A common belief within DevOps circles is that automation not only enables greater frequency of delivery and deployment, but improves its overall success rate. Whenever manual intervention is required, the chances of errors creeping in increases. Human error is a significant factor in many an outage, after all ...
Sonatype announced that its Nexus Firewall will offer support for automated governance of PyPI components before the end of the quarter.
Python development teams using Nexus Firewall will be able to ensure the packages they use meet the highest quality and security standards by:
- Defining and enforcing rules for PyPI component usage
- Analyzing and selectively admitting PyPI components
- Keeping production apps safe from risky components
“In January 2017 alone, 662 million PyPI packages were downloaded from Python.PyPI.org,” said Wayne Jackson, CEO of Sonatype. “Now organizations developing in the Python language can shield themselves from vulnerable components entering their software supply chain at the earliest stage in the development lifecycle by adopting a security-first solution.”