Collaborate Disseminate
I’m struggling with some enterprise security guidelines requiring 3rd party libs to be hosted internally. The immediate concern is over our build server connecting to GitHub for package resolution, but we’ve been hitting NuGe… Continue reading Why host third party libs instead of relying on CDN, Nuget, GitHub?
This question already has an answer here:
Which security measures does PyPI and similar third-party software repositories take?
3 answers
I have a Python/Pandas project where I tried to import and call sklearn.model_selection.train_test_split(). It wasn’t working and I went to check if I’m missing some packages in project interpreter. To my surprise, the “sklea… Continue reading IntelliJ PyCharm promiscuously installing packages
I am wondering exactly how safe are the Arch, Ubuntu, Mint and Manjaro repositories. What testing is done to ensure that a trusted user does not place a virus in a package, and how often?
My basic question is this:
When we are using the Linux / Debian apt-get or yum package system, we’re placing a lot of faith in that the packages we’re downloading and installing are secure. For that matter, even downloading Linux images f… Continue reading Is the Linux / Debian software and package-management ecosystem secure?