Sonatype announced that its Nexus Firewall will offer support for automated governance of PyPI components before the end of the quarter.
Python development teams using Nexus Firewall will be able to ensure the packages they use meet the highest quality and security standards by:
- Defining and enforcing rules for PyPI component usage
- Analyzing and selectively admitting PyPI components
- Keeping production apps safe from risky components
“In January 2017 alone, 662 million PyPI packages were downloaded from Python.PyPI.org,” said Wayne Jackson, CEO of Sonatype. “Now organizations developing in the Python language can shield themselves from vulnerable components entering their software supply chain at the earliest stage in the development lifecycle by adopting a security-first solution.”