Monitor performance issues & errors in your code

PyPI Security

Episode #435, published Wed, Oct 25, 2023, recorded Mon, Sep 18, 2023

Do you worry about your developer / data science supply chain safety? All the packages for the Python ecosystem are much of what makes Python awesome. But the are also a bit of an open door to your code and machine. Luckily the PSF is taking this seriously and hired Mike Fiedler as the full time PyPI Safety & Security Engineer (not to be confused with the Security Developer in Residence staffed by Seth Michael Larson). Mike is here to give us the state of the PyPI security and plans for the future.

Watch this episode on YouTube
Play on YouTube
Watch the live stream version

Links from the show

Mike on Twitter: @mikefiedler
Mike on Mastodon:

Supply Chain examples
Google Ad Malware:

OWASP Top 10:
Trusted Publishers:
GitHub Full 2FA:
Mike's Latest Blog Post:
pprintpp package:
Watch this episode on YouTube:
Episode transcripts:

--- Stay in touch with us ---
Subscribe to us on YouTube:
Follow Talk Python on Mastodon: talkpython
Follow Michael on Mastodon: mkennedy

Want to go deeper? Check out our courses

Talk Python's Mastodon Michael Kennedy's Mastodon