Talk Python To Me - Python Conversations For Passionate Developers

We've spoken previously about security and software supply chains and we are back at it this episode. We're diving in again with Charles Coggins. Charles works at a software supply chain company and is on to give us the insiders and defender's perspective on how to keep our Python apps and infrastructure safe. Episode sponsors Sentry Error Monitoring, Code TALKPYTHON Mailtrap Talk Python Courses Links from the show Pick a Python Lockfile and Improve Security: blog.phylum.io Bad Beat Poetry: blog.phylum.io PEP 665 – A file format to list Python dependencies for reproducibility of an application: peps.python.org PEP 517 – A build-system independent format for source trees: peps.python.org PEP 518 – Specifying Minimum Build System Requirements for Python Projects: peps.python.org Lockfiles should be committed on all projects: classic.yarnpkg.com An Overview of Software Supply Chain Security: tldrsec.com Typosquatting: docs.phylum.io Common Attack Pattern Enumeration and Classification: capec.mitre.org Depend