Home » Misc » Best baby food pouch system

Best baby food pouch system


7 Best Reusable Baby Food Pouches (2022 Reviews)

Reusable baby food pouches make it easy to feed your baby all your homemade baby food goodness at home and on the go. But we’ve learned the hard way that some pouches do a better job than others.

You don’t want pouches that leak or are hard to fill. And you definitely want your pouches to be easy to clean to prevent mold and bacteria build-up.

As baby-food-making mamas ourselves, we’ve tried enough of these pouches and listened to the reviews of other parents to figure out which pouches are the most convenient. We’ve compiled this list of the seven best reusable baby food pouches so you can make feeding time easier for everyone and continue to feed your baby your homemade baby food when you’re on the go.

Our Top Picks

We love honesty! Mom Loves Best earns a commission through the following hand-picked links at no extra cost to you.

Image

Model

Product Comparison Table

Features

Clear Winners

Healthy Planet Pouches

  • Environmentally friendly & recyclable
  • Transparent
  • Comes with an extra lids

Check Price

High Quality Must Have

Squeasy Snacker Pouch

  • Waterproof and leakproof
  • Made of very flexible material
  • Can be easily washed

Check Price

Best Silicone Pouch

Haakaa Yummy Pouch

  • Super durable
  • Variable-flow opening
  • Free of toxins and microplastics

Check Price

Great for Older Kids

Squooshi Large

  • Chemical free
  • Larger than other pouches
  • Used for multiple ages

Check Price

Easy to Clean

WeeSprout Food Pouch

  • Easy to clean
  • Eco-friendly
  • No pesky corners to trap food

Check Price

Bulk Option

Baby Brezza Pouches

  • Freezer safe
  • BPA-, phthalate-, and lead-free
  • Filling funnel included

Check Price

Cutest Designs

ChooMee Food Pouch

  • 5-ounce capacity
  • Reusable
  • Can be stored in freezer

Check Price

Table of Contents

  • Our Top Picks
  • The Best Reusable Food Pouches of 2022
  • What are Reusable Baby Food Pouches?
  • Why Do I Need Reusable Baby Food Pouches?
  • How to Choose Baby Food Pouches
  • How Many Reusable Food Pouches Do I Need?
  • How to Clean Reusable Baby Food Pouches
  • The Bottom Line

The Best Reusable Food Pouches of 2022

Here are seven great reusable baby food pouches to consider.

1. Healthy Planet Clear Reusable Food Pouches

Clear Winners

Check Price

These pouches are transparent on one side so you can see how much food is left and verify that it still looks fresh when you take it out of the fridge.

The bottoms open completely to clean them, and the leakproof dual zipper helps prevent messes. If you’re like most moms, the last thing you need is another mess on your hands.

They’re freezer and dishwasher safe and completely recyclable once your little one doesn’t need them anymore. They also come in two sizes to ensure you get the perfect capacity to match your little one’s appetite.

Pros
  • Environmentally friendly and recyclable.
  • They’re transparent.
  • They come with extra lids.
Cons
  • The lids are not attached, so they can get lost.
  • Your child will outgrow the smaller ones quickly.

2. Squeasy Snacker Silicone Baby Food Food Pouch

High Quality Must Have

Check Price

This pouch is made of food-grade silicone that fills from a wide-mouth top, so it can even be filled with liquid and not spill. The bottle-shaped design stands on its own, no matter how empty it is, and comes in three sizes and colors to suit all tastes and appetites. It also has a spillproof insert for extra protection for liquids.

It can be turned completely inside out for washing and popped in the dishwasher if you’d rather not hand wash.

And because it’s made of silicone, it will last longer than some of the other reusable food pouches. Not having to replace your baby’s food pouch as frequently might make you feel better about the money you’re spending.

Pros
  • Waterproof and leakproof.
  • It’s made of very flexible material.
  • You can easily wash it.
Cons
  • More expensive than other brands.
  • You only get one per pack, so you’ll likely have to buy multiples.

3. Haakaa Yummy Squeezable Food Pouch

Best Silicone Pouch

Check Price

This kit includes two 4.4 ounce silicone pouches.  The neutral design is great for kids of all ages, and because it’s made of durable silicone, it will outlast even the best plastic reusable food pouches.

To fill the pouches, you untwist and remove the spout, so you won’t have to worry about messy leaks from the bottom of the pouch when in use. The spout is only activated by sucking, making these a fully spillproof design and ensuring little ones won’t squeeze too much into their mouth.

These pouches can be cleaned in the dishwasher, sanitized in boiling water, and stored in the freezer with no ill effects on the silicone.

