Block Public Package Registries

When you route package traffic through a private registry, developers can still bypass the setup by pointing their package manager directly at the public registry. Device Protection enforces that all traffic goes through your approved private registry instead.

How it works

Device Protection monitors network traffic on each device. When a request goes directly to a public package registry, it is blocked at the network level before the package is downloaded.

Prerequisites

Aikido Device Protection deployed on developer machines -- see Deploying Device Protection
A private registry configured as your upstream

Configure the block

Go to Device Protection in your Aikido account.
For each ecosystem you want to block turn on the "Block All" toggle under specific ecosystem setting

Last updated 3 days ago

Was this helpful?