|
|
|
|
|
|
by CloseChoice
303 days ago
|
|
|
Does anyone have insights how this compares to anaconda's approach? To me both seem very similar, ux <-> conda, pyx <-> conda-forge. Sure, astral's products are remarkable and widely loved, but I would like to understand if there's a USP beyond that? |
|
|
They did say they want their thing to have understanding of the code, so maybe they’ll sell semgrep-like features and SBOM/compliance on top. Semgrep is ok popular, but if it maybe bundled into something else (like the package registry itself) that might get enough people over the line to buy it.
Private registries and “supply chain security” tools individually aren’t the hottest market, but maybe together the bundle could provide enough value. Let’s see how it goes.