The design enables them to stand upright when filled, and you can add a straw to help your little one suck up every last drop of homemade goodness.

Pros
  • Super-durable silicone pouches.
  • Variable flow opening allows little ones to feed at their own speed.
  • Free of toxins and microplastics.
Cons
  • It can be hard to clean food out of the bottom creases.
  • They have a plastic smell upon unboxing.

4. Squooshi Reusable Baby Food Pouch

Great for Older Kids

View on Amazon

View on Squooshi

These food pouches are gender-neutral with a versatile design, so they can be used for either babies or older children, boys or girls. They come in a larger size, 5 ounces, for bigger appetites, and the solid, leakproof zippered opening on the bottom helps prevent messes.

They’re made without BPA, PVC, lead, or phthalates and have a rounded bottom so food particles cannot be trapped in the corners.

This is one of the best options if you want to use your reusable food pouches to send things like smoothies in your older child’s lunch box, allowing you to get even more use out of them.

Pros
  • They’re free of harmful chemicals.
  • They are larger than many other pouches.
  • They can be used for multiple ages.
Cons
  • Big for smaller toddlers.
  • Some users complained they are hard to clean.

5. WeeSprout Double Zipper Baby Food Pouch

Easy to Clean

View on Amazon

View on Walmart

View on Weesprout

One of the biggest complaints about reusable food pouches is that food can get stuck inside them, making them hard to clean. Not only is this annoying, but it can cause dangerous bacteria to grow. Use these double zippered pouches by WeeSprout to ensure your baby gets fresh, safe food every time.

Simply open the extra-wide bottom zipper, and turn on your faucet. Water flows through the zipper opening and out the spout. With a rounded design, there are no pesky corners to trap food.

Plus, these pouches are dishwasher safe. The backs of the pouches are transparent, so you can see how much food remains in the pouch and have a better idea if they’re fully clean after washing.

They’re a good choice for eco-friendly moms too. All the packaging and the pouches themselves are recyclable. You’ll also feel good knowing there aren’t any chemicals in the materials.

Each pack includes six pouches that hold five ounces of baby food.

Pros
  • Super large opening on the bottom makes them easy to clean.
  • Eco-friendly and chemical-free.
  • There are no pesky corners to trap food.
Cons
  • They’re a little smaller and won’t hold as much as other pouches.

6. Baby Brezza Baby Food Storage Pouches

Bulk Option

Check Price

This package gives you 10 reusable baby food pouches so you can freeze your food directly in the pouches for later use instead of having to transfer it from a storage container. Each pouch has a clearly-marked max fill line and a double zipper to prevent leaks and spills.

These pouches can be cleaned easily — water can run straight through — and the corners are rounded to prevent food particles from getting stuck. They’re even dishwasher safe if you’d rather not hand-wash your pouches.

There’s a handy peek-a-boo window on the side so you can see how much food is remaining. You may also use food labels and attach it to your pouch with your child’s name, food, and date for maximum safety.

Pros
  • They’re freezer safe.
  • BPA-, phthalate-, and lead-free.
  • You get a large package of pouches.
  • Filling funnel included.
Cons
  • May need to purchase baby food labels.
  • Will probably require immediate cleaning to prevent the food residue from sticking to the pouch.

7. ChooMee Reusable Baby Food Pouch

The Perfect Try-it-and-See Pack

Check Price

If you’re unsure if reusable storage pouches are suitable for you, you don’t want to go “all in” right away. This petite 4-pack gives you the perfect opportunity to try them out and see whether you want to start building a larger collection.

The cute, colorful designs will grab the interest of your little one, and the 5-ounce capacity is a versatile size that will work for both younger or older babies.

They can be washed on the top rack of the dishwasher and tossed in the freezer for longer-term food storage. They also have a window at the top to see the quality and quantity of the food remaining.

If you have a younger baby, you can buy a silicone spout separately to cover the hard spout.

Pros
  • They’re cute.
  • They hold 5 ounces of food.
  • The bottom opens completely for easy cleaning.
Cons
  • The silicone spout is sold separately, making it an extra expense.
  • There are only four in a package.

What are Reusable Baby Food Pouches?

Reusable baby food pouches are food storage containers that resemble the popular, squishy, single-use baby food pouches with twist-off caps available at most grocery stores. This pouch-style design is a newer innovation compared to the more traditional glass baby food jars.

Reusable baby food pouches typically have a spout on one end for releasing the food and a zippered enclosure on the other end for filling the container.

Why Do I Need Reusable Baby Food Pouches?

