top | item 42600067 (no title) spencerchubb | 1 year ago companies that actually care about security have a more secure solution and don't allow devs to use pypi discuss order hn newest cjalmeida|1 year ago You’d be surprised by the amount of companies handling critical infrastructure that are OK with using PyPI directly LtWorf|1 year ago He said companies that care, not companies that should care but do not. spencerchubb|1 year ago really depends on the company. my company cares a lot about security because it's a huge fortune 50 company with sensitive data and a lot of reputation could be lost with a security scandal f1shy|1 year ago That is somewhat terrifying f1shy|1 year ago For example we have it behind a kind of transparent proxy, where you get only packages which were tested and scan by a team of experts. davidshepherd7|1 year ago Could you give some examples of more secure solutions? spencerchubb|1 year ago jfrog is the one my company uses load replies (1)
cjalmeida|1 year ago You’d be surprised by the amount of companies handling critical infrastructure that are OK with using PyPI directly LtWorf|1 year ago He said companies that care, not companies that should care but do not. spencerchubb|1 year ago really depends on the company. my company cares a lot about security because it's a huge fortune 50 company with sensitive data and a lot of reputation could be lost with a security scandal f1shy|1 year ago That is somewhat terrifying
spencerchubb|1 year ago really depends on the company. my company cares a lot about security because it's a huge fortune 50 company with sensitive data and a lot of reputation could be lost with a security scandal
f1shy|1 year ago For example we have it behind a kind of transparent proxy, where you get only packages which were tested and scan by a team of experts.
davidshepherd7|1 year ago Could you give some examples of more secure solutions? spencerchubb|1 year ago jfrog is the one my company uses load replies (1)
cjalmeida|1 year ago
LtWorf|1 year ago
spencerchubb|1 year ago
f1shy|1 year ago
f1shy|1 year ago
davidshepherd7|1 year ago
spencerchubb|1 year ago