Explore the critical topic of Python ecosystem security in this 30-minute PyCon US talk. Discover the extensive work being done to safeguard the vast open-source supply chain, including over 400,000 Python packages on PyPI and numerous scientific libraries on other registries. Learn about the initiatives led by the PSF Security Developer-in-Residence and PyPI Safety & Security Engineer, supported by OpenSSF's Alpha-Omega project and AWS. Gain insights into the security audit of PyPI's codebase and infrastructure, improved security practices, and established metrics for measuring security posture. Understand the best practices for Python library maintainers and users to enhance safety. Whether you're a Python user or part of a company utilizing Python, this talk offers valuable awareness and practical advice for ensuring secure Python usage in your projects and organizations.
Overview
Syllabus
Talks - Cheuk Ting Ho: Making Python safer than ever
Taught by
PyCon US