  • They’re convenient: Because of their squeeze-and-suck design, pouches make it easy for babies to self-feed. This makes them ideal for on-the-go situations or when mom doesn’t have time to sit down and feed the baby.
  • They’re economical: Disposable pouches of baby food can cost upwards of $2 each. Glass jars can run around $1. If you buy organic baby food, the prices jump even higher. You can make your own baby food for pennies, spoon it into a reusable baby food pouch, and — voila! — instant savings.
  • They’re healthier: When you make baby food at home and serve it in a reusable baby food pouch, you control the quality of ingredients and the sugar content of the final product. You ensure that you’re only giving your baby your best.
  • They’re less messy: If your baby is self-feeding, they can pop the spout of the pouch in their mouth and feed themselves with minimal mess. If you’re feeding them with a baby spoon, it’s also less messy to squeeze the puree onto the spoon instead of dipping it in a jar where the handle may get food on it and make a mess.
  • They’re environmentally friendly: One of the major drawbacks of the baby food pouch craze is that they’re not recyclable like the old glass baby food jars (1). Reusable baby food pouches give you the best of both worlds — the feeding convenience of a pouch without all the waste.

In Summary

Reusable pouches are not just for moms who make their own baby food. You can spoon puree from a traditional glass baby food jar into a reusable pouch to instantly transform it into a convenient on-the-go meal babies can feed themselves.

How to Choose Baby Food Pouches

  • Size: Know the volume your baby eats, and buy a pouch that corresponds or is a little larger. You can always fill it with less food, but if you overfill it and your baby does not eat the whole container, you’ll need to toss out the leftovers, which is wasteful.
  • Material: Choose a container made of a material free of BPA, PVC, and phthalates as they’ve been linked to cancer and hormone disruption.
  • Easy to Clean: Choose a pouch that’s easy to clean. Rounded corners are less likely to retain small food particles than sharp, square corners.

How Many Reusable Food Pouches Do I Need?

The number of baby food pouches you need will vary based on your frequency of use and how willing you are to wash them regularly.

It will also depend on whether or not you plan to use them for food storage or eating.

Some mothers like to make a full batch of baby food and fill the pouches directly, tossing them in the freezer and having them available at a moment’s notice. Others make and store their baby food separately, filling the pouches as needed.

The good news is that most reusable baby food pouches come with several in a pack. However, if you plan to use them to store food, you may need to buy extra.

How to Clean Reusable Baby Food Pouches

While convenient to use, food pouches can be a bit cumbersome to clean. Follow the manufacturer’s guidelines, but cleaning for most is pretty standard:

  1. Remove the top or open the spout.
  2. Open the bottom zipper.
  3. Wash with warm, soapy water until all residue is removed.

The Bottom Line

Our top pick is the Healthy Planet Reusable Pouch. They come in two sizes, so you can choose the perfect size for your baby’s appetite. They are free of harmful chemicals and are transparent, so you can see the quality and cleanliness of the inside of your pouch.

Plus, they’re recyclable, so when you’re done with them, you don’t have to feel guilty about tossing them in the trash.

Self-feeding is fun, but it doesn’t have to be messy. And it also doesn’t have to come at the expense of the environment. Reusable pouches are great for your little one’s nutrition, good for the environment, and encourage your child’s independence.

Feedback: Was This Article Helpful?

Thank You For Your Feedback!

Thank You For Your Feedback!

What Did You Like?

What Went Wrong?

50 Best Baby Food Pouches [2022]

The Best Baby Food Pouches 2022

Life as a parent is busy and unpredictable. And prepping and cooking ALL the meals is a tall—read: impossible—order. (Like, we knew we were going to love our kids. We knew we’d have to take care of them. But we didn’t think about the fact that we’d have to feed them 3 meals AND SNACKS every. single. day. Right?!) Enter baby food pouches: The feeding option that packs a nutritional punch, cuts mess in half, and cuts out prep altogether.

Whether your need another caregiver to feed your child and you want peace of mind, you’ll be on the go and need a portable snack in the car or on the plane, you just want to get something more nutrient-dense than puffs into them before their next mealtime, or, you just want to sneak a serving of veggies and some good fats into their diet, pouches have your back. 

Keep reading for a complete list of the baby food pouch brands and flavors I turn to again and again as a pediatric dietitian and picky eating specialist!

The 50 Best Baby & Toddler Food Pouches On The Market Right Now

Here are my 50 fav pouch options, all in one list. If you’d like a bit more info on each one, or if you’re looking for something specific, like the best brain-boosting pouches, the most veggie-forward pouches, or the top iron-rich pouches, then keep scrolling. There are more juicy details below!

