked to the package version is now available as output when using npm install and bytesafe push / pull.

Information regarding deprecated package versions is also available in the Bytesafe web application.

Read more

Windows CLI

Main feature added by the release is a Bytesafe CLI for the Windows OS. Bytesafe CLI is available for download from the CLI page of the Bytesafe documentation.

Release notes:

  • Added Bytesafe CLI for Windows OS
  • Added support for npm whoami, ping, audit, logout, token commands
  • Added support for most common yarn commands
  • Improved output messages for recursive actions
  • Extended web user session expire time to improve user experience
  • Added “how-to” hint to web app for CI/CD tokens

Read more

Policy & Plugins

We are happy to introduce Policies & Plugins for Bytesafe registries:

  • Initial support for Policy: Freeze
  • Initial support for Policy: Immutable Versions
  • Initial support for Plugin: Forward
  • Added support for additional npm commands
  • multiple bug fixes and UI improvements

Read more

Initial release

The main feature of the initial release is to provide private registry functionality, including:

  • Support for most common npm commands (for developers)
  • Support for multiple private registries
  • Support for upstreams, single or multiple
  • Teams functionality, invite your team members to collaborate
  • Upstreams supported: The public npm registry, other Bytesafe registries or other URL to an npm compatible registry
  • Support for Bytesafe CLI to manage registries

Read more