https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/python/Recent content in Chainguard Libraries for Python onHugo -- gohugo.ioen-USWed, 09 Apr 2025 08:04:00 +0000https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/python/overview/Wed, 09 Apr 2025 04:00:00 +0000https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/python/overview/Introduction Chainguard Libraries for Python provides enhanced security for the vast Python ecosystem by rebuilding PyPI packages with comprehensive supply chain protection and automated patching. With over 600,000 packages on the Python Package Index (PyPI) serving application development, machine learning, and data science needs, Chainguard addresses the critical security challenges of depending on packages from untrusted sources by rebuilding them within the controlled Chainguard Factory environment. In addition, Chainguard eliminates security risk by remediating High and Critical vulnerabilities across older package versions where upstream maintainers are not able to prioritize fixes.https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/python/global-configuration/Tue, 25 Mar 2025 08:04:00 +0000https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/python/global-configuration/Python library consumption in a large organization is typically managed by a repository manager. Commonly used repository manager applications are Cloudsmith, JFrog Artifactory, and Sonatype Nexus Repository. The repository manager acts as a single point of access for developers and development tools to retrieve the required libraries. At a high level, adopting the use of Chainguard Libraries consists of the following steps: Add Chainguard Libraries as a remote repository for library retrieval.https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/python/build-configuration/Tue, 25 Mar 2025 08:04:00 +0000https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/python/build-configuration/The configuration for the use of Chainguard Libraries depends on how you’ve set up your build tools and CI/CD workflows. At a high level, adopting the use of Chainguard Libraries in your development, build, and deployment workflows involves the following steps: If you or an administrator have not done so already, set up your organization’s repository manager to use Chainguard Libraries for Python. Log into your organization’s repository manager and retrieve credentials for the build tool you are configuring.https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/python/management/Tue, 25 Mar 2025 08:04:00 +0000https://deploy-preview-3174--ornate-narwhal-088216.netlify.app/chainguard/libraries/python/management/Chainguard Libraries for Python operates transparently after completing the global configuration and build configuration, automatically providing security-enhanced versions of your PyPI dependencies. New packages and versions are retrieved from Chainguard’s hardened repository when available, while PyPI and other configured repositories provide fallback access to ensure continuous development workflow without interruption. The following sections detail optional management, maintenance, and auditing steps on the repository manager and the build tool. Source verification You can verify what artifacts are retrieved from the Chainguard Libraries repository on a global level: