This week we interview Mike Fiedler, the PyPI Safety & Security Engineer at the Python Software Foundation (PSF).

We discuss the importance of security within the Python ecosystem and offering practical advice for Python developers to enhance their security awareness.

Highlights include a deep dive into PyPI security measures, the challenges of securing the Python ecosystem, tips for Python developers, and Mike's journey to his current and previous (DevOps) roles, emphasizing the blend of technical skills and mindset needed to tackle security and solving challenges problems effectively.

Enjoy this episode with Mike Fiedler!

Chapters:
00:00 Show intro
01:20 Intro to audience and stateless testing win
08:24 Transition into PyPI security and current role
17:43 Challenging securing the Python ecosystem
24:48 Tips for Python devs to be more security aware
27:18 PDM ad segment
27:44 Security tips cont'd
33:16 Solving a puzzling problem in production (mindset)
39:40 Psychological safe workplaces / blame vs accountability
44:18 Security trends, how to prepare, and resources
48:05 Books and wrap up

---
Pybites ad segment: apply for Python coaching here: [ Ссылка ]
---

Show links:
- pytest-randomly: [ Ссылка ]
- pytest-socket: [ Ссылка ]
- Brian Okken's pytest content: [ Ссылка ]
- PyPI blog: [ Ссылка ]
- Trusted Publishers: [ Ссылка ]
- 2FA Required for PyPI: [ Ссылка ]
- git annotate: [ Ссылка ]
- Asimov Robot series: [ Ссылка ]
- Silo: [ Ссылка ]
- CPython 3.12.2 is SBOM-ified: [ Ссылка ]
- Trail of Bits blog: [ Ссылка ]
- Fastly blog: [ Ссылка ]
- Disaster recovery for Consul clusters (now this exists!):
[ Ссылка ]
- Bandit: [ Ссылка ]
- Pre-commit: [ Ссылка ]

Reach out to Mike: [ Ссылка ]

свернуть