  1. Serenity Kids Carrots, Spinach & Basil
  2. Serenity Kids Turmeric Chicken With Bone Broth
  3. Serenity Kids Turkey Bolognese With Bone Broth
  4. Serenity Kids Sweet Potato & Parsnip
  5. Serenity Kids Roots
  6. Serenity Kids Sweet Potato & Spinach
  7. Serenity Kids Squashes
  8. Serenity Kids Carrot Medley
  9. Serenity Kids Butternut Squash & Spinach
  10. Serenity Kids Wild Caught Salmon With Organic Butternut Squash & Beets
  11. Serenity Kids Grass Fed Beef With Organic Kale & Sweet Potatoes
  12. Earth’s Best Chicken Casserole
  13. Earth’s Best Pasta With Tomatoes & White Beans
  14. Earth’s Best Carrots & Broccoli
  15. Earth’s Best Squash & Sweet Peas
  16. Earth’s Best Sweet Potato & Beets
  17. Earth’s Best Pumpkin & Spinach
  18. Earth’s Best Sweet Potato, Cinnamon & Oat
  19. Earth’s Best Blueberry, Banana, Flax & Oat
  20. Earth’s Best Banana Apricot Pumpkin With Yogurt, Oat & Quinoa
  21. Earth’s Best Apple, Sweet Potato, Pumpkin, Blueberry
  22. Earth’s Best Spinach, Lentil, Brown Rice
  23. Happy Tot Zucchini, Apple, Peas, Quinoa & Basil
  24. Happy Tot Broccoli And Carrots With Olive Oil & Garlic
  25. Happy Tot Squash, Chickpeas & Spinach With Olive Oil & Sage
  26. Happy Tot Sweet Potatoes With Olive Oil & Rosemary
  27. Happy Tot Purple Carrot & Cauliflower With Avocado Oil & Oregano
  28. Happy Tot Black Beans, Beets & Bananas
  29. Happy Tot Sweet Potato, Mangoes & Carrots
  30. Happy Tot Pears, Kale & Spinach
  31. Happy Tot Apples & Butternut Squash Super Chia Pouch
  32. Happy Tot Carrots, Strawberries & Chickpeas
  33. Happy Tot Pears, Green Beans & Peas Super Chia Pouch
  34. Cerebelly Green Bean Pumpkin
  35. Cerebelly Sweet Potato Pinto Bean
  36. Cerebelly Carrot Beef Broth
  37. Cerebelly Pea Basil
  38. Cerebelly Black Bean Sweet Potato
  39. Cerebelly Carrot Chickpea
  40. Cerebelly Butternut Squash White Bean
  41. Cerebelly Broccoli Pear
  42. Cerebelly Carrot Pumpkin
  43. Once Upon A Farm Apple Cinnamon Overnight Oats
  44. Once Upon A Farm Blueberry Overnight Oats
  45. Once Upon A Farm Ras-Pear-Y Vanilla Smart Blend
  46. Once Upon A Farm Pear-Y Blueberry & Spinach Smart Blend
  47. Once Upon A Farm Ohmymega Veggie
  48. Once Upon A Farm  Wild Rumpus Avocado
  49. Happy Baby Apples & Walnut Butter
  50. White Leaf Provisions Carrot, Sweet Potato & Pea

Get 15% Off Your First Serenity Kids Order

Thinking about stocking up on a few Serenity Kids flavors? Use my super-special link and apply the code MAMAKNOWS when you check out to get 15% off your first order.

Reasons To Use & Love Baby Food Pouches

Baby food pouches have wiggled their way into a top spot on the baby food pyramid and for good reason! Instead of jars and spoons and high chairs, parents can opt for a pouch, cut the mess in half, and cut the prep out altogether when it comes to feeding their babies. No wonder they’re such a staple in so many homes. But as great as they are (and they really are!), I do suggest sticking within a few serving parameters.

How To Use Baby Food Squeeze Pouches

I generally like to suggest using pouches strategically and somewhat sparingly. As a rule of thumb, I try not to serve your child more than one a day. Simply because, ideally, we want our kids to be acquainted with all types of foods in all different forms, without creating too much of a reliance on pureed foods.

Because pouches are such an easy and comfortable food for so many little ones, pouches can perpetuate picky eating and even texture aversions if used too often. They can also stall oral motor development if used too often.

Bottom Line: Serve pouches, for sure! Just see them as one part of a bigger rotation of foods you serve. That way, you won’t go wrong.

(P.S. Wondering how to include other types of foods into baby’s days? Check out my Ultimate Guide to Baby’s First Foods from 4-6 Months Old)

Go Ahead, Mama! Live That Pouch Life.

