The expectation of regular software updates – it's what developers are tasked with, and what users expect and demand. Increased functionality, better performance, and fewer bugs – often in a week or less. Automation of critical processes such as QA can help meet the gargantuan task of constant updates, but it can also send your software into a death spiral of user abandonment unless deployed correctly ...
Sonatype announced that its Nexus Firewall will offer support for automated governance of PyPI components before the end of the quarter.
Python development teams using Nexus Firewall will be able to ensure the packages they use meet the highest quality and security standards by:
- Defining and enforcing rules for PyPI component usage
- Analyzing and selectively admitting PyPI components
- Keeping production apps safe from risky components
“In January 2017 alone, 662 million PyPI packages were downloaded from Python.PyPI.org,” said Wayne Jackson, CEO of Sonatype. “Now organizations developing in the Python language can shield themselves from vulnerable components entering their software supply chain at the earliest stage in the development lifecycle by adopting a security-first solution.”