Secure, hosted package repository extends build services,
vulnerability scanning, and license compliance to Python development
AUSTIN, Texas–(BUSINESS WIRE)–#CICD–Assembla, (a division of Idera, Inc.), a provider of secure enterprise
cloud version control tools and host of the MyGet package repository,
today announced new MyGet support for Python (PyPI)-built software
packages, extending the capabilities of MyGet to a rapidly growing
market of Python-based development shops. According to recent data,
Python is the second-fastest growing programming language, second only
MyGet is a Universal Package Manager that integrates with existing
source code ecosystems and enables end-to-end package management,
including build services, vulnerability scanning, and license
compliance. Thousands of development teams around the globe use MyGet to
govern and audit the DevOps lifecycle associated with their NuGet, npm,
Maven, Bower, PHP Composer, and VSIX packages.
Now, with the ability to proxy external PyPI packages and upload custom
Python wheel packages to MyGet private Python repositories, software
development teams with Python-based applications can save time and ship
updates more quickly, while reducing exposure to the risk of known
vulnerabilities, malicious code or improperly licensed components
entering their codebase.
“Secure tools that integrate easily with the rest of your CI/CD
pipeline, reuse components and build artifacts to save time and energy,
and require little overhead to install and maintain are crucial to the
adoption of DevOps,” said Robert Warmack, general manager of Assembla.
“As the most easy-to-use and secure private package repository platform,
MyGet provides a crucial link in the modern DevOps toolchain, and
extended support for Python packages makes it significantly easier for
Python-based development shops to implement an end-to-end DevOps
The benefits of MyGet support for Python include:
Create private feeds for Python wheel packages and upload Python
packages for easy distribution across teams and interdependent build
- Pull packages into your local development environment with pip.
Proxy upstream repositories from https://pypi.org
or other Python package sources to standardize versions and
dependencies across teams accessible with a single URL.
Easy-to-use retention policies and fine-grain controls over
permissions give development teams the power to maintain compliance
without additional overhead.
Built-in vulnerability and license scans make it easy to catch
potentially vulnerable or improperly-licensed code before it enters
production application stacks.
Leverage the power of private PyPI repositories without incurring the
overhead of additional infrastructure maintenance or technical debt.
MyGet and MyGet Enterprise environments are run on Microsoft Azure’s
high-availability infrastructure and backed up using Microsoft Azure
data protection mechanisms.
To learn more about MyGet for Python, visit https://blog.myget.org/post/2019/06/19/python-pypi-packages-on-myget.html.
Secure DevOps starts with secure package management from MyGet. MyGet
provides private, hosted NuGet, npm, Bower, Maven, Python, PHP Composer
and VSIX packages along with build services, package vulnerability
scanning, and license compliance. Launched in 2011, MyGet is used by
individuals, teams and enterprise organizations like Microsoft, Johnson
Controls, BMW, Siemens, and the .NET Foundation to govern and audit
software packages used throughout their applications. To learn more,
Assembla’s secure enterprise cloud version control solutions help
developers minimize or eliminate vulnerabilities that can be exploited
by hackers. From compliance to source code scanning, Assembla is the
security-forward choice for developing, managing and shipping amazing
software. Founded in 2005, Assembla has more than 5,500 customers across
157 countries, including Deutsche Telekom, Bayer, Kellogg’s, Oracle,
Unity, Disney, Apple, Marketo and Salesforce. Assembla is a division of
Idera, Inc. To learn more, visit https://www.assembla.com/home.
FOLIO Communications Group, LLC