Pouches are so incredibly practical and they’re loved by parents and little ones alike, which is why so many parents—and so many food companies—are jumping on the baby food pouch train. They’re less messy, they combine the convenience of an on-the-go snack with the nutrition of a meal. Oh, and did I mention they’re less of a mess? So whatever the reason you opt for pouches, you can feel really great about giving them to your kids. Especially when, more often than not, you opt for the super-nutritious options I’m about to tell you about.

The Best Baby Food Pouches For Nutritional Needs

Have I mentioned that I love pouches for you? Because I really do. But, not every pouch is created equal. While it’s no big deal to serve a “less nutritious” pouch here and there, if they’re something you rely on regularly, I love the options listed here, because they help you make sure you’ve covered your child’s nutritional bases without giving it much in-the-moment thought.

Here are some of the best pouches on the market, broken down by what makes them stand out nutritionally. There are options with fruits and veggie combos for a snack packed with vitamins and minerals, some that merge a high-quality protein source with a complimentary veggie side, and some that include nutrient boosts like hemp seeds. You can’t go wrong with any of them!

And, these options will help you limit exposure to arsenic and other heavy metals in baby food. Mainly, you want to avoid/limit rice based baby foods, as those will be higher in arsenic. This is not something you need to worry over! Just make sure to vary their foods, and limit rice and rice-based products to once a day.

Related: How To Shop for Baby Food (My Top Tips!)

10 Best Flavor-Packed Baby Food Pouches

These options include a variety of diverse ingredients, spices, nutrition boosters, and/or herbs for seasoning, so by serving them, you’re exposing baby to lots of different flavors early on. This exposure can go a long way in broadening their palate. It can even help prevent picky eating down the line!

  1. Serenity Kids Carrots, Spinach & Basil
  2. Serenity Kids Turmeric Chicken With Bone Broth
  3. Serenity Kids Turkey Bolognese With Bone Broth
  4. Earth’s Best Chicken Casserole
  5. Earth’s Best Pasta With Tomatoes & White Beans
  6. Cerebelly Pea Basil
  7. Happy Tot Broccoli And Carrots With Olive Oil & Garlic
  8. Happy Tot Squash, Chickpeas & Spinach With Olive Oil & Sage
  9. Happy Tot Sweet Potatoes With Olive Oil & Rosemary
  10. Happy Tot Purple Carrot & Cauliflower With Avocado Oil & Oregano

10 Best Brain-Boosting Baby Food Pouches

These options go beyond a simple fruit and veggie puree by including between 2. 5 to 5 grams of high-quality fat in each pouch. Fat is crucial for central nervous system development in babies, which is what makes them brain boosters! These pouches are also great choices if you want to make sure your baby is hitting those fat targets.

  1. Serenity Kids sweet potato and parsnip
  2. Serenity Kids roots
  3. Serenity Kids sweet potato and spinach
  4. Serenity Kids squashes
  5. Cerebelly green bean pumpkin
  6. Cerebelly sweet potato pinto bean
  7. Cerebelly carrot beef broth
  8. Once Upon a Farm apple cinnamon overnight oats
  9. Once Upon a Farm blueberry overnight oats
  10. Happy Baby apples and walnut butter

10 Best Iron-Rich Baby Food Pouches

Iron is a nutrient that as the parent of a baby or toddler, you do want to be paying attention to. Babies are both with iron stores which they receive from us in utero, but stores run out by about 6 months. After that, your child needs to get their iron food sources. These pouch options will provide a substantial amount of iron. Think anywhere from 15-60% of their daily needs!

Related: The Best Sources of Iron for Toddlers

  1. Cerebelly Black Bean Sweet Potato
  2. Cerebelly Carrot Chickpea
  3. Cerebelly Butternut Squash White Bean
  4. Cerebelly Broccoli Pear
  5. Cerebelly Carrot Pumpkin
  6. Serenity Kids Wild Caught Salmon With Organic Butternut Squash & Beets
  7. Serenity Kids Grass Fed Beef With Organic Kale & Sweet Potatoes
  8. Happy Tot Pears, Green Beans & Peas Super Chia Pouch
  9. Once Upon A Farm Ras-Pear-Y Vanilla Smart Blend
  10. Once Upon A Farm Pear-Y Blueberry And Spinach Smart Blend

10 Best Baby Food Veggie Pouches

Some babies don’t love their veggies. But that doesn’t mean there aren’t ways to still give them exposure to veggies while getting more nutrients into them! These veggie-packed baby food pouches combine several veggies with a fruit or other food, to make it more appealing to your toddler. This is a great way to weave a serving of veggies in here or there!

