Alongside Npm, Maven and Nuget, Python joins the family of supported ecosystems in Bytesafe.
Python has been one of the most requested ecosystems in Bytesafe and as of now everyone can add Python packages to firewall registries to detect vulnerabilities, license compliance issues and block problematic packages using the Dependency Firewall capability.
New ecosystem: Python packages - PyPI - are now supported in Bytesafe
Python is a widely popular programming language and therefore PyPI packages are also subject to many malicious attacks. Organizations should take preventative measures and get control over what PyPI dependencies they use and what vulnerabilities exist, as well as if the open source licenses are compliant with their internal policies. As seen in our recently launched Advisory database search - there are quite a few PyPI advisories…
Full support in Bytesafe
Bytesafe has full support for Python in all capabilities, which include:
- Dependency Firewall + Policy Engine
- Vulnerability Scanning
- Open Source License Compliance
- SCA - Source Repository Analysis
How to get started adding Python packages to a private Firewall registry?
With Bytesafe developers use the tools they are used to such as pip, poetry, twine etc. To get started you follow the steps below.
- Log in to your Bytesafe Workspace
- Create your first Python Package Dependency Firewall by creating a new PyPI firewall registry (and optionally add an Upstream such as
pypi.org) - Configure
Pipand go ahead and install your packages.
Documentation on Python (PyPi) in Bytesafe
For more details, please go to our documentation.
