Recent Product Updates

October 11, 2021

License Compliance - detailed control over open source licenses

With this release License Compliance in Bytesafe has been reworked and greatly improved, offering fine-grained control over allowed open source licenses for your dependencies.

In fast changing environments, continuous compliance is the only way to make sure you don’t depend on packages with non-compliant licenses. Create license policies to match your unique needs, preventing or allowing open source licenses at every action - according to your list of license rules. Stay in control with in-depth license scanning and prevent use of packages with in-compatible licenses altogether with package quarantine.

September 16, 2021

Added GitHub bot: Link Bytesafe Issues to GitHub issues and pull requests

The existing Bytesafe GitHub integration has been extended to support linking of Bytesafe Issues to GitHub issues and pull requests.

You can link issues on mentions from both Bytesafe and GitHub Issues:

GitHub: include the full URL to a Bytesafe issue in a comment (or pull request).
Bytesafe: include the URL of a GitHub issue in a comment.

July 30, 2021

Added Issue tracking and Quarantine of unwanted packages

Big release that adds Issue tracking and automatic Quarantine of packages surpassing defined threshold levels.

Bytesafe automatically identifies and creates issues with a unique identifier. This improves traceability and visibility of where your attention is required. This is crucial to maintain your registries to understand, evaluate risks and identify remediation actions. Issues in Bytesafe help you get a holistic overview of what issues exist in your registries and which potentially can result negative impact for your applications and business.

Additionally, packages can automatically be quarantined based on your defined rules, protecting applications from exposure from potentially threatening events. Quarantine helps you protect your teams from using bad packages that contain known vulnerabilities, don’t comply with your license compliance or packages that have been deprecated.

June 18, 2021

Added Workspace Notifications

This release adds email and in-app notifications features for the Bytesafe Workspace.

Notifications help users to stay up to date on the latest updates in a workspace such as changes to the users, subscriptions or the account. Users can also be notified of any open issues in Bytesafe.

May 14, 2021

Added Internal flag for packages and registries

Prevent internal packages from being fetched from external upstreams by mistake. Packages flagged as internal will automatically be protected from dependency confusion.

Registries are by default flagged as internal
Package versions published, pushed or uploaded to an internal registry will automatically be flagged as internal
Fetching new versions of internal packages from upstream sources, will only consider upstreams containing internal versions of the same package

April 29, 2021

Added License Block Policy

Update: License Block plugin has been deprecated and replaced with License Compliance.

April 27, 2021

Extended package license information

The open source licenses information available for packages in Bytesafe has been extended, with:

Identification and support for custom or proprietary licenses from package.json metadata
Validation of standardized SPDX licenses
License issues now provide information on the issue origin on hover

March 31, 2021

Bytesafe Dashboards with metrics and completely new design

Big release that adds Dashboards in Bytesafe. All security issues, license issues and other relevant metrics from your registries in one place.

Bytesafe has also been completely redesigned to greatly improve the user experience across all devices.

December 14, 2020

Added package license analysis

The package license information available for packages stored in Bytesafe registries has been extended with package license analysis.

In addition to the licenses defined in package.json, Bytesafe will now scan packages and identify licenses information in other package files as well.

December 2, 2020

Added Block and Allow-only policies

Two new policies have been added to Bytesafe: Block and Allow-only. Both policies are used to enforce control over what packages or package versions are allowed in a registry.

The Block policy prevents specific packages from being added to a registry. Just the opposite, the Allow-only policy is used to only allow specific packages in a registry.

November 19, 2020

Added License scanner plugin

The License scanner plugin scans all packages in a registry and flags potential license issues.

Issues flagged by the scanner are displayed in Bytesafe and notifications will be sent to the configured Slack channels.

November 13, 2020

Bytesafe registries now support Git repository upstreams

Bytesafe now offers support for integration with Git repositories as upstreams to your registries.

This feature allows users to connect private and public Git repositories to Bytesafe as package sources. For the developer this means that node modules can be installed regardless if they are sourced from your private registry, an external npm registry or Git repository.

Bytesafe plugins and policies can also be applied on modules sourced from Git repositories.

November 13, 2020

Bytesafe documentation site is now live!

Bytesafe’s documentation site is now live! This is our resource for technical documentation on how to use Bytesafe.

The documentation will be the default resource to visit for users that have questions on how to use the Bytesafe product and will complement the blog.

September 24, 2020

Added support for read-only tokens

Bytesafe now supports read-only tokens. For example, these can be used in CI/CD pipelines where you only require read access or similar use cases.

September 14, 2020

Added support for the Teams subscription plan

The Teams plan enables teams management, basic access control, Slack integration and full access to all our plugins and policies.

June 24, 2020

Security Scanning features + Slack Integration

The release brings Security Scanning features to Bytesafe registries, by adding a Vulnerability Scanner plugin and three security related policies.

We are also releasing a Slack integration which allows you to be notified when new vulnerabilities are found in your workspace.

April 28, 2020

Release management features: Promote package and Autoincrement Plugin

Two main features of the release related to release management: Promote functionality for package versions as well as Version auto increment plugin has been added.

Promote package, lets you select a existing package version and promote it to a new version (and possible new target registry), removing the need to re-publish from your project and running the risk of including unplanned changes.

April 2, 2020

Deprecated package versions

The npm deprecate command is now supported with Bytesafe registries.

Additionally, deprecate information linked to the package version is now available as output when using npm install and bytesafe push / pull.

Information regarding deprecated package versions is also available in the Bytesafe web application.

March 6, 2020

Windows CLI

Main feature added by the release is a Bytesafe CLI for the Windows OS. Bytesafe CLI is available for download from the CLI page of the Bytesafe documentation.

Release notes:

Added Bytesafe CLI for Windows OS
Added support for npm whoami, ping, audit, logout, token commands
Added support for most common yarn commands
Improved output messages for recursive actions
Extended web user session expire time to improve user experience
Added “how-to” hint to web app for CI/CD tokens

February 21, 2020

Policy & Plugins

We are happy to introduce Policies & Plugins for Bytesafe registries:

Initial support for Policy: Freeze
Initial support for Policy: Immutable Versions
Initial support for Plugin: Forward
Added support for additional npm commands
multiple bug fixes and UI improvements

February 5, 2020

Initial release

The main feature of the initial release is to provide private registry functionality, including:

Support for most common npm commands (for developers)
Support for multiple private registries
Support for upstreams, single or multiple
Teams functionality, invite your team members to collaborate
Upstreams supported: The public npm registry, other Bytesafe registries or other URL to an npm compatible registry
Support for Bytesafe CLI to manage registries

Recent Updates