  1. White Leaf Provisions Carrot, Sweet Potato & Pea
  2. Once Upon A Farm Ohmymega Veggie
  3. Once Upon A Farm  Wild Rumpus Avocado
  4. Serenity Kids Carrot Medley
  5. Serenity Kids Butternut Squash And Spinach
  6. Earth’s Best Carrots & Broccoli
  7. Earth’s Best Squash & Sweet Peas
  8. Earth’s Best Sweet Potato & Beets
  9. Earth’s Best Pumpkin & Spinach
  10. Happy Tot Zucchini, Apple, Peas, Quinoa & Basil

10 Best Value Pouches for Babies & Toddlers

These are my favorite cost-effective go-to pouches because they still check a lot of the nutrition boxes. Some of them may be simpler in composition than their more expensive counterparts, but they still contain organic produce, vitamins and minerals, and a good amount of nutrients for under $2 each.

  1. Earth’s Best Sweet Potato, Cinnamon & Oat
  2. Earth’s Best Blueberry, Banana, Flax & Oat
  3. Earth’s Best Banana Apricot Pumpkin With Yogurt, Oat & Quinoa
  4. Earth’s Best Apple, Sweet Potato, Pumpkin, Blueberry
  5. Earth’s Best Spinach, Lentil, Brown Rice
  6. Happy Tot Black Beans, Beets & Bananas
  7. Happy Tot Sweet Potato, Mangoes & Carrots
  8. Happy Tot Pears, Kale & Spinach
  9. Happy Tot Apples & Butternut Squash Super Chia Pouch
  10. Happy Tot Carrots, Strawberries & Chickpeas

More Baby Food Options

The companies who create all my favorite baby food pouches have several more offerings—all of which are great for baby depending on what you’re looking for. I trust these brands and their products both because they’re formulated without added sugar and because they use organic produce and non-GMO ingredients. Some of the one- or two-ingredient fruit pouches are less nutrient-dense than, say, the ones that include veggies, fats, and protein. But they can still be useful in your child’s diet!

Other Foods By My Favorite Brands

  • Once Upon A Farm Baby Meals (6 Months+)
  • Serenity Kids Grain Free Puffs (6 Months+)
  • Cerebelly Smart Bars (For Ages 1+)
  • Tiny Organics Meals (6 Months+)

Keep It Nutrient-Dense, But Don’t Stress

There’s no shame in the baby food pouch game, mama! Use them as much as you want to, have to, or can afford to. When possible, I do recommend opting for the pouches that are a little more nutrient-dense so that your baby or toddler is getting a mix of carbohydrates, protein, and fat, as well as a variety of vitamins and minerals. Remember that the more foods you are able to introduce into their diet, the more likely their nutritional bases are to be covered by the foods they eat. (So the less likely they are to need supplements!) Plus, it’s best for kids to become familiar with a large variety of foods, textures, mixtures, seasonings, and spices—to hopefully avoid picky eating down the line. But as long as most of the pouches they have are nutritionally decent, you can rest easy knowing you’re serving a great, convenient, child-approved option!

Adding New Foods To Baby’s Diet? Grab My Simply Solids Guide!

This research-backed guide to starting solids—something you can do alongside breastfeeding and serving purees and pouches if you choose to—eliminates doubt and helps you feed them well, right from the start. It’s usually $15, but right now it’s free!

Get The FREE Guide

Responsible Package Management in Visual Studio / Sudo Null IT News

Almost nine years ago, a new open source project called NuGet (www.NuGet.org) was introduced to the world. Two years after its debut, NuGet began shipping with Microsoft Visual Studio, which is still the case today. NuGet is one of several package managers (package managers) such as Node Package Manager (NPM) for JavaScript and Maven for Java. Package managers simplify and automate the use of libraries. For example, if you need a library to implement JavaScript Object Notation (JSON) in your .NET application, with just a few clicks, your application will have powerful features that you don't need to implement yourself, for free. nine0003

Back in the day, developers created and maintained their own libraries. If you needed a library, chances are you politely asked fellow developers about it in the online communities somewhere on CompuServe, which was accepted in such communities, and there was every chance that you could get a library that meets your needs. needs, or at least advice on how to create it yourself.

Today, Open Source Software (OSS) has created unprecedented accessibility to code and package management systems that make it incredibly easy to implement code into your applications. However, this progress has brought not only numerous benefits, but also new risks and challenges. One recent example is the November 2018 event-stream incident involving NPM. This article focuses on how to use NuGet responsibly in Visual Studio to mitigate these risks. nine0003

If you work for a public company regulated by SOX, or are subject to HIPAA or PCI, and your applications directly depend on some public NuGet source, then there is every chance that your company may violate the above standards, despite absence of any adverse incidents.

