DOP 206: Open Source Supply Chain Security With Pyrsia
Show Notes
#206: As an application developer, you’re probably used to pulling libraries from Maven Central, PyPI, or npm Registry. Has it ever crossed your mind how secure is this thing that I’m pulling or do you just YOLO so you can get the job done?
In this episode, we speak with Stephen Chin, VP of Developer Relations at JFrog, about Pyrsia, an open source project that helps protect the open source supply chain so you can have confidence in the libraries that you use.
Share and Download
Guests
Stephen Chin
Stephen Chin is VP of Developer Relations at JFrog, chair of the CDF governing board, member of the CNCF governing board, and author of The Definitive Guide to Modern Client Development, Raspberry Pi with Java, Pro JavaFX Platform, and the upcoming DevOps Tools for Java Developers title from O’Reilly. He has keynoted numerous conferences around the world including swampUP, Devoxx, JNation, JavaOne, Joker, and Open Source India. Stephen is an avid motorcyclist who has done evangelism tours in Europe, Japan, and Brazil, interviewing hackers in their natural habitat. When he is not traveling, he enjoys teaching kids how to do embedded and robot programming together with his teenage daughter.
Hosts
Viktor Farcic
Viktor Farcic is a member of the Google Developer Experts and Docker Captains groups, and published author.
His big passions are DevOps, Containers, Kubernetes, Microservices, Continuous Integration, Delivery and Deployment (CI/CD) and Test-Driven Development (TDD).
He often speaks at community gatherings and conferences.
He has published DevOps Paradox and Test-Driven Java Development.
His random thoughts and tutorials can be found in his blog The DevOps Toolkit.