MyGet is a Universal Package Manager that integrates with existing source code ecosystems and enables end-to-end package management, including build services, vulnerability scanning, and license compliance. Thousands of development teams around the globe use MyGet to govern and audit the DevOps lifecycle associated with their NuGet, npm, Maven, Bower, PHP Composer, and VSIX packages.
Now, with the ability to proxy external PyPI packages and upload custom Python wheel packages to MyGet private Python repositories, software development teams with Python-based applications can save time and ship updates more quickly, while reducing exposure to the risk of known vulnerabilities, malicious code or improperly licensed components entering their codebase.
“Secure tools that integrate easily with the rest of your CI/CD pipeline, reuse components and build artifacts to save time and energy, and require little overhead to install and maintain are crucial to the adoption of DevOps,” said Robert Warmack, general manager of Assembla. “As the most easy-to-use and secure private package repository platform, MyGet provides a crucial link in the modern DevOps toolchain, and extended support for Python packages makes it significantly easier for Python-based development shops to implement an end-to-end DevOps solution.”
The benefits of MyGet support for Python include:
- Create private feeds for Python wheel packages and upload Python packages for easy distribution across teams and interdependent build pipelines.
- Pull packages into your local development environment with pip.
- Proxy upstream repositories from https://pypi.org or other Python package sources to standardize versions and dependencies across teams accessible with a single URL.
- Easy-to-use retention policies and fine-grain controls over permissions give development teams the power to maintain compliance without additional overhead.
- Built-in vulnerability and license scans make it easy to catch potentially vulnerable or improperly-licensed code before it enters production application stacks.
- Leverage the power of private PyPI repositories without incurring the overhead of additional infrastructure maintenance or technical debt.
- MyGet and MyGet Enterprise environments are run on Microsoft Azure’s high-availability infrastructure and backed up using Microsoft Azure data protection mechanisms.
To learn more about MyGet for Python, visit https://blog.myget.org/post/2019/06/19/python-pypi-packages-on-myget.html.
Secure DevOps starts with secure package management from MyGet. MyGet provides private, hosted NuGet, npm, Bower, Maven, Python, PHP Composer and VSIX packages along with build services, package vulnerability scanning, and license compliance. Launched in 2011, MyGet is used by individuals, teams and enterprise organizations like Microsoft, Johnson Controls, BMW, Siemens, and the .NET Foundation to govern and audit software packages used throughout their applications. To learn more, visit https://www.myget.org/.
Assembla's secure enterprise cloud version control solutions help developers minimize or eliminate vulnerabilities that can be exploited by hackers. From compliance to source code scanning, Assembla is the security-forward choice for developing, managing and shipping amazing software. Founded in 2005, Assembla has more than 5,500 customers across 157 countries, including Deutsche Telekom, Bayer, Kellogg’s, Oracle, Unity, Disney, Apple, Marketo and Salesforce. Assembla is a division of Idera, Inc. To learn more, visit https://www.assembla.com/home.