#206: As an application developer, you’re probably used to pulling libraries from Maven Central, PyPI, or npm Registry. Has it ever crossed your mind how secure is this thing that I’m pulling or do you just YOLO so you can get the job done? In this episode, we speak with Stephen Chin, VP of Developer Relations at JFrog, about Pyrsia, an open source project that helps protect the open source supply chain so you can have confidence in the libraries that you use.   Stephen’s contact information: Twitter: https://twitter.com/steveonjava LinkedIn: https://www.linkedin.com/in/steveonjava/   YouTube channel: https://youtube.com/devopsparadox/   Books and Courses: Catalog, Patterns, And Blueprints https://www.devopstoolkitseries.com/posts/catalog/   Review the podcast on Apple Podcasts: https://www.devopsparadox.com/review-podcast/   Slack: https://www.devopsparadox.com/slack/   Connect with us at: https://www.devopsparadox.com/contact/