Python Package Index

The tea Protocol’s Incentivized Testnet Approaches 200K Signups and 500 Open-Source Software Projects in First Week

Retrieved on: 
Tuesday, February 27, 2024

tea's mission is to create a more resilient and sustainable open-source software ecosystem by providing OSS developers rewards for their open source contributions.

Key Points: 
  • tea's mission is to create a more resilient and sustainable open-source software ecosystem by providing OSS developers rewards for their open source contributions.
  • “Web3 has the potential to blend two potent concepts that have been isolated in Web2: open-source software and incentivization structures.
  • The tea Protocol’s Testnet phase is crucial for ensuring a thriving, efficient, and secure network for all participants.
  • The tea Protocol seamlessly bridges Web2 open-source codebases to Web3 to enhance their sustainability and provide fair rewards to open-source developers.

DataStax and LlamaIndex Partner to Make Building RAG Applications Easier than Ever for GenAI Developers

Retrieved on: 
Tuesday, February 20, 2024

LlamaIndex is a framework for ingesting, indexing, and querying data for building generative AI applications and addresses the ingestion pipelines needed for enterprise-ready RAG.

Key Points: 
  • LlamaIndex is a framework for ingesting, indexing, and querying data for building generative AI applications and addresses the ingestion pipelines needed for enterprise-ready RAG.
  • RAGStack with LlamaIndex offers a comprehensive solution tailored to address the challenges encountered by enterprise developers in implementing RAG solutions.
  • “We are excited to be working with DataStax to streamline the implementation process of RAG techniques,” said Jerry Liu, co-founder and CEO of LlamaIndex.
  • “Together, we're reshaping the RAG landscape by offering a simplified journey for not only enterprises but also developers looking to put GenAI applications into production with ease.

ReversingLabs Introduces Spectra Assure To Address the New Era of Software Supply Chain Security

Retrieved on: 
Tuesday, February 13, 2024

CAMBRIDGE, Mass., Feb. 13, 2024 (GLOBE NEWSWIRE) -- ReversingLabs (RL), the trusted authority in software and file security, today announced the release of Spectra Assure best-in-class software supply chain security solution, powered by the industry’s first AI-driven complex binary analysis to uncover material risk.

Key Points: 
  • CAMBRIDGE, Mass., Feb. 13, 2024 (GLOBE NEWSWIRE) -- ReversingLabs (RL), the trusted authority in software and file security, today announced the release of Spectra Assure best-in-class software supply chain security solution, powered by the industry’s first AI-driven complex binary analysis to uncover material risk.
  • Spectra Assure provides unparalleled protection against software supply chain attacks for software producers, as well as providing the necessary critical risk analysis for enterprise software buyers.
  • “The lack of transparency and trust within the global software supply chain has emerged as a critical issue for organizations of all kinds.”
    RL also spotlighted this increase in its recent State of the Software Supply Chain Security 2024 report, revealing that software supply chain threats on open-source alone have increased 1,300% over the last three years.
  • The increase in software supply chain attacks impacts businesses in three critical areas which Spectra Assure addresses head on:
    Critical Asset Protection.

Software Supply Chain Attacks: Regulation and Litigation Increase, as Barriers to Entry Drop

Retrieved on: 
Tuesday, January 16, 2024

The report calls out visibility gaps in the software supply chain; an increase of malware on open source package managers; and continuing problems with leaks of developer secrets, all of which increase risk and exposures in the software supply chain for any organization developing and deploying software.

Key Points: 
  • The report calls out visibility gaps in the software supply chain; an increase of malware on open source package managers; and continuing problems with leaks of developer secrets, all of which increase risk and exposures in the software supply chain for any organization developing and deploying software.
  • The report insights are gleaned from the ReversingLabs Software Supply Chain Security platform and its industry-leading threat repository, containing over 40 billion malware and goodware files.
  • “Over the years, we’ve closely monitored the increase of software supply chain exposures and attacks.
  • For additional insights, attend ReversingLabs The State of Software Supply Chain Security 2024 Webinar on January 31 at 12 pm ET.

Phylum Launches a Threat Feed of Open-Source Malware, Introduces Phylum App for Sumo Logic

Retrieved on: 
Thursday, December 7, 2023

EVERGREEN, Colo., Dec. 7, 2023 /PRNewswire/ -- Phylum, The Software Supply Chain Security Company, today announced the availability of the Phylum Threat Feed and its partnership with Sumo Logic. With the Phylum App for Sumo Logic, users can know if their organization has been impacted by software supply chain risks, including:

Key Points: 
  • Phylum specializes in identifying and mitigating software supply chain attacks, focusing on protecting developers against threats originating from open-source ecosystems.
  • The Phylum Threat Feed provides a curated view of malicious packages that are published into the open-source ecosystem.
  • The feed shows automated, high signal threat data that informs organizations of software supply chain attacks that have been executed as well as indicators of potential future threats.
  • This high-fidelity data is actionable on its own, and can now be consumed in Sumo Logic to enrich other findings.

Tektronix Introduces Open-Source Python-Native Driver Package for Test & Measurement Instrumentation

Retrieved on: 
Tuesday, November 14, 2023

BEAVERTON, Ore., Nov. 14, 2023 /PRNewswire/ -- Tektronix, Inc, a leading provider in test and measurement solutions, today announced the introduction of an open-source Python instrument driver package. Available free of charge, the package provides a native Python user experience for instrument automation. With integration into daily workflows and utilizing it with a preferred Integrated Development Environment (IDE), customers can now experience the power of auto-complete, precise type hinting, comprehensive built-in help, real-time syntax checking and enhanced debugging capabilities, resulting in unparalleled capabilities for seamless instrument automation. The open-source Python driver package is designed to work across a wide range of Tektronix and Keithley devices to facilitate ongoing development and updates, ensuring users in the test and measurement space have access to the latest features and improvements.

