Skip to main content


world map

Open source software that helps protect the open source supply chain

Pyrsia enables developers to quickly
and easily leverage any package
with confidence and transparency.


Signatures provide non-repudiation allowing developers to know the exact source of the packages they need and rely on.


Planned support for all the repositories developers need (e.g Docker, Conan, Go).


We care about improving the security posture of open source projects and their supply chains that are critical to the global development of software.

Accelerate how you build, share, and
consume open-source packages.


Pyrsia aims to seamlessly integrate with the package managers developers are already using. The day to day impact should be minimal with the default configuration. Advance workflows can easily be enabled.


The combination of an open-source, customizable architecture, and a robust, active community makes Pyrsia the most open way to obtain packages.


Interoperability without foregoing compatibility, security, or efficiency; learn how Pyrsia takes a unique, multifaceted approach to address each of these factors.


Developers are often forced to make tradeoffs between compatibility, security, and efficiency to interact with central repositories. This has led to the creation of bridges, proxies, and other proprietary solutions, all with their own limitations.

Pyrsia takes a unique, transparent approach to address these tradeoffs.


Pyrsia is driven by leading companies in the software industry. As an incubating project of the CD Foundation we are building on decades of experience developing, deploying and securing code pipelines. With companies like JFrog supporting this project, we are leveraging our knowledge of package management, integration with central repositories, and the requirements of building with open-source communities.
Futurewei logo


The open-source supply chain has become a critical element to every technology, from the operating system and browser you are using to the applications and services which we depended on to run our lives. Innovation like NASA Mars Rovers might not have been possible without the open source communities and the powerful technologies they have created.

Yet in recent years this has become a vulnerability that has been exploited to inject malicious malware or virus that infected vast numbers of companies and services. In rare cases it has been highly regarded packages that have been compromised by their authors. What halts developers around the world is the downtime and outages of the central repositories that cripples continuous integration and delivery pipelines.

Pyrsia helps developers empower their app development. We simplify and accelerate development workflows with an integrated dev pipeline and through the distribution of packages. Pyrsia provides unmatched simplicity, agility and choice.