No production application or build process should ever directly depend on any public source packages. nine0003

If you are not very familiar with NuGet

If you are not familiar with NuGet, do not know what it is and how it works in general, then I recommend that you read the official documentation, where you can find all the information you are interested in . And if you're a Pluralsight subscriber, you can check out my Intro to NuGet course.

The concepts presented here do not require a deep understanding of NuGet. The target audience includes both experienced developers and directors with managers responsible for implementing the company's security and risk mitigation policies. nine0003

Package managers and package sources

Before diving into the basic concepts of package managers in .NET/Visual Studio with NuGet, let's say a few words about package managers and packages in general. The following are the basic concepts you need to know:

  • Package: An archive file (such as a zip or tar) that contains code artifacts and additional metadata for the package manager, which in turn is used by the development environment to add package contents to the project. nine0003

  • Package manager: A tool that an application development environment (such as Visual Studio, Eclipse, etc.) uses to access packages contained in a package source. Common package managers are NuGet, Maven, and Node Package Manager (NPM). The package manager not only takes care of managing access to a particular package, it also takes care of access to other packages that the downloaded package depends on (i. e. it handles dependency management). nine0003

  • Package source: a collection of packages that contains metadata about each package. This metadata includes the current version number, release history, links to source code repositories (such as GitHub), documentation, license information. Some of the most popular package sources include NuGet.org, MyGet, and npmjs.com.

Companies should create and manage their own packages and their dependencies, and strive to create and use their own internal package sources. nine0003

The relationship between these three elements is quite simple: the application development environment uses a package manager to connect to a package source and get packages from it to be used in the application development project.

What are the risks?

Of the three items listed above, two are at risk: packages and package sources. Package sources such as npmjs.com and NuGet.org are open to the point that anyone can create an account and upload a package there, which will then be downloaded by others. nine0029 For this reason alone, such open source packages are inherently unreliable . Does this mean you should avoid open sources? Of course not. This means that when you obtain packages from such sources, you must exercise due diligence by inspecting the contents of those packages. If you cannot determine with certainty the origin of a package and its contents, you are exposing your firm to a risk that could otherwise be avoided. A real example of such a risk and its consequences was the event-stream incident discovered in November 2018. This incident was linked to malicious code in a package that collected account data from accounts with a balance of bitcoins above a certain level. The Register reported that the code was part of a popular NPM library that averaged up to two million downloads per week. nine0003

If you cannot determine the origin of a package and its contents with certainty, you are exposing your firm to a risk that could otherwise be avoided.

On the one hand, open source packages make code easily accessible. On the other hand, these open package sources DO NOT, and possibly CANNOT, PRINCIPALLY control the presence of malicious code in packages. So who should be watching this? The answer is very simple: YOU! If you bring a package into your organization, you must review not only the contents of the package, but also the contents of all other packages that the uploaded package depends on. nine0003

Dependency management is another nice feature provided by the package manager. If it seemed to you that the introduction of a malicious package into your organization is similar to the spread of a contagious virus, you understood everything correctly.

The point is that no production application or build process should ever directly depend on any packages from public sources. Apart from attackers, there are many other less dangerous reasons not to trust public package sources:0003

  • You leave everything to the package owner to manage dependencies and versions. What if the package owner introduces a dependency that is required for the package to work but is completely incompatible with your application?

  • What if the package owner uploads a new version of the package that works but still causes a bug in your application? If you set your build process to update packages automatically, this can be a costly bug that you will have to spend real money to fix. nine0003

Companies should create and manage their own packages and their dependencies, and strive to create and use their own internal package sources. If you are using a public source package, you should first open the package and evaluate its contents before adding that package to your project or its contents to your own package.

Doesn't signing packages reduce risk?

In a word, yes, but it is a “yes” with reservations. nine0029 Signing reduces some risks, but not all . Signing would not prevent the event-stream incident. The only thing signing a package does is certify the author/contributor of the package. Of course, in most environments, you can restrict the packages you can use to specific authors. If you have a public key, then you can take only those packages that are signed by the author's certificate. However, this does not mean that you can relax and not look to take any package from this author. What if the author's certificate has been compromised? What if the author made an innocent mistake that could damage your company? nine0003

Now that you have some understanding of packages, package managers, and package sources, and the risks involved, let's apply that knowledge to NuGet.

NuGet Brief: Building Your Own NuGet Source

As I said earlier, this article is not a detailed NuGet how-to guide. If you are interested in this, then you should refer to the materials presented at the beginning of this article. In the previous section, I described how packages, package managers, and package sources are related - NuGet uses the same approach. For Visual Studio, NuGet is the standard built-in package manager and can be found as shown in figure 1 .