Key Points: 
  • The innovative package dramatically improves the test automation user experience, providing seamless instrument control for Tektronix and Keithley customers
    BEAVERTON, Ore., Nov. 14, 2023 /PRNewswire/ -- Tektronix, Inc , a leading provider in test and measurement solutions, today announced the introduction of an open-source Python instrument driver package .
  • The open-source Python driver package is designed to work across a wide range of Tektronix and Keithley devices to facilitate ongoing development and updates, ensuring users in the test and measurement space have access to the latest features and improvements.
  • The driver package, called tm_devices, is now available globally via the Python Package Index (PyPI) at pypi.org/project/tm-devices .)
  • For more details on the tm_devices open-source Python driver package, visit Tek.com .

Sonatype’s 9th Annual State of the Software Supply Chain Report Reveals Ways to Improve Developer, DevSecOps Efficiency

Retrieved on: 
Tuesday, October 3, 2023

DevOps Enterprise Summit - Las Vegas, Oct. 03, 2023 (GLOBE NEWSWIRE) -- Sonatype , the pioneer of software supply chain management, today released its 9th Annual State of the Software Supply Chain Report.

Key Points: 
  • DevOps Enterprise Summit - Las Vegas, Oct. 03, 2023 (GLOBE NEWSWIRE) -- Sonatype , the pioneer of software supply chain management, today released its 9th Annual State of the Software Supply Chain Report.
  • Noteworthy findings in the report include:
    2023 saw twice as many software supply chain attacks as 2019-2022 combined: Sonatype logged 245,032 malicious packages in 2023.
  • The finding demonstrates the importance of constant vigilance from consumers in tracking the health of dependencies over time.
  • This year’s report also analyzed operational supply, demand, and security trends associated with the Java (Maven Central), JavaScript (npmjs), Python (PyPI), and .Net (nuget) ecosystems.

Ably Releases New Python SDK to Enable Realtime Functionality

Retrieved on: 
Tuesday, July 11, 2023

LONDON, July 11, 2023 (GLOBE NEWSWIRE) -- Ably , a Realtime Experience Infrastructure provider, today announced the release of a new Python Realtime SDK component that enables developers to integrate realtime functionality into their Python-based services, such as channel subscription and authentication via tokens.

Key Points: 
  • LONDON, July 11, 2023 (GLOBE NEWSWIRE) -- Ably , a Realtime Experience Infrastructure provider, today announced the release of a new Python Realtime SDK component that enables developers to integrate realtime functionality into their Python-based services, such as channel subscription and authentication via tokens.
  • While the existing Python SDK supports publishing to Ably channels, the new Python Realtime SDK allows developers to subscribe to realtime data through a persistent WebSocket connection with Ably.
  • This is now possible using the Python Realtime SDK to create a persistent connection with Ably.
  • Ably welcomes feedback from developers on their realtime use cases and how the Python SDK can be improved to enhance the user experience.

Mend.io Launches Inaugural Open-Source Reliability Leaderboard

Retrieved on: 
Wednesday, June 28, 2023

TEL AVIV, Israel and BOSTON, June 28, 2023 /PRNewswire/ -- Mend.io, a leader in application security, released findings today from its latest report, the Mend.io Open Source Reliability Leaderboard. Powered by data from Renovate, Mend.io's popular open-source dependency management tool, the Leaderboard presents the top packages in terms of reliability across three of the most widely used languages.

Key Points: 
  • TEL AVIV, Israel and BOSTON, June 28, 2023 /PRNewswire/ -- Mend.io , a leader in application security, released findings today from its latest report, the Mend.io Open Source Reliability Leaderboard.
  • Powered by data from Renovate , Mend.io's popular open-source dependency management tool, the Leaderboard presents the top packages in terms of reliability across three of the most widely used languages.
  • There is no better arbiter of package reliability than Renovate, which has gathered crowd-sourced data on over 25 million dependency updates.
  • By analyzing what packages are consistently releasing good updates, the Leaderboard presents an accurate picture of a package's overall reliability for software engineers trying to balance functional risk with security risk.

KX BRINGS THE POWER AND PERFORMANCE OF KDB+ TO PYTHON DEVELOPERS WITH PYKX

Retrieved on: 
Wednesday, June 7, 2023

Available initially as an open-source distribution on The Python Package Index (PyPI), PyKX gives developers the ability to use the world's most popular programming language to accelerate data, math, and analytics-intensive applications for real-time insights across all Python workloads.

Key Points: 
  • Available initially as an open-source distribution on The Python Package Index (PyPI), PyKX gives developers the ability to use the world's most popular programming language to accelerate data, math, and analytics-intensive applications for real-time insights across all Python workloads.
  • Jonny Press, CTO, Data Intellect: "PyKX is a game changer for enterprises looking to put kdb+ alongside Python for developer and data science teams.
  • We're thrilled to work with KX to grow the kdb developer ecosystem by contributing a native KX Extension in Visual Studio Code — the best-in-class IDE for all developers."
  • PyKX will be available initially on PyPI, a repository of software for the Python programming language with a global community of nearly 700,000 active users.