If you are using a package from a public source, you should first open the package and evaluate its contents before adding the package to your project or its contents to your own package.

Fig. 1. One way to access the NuGet package manager is through the context menu of a project or solution.

Figure 1 also shows the source of the packet. Most likely, NuGet.org is your active package source. In my case, it's something called Local Package Source. Figure 2 illustrates what it is:

Figure 2: In the NuGet package manager, you can manage package sources and their priority.

As you can see, the local NuGet source is just a directory on my work machine. It may come as a bit of a shock, but creating a NuGet source is as easy as creating a directory! Figure 3 shows the NuGet packages in this directory:

Figure 3: A file folder can serve as a NuGet source.

Anatomy of a NuGet package

A NuGet package is just a ZIP archive with a different extension (.nupkg). Figure 4 shows how to open its contents. nine0003 Fig. 4. If you have an archiver such as 7-zip, you can simply right-click on the NuGet package and open it as a normal archive.

Figure 5 shows the contents of the package. Let's see what's inside one of the most popular and widely used NuGet packages: NewtonSoft.Json.

Fig. 5. The NuGet package contains metadata, license information, and libraries for each supported version of .NET.

Looking at Figure 5, the items of particular interest are the lib folder and the signature, license, and nuspec files:

  • lib folder: this folder contains one or more subfolders named according to the naming convention for each supported version of .NET. You can learn more about multi-version support for .NET here.

  • The .signature.p7s file: is, as the name suggests, a signature file signed with an author's certificate. More information on how to sign NuGet packages can be found here. You can also learn how to require only signed packages to be available and restrict packages to certain authors here. nine0003

  • License.md: is a markup file containing the license terms for your package. Typically, this is an open source license such as MIT, GNU, or Apache 2.0.

  • Nuspec: Nuspec is a manifest file. This is the XML file that is used to create the NuGet package. We will talk about this file in the next section.

Creating your own NuGet package

You now understand packages, package managers, and package sources, and have a basic understanding of how NuGet fits into this space. You also understand how to create and link to your own package source using nothing more than a simple filepack. The only thing left to do is to learn how to create your own NuGet package. To illustrate this, I'm going to use my immutable class library, which I've written about in the past. nine0003

There are several approaches you can use to create NuGet packages. I'm going to show you the method that I think is the clearest and easiest to use. There are also many other options that you can apply, but I will not describe them here. For complete coverage of everything you can do with packaging, see the NuGet.org documentation.

Step 1: Create a Package Directory Structure and add your binaries

Figure 6 illustrates the directory structure.

Fig. 6. The NuGet package structure contains a lib folder containing a subfolder for each supported version of .NET. The only other file required is the nuspec (manifest) file.

I've added an icon.png that will be displayed in the package manager as shown in Figure 1. The License text file contains the MIT license. And finally the nuspec shown in Figure 7:

Step 2: Create the Nuspec file

The nuspec file shown in Figure 7 is very simple. nine0003 Figure 7: The nusepc file is a manifest that controls the process of creating a package. Most importantly, the nuspec file contains the dependencies of the package.

A complete reference for nuspec can be found here. The identifier (ID) you choose for your package must be unique in the context of the origin in which it is hosted. Accordingly, if you choose to make your NuGet package available on NuGet.org, then the ID must be unique to that source. Figure 8 shows how the package appears in the NuGet package manager:0003 Fig. Figure 8: The information contained in the nuspec file as we see it in the NuGet package manager.

Step 3: Create a NuGet package

To create a NuGet package from the command line, you need the NuGet command line tools. Figure 9 shows where you can download NuGet.exe.

Figure 9: NuGet.exe provides command-line access to NuGet functionality, including packaging and downloading/installing NuGet packages in your projects through an automated build server such as Jenkins or Team City. nine0002 Figure 10 shows how to create a NuGet package:

Figure 10: The pack NuGet. exe command creates a NuGet package based on the nuspec file.
Step 4: Publish your package

Depending on the type of package source you are using, your steps may vary slightly. For a source directory, the process is to copy the file into the directory. If you are hosting your own NuGet server, you will need to use one of the methods described here.

Other hosting options

Instead of self-hosting or using the public NuGet.org, you can choose a third party service. There are paid services for NuGet such as myget (myget.org) and Chocolatey (chocolatey.org). If it's so easy to create your own source, then why would you need a paid service? These paid services have their own Disaster Recovery infrastructure. If you are hosting your own origin, you need to think about how your server will be backed up and replicated, and how you will recover in the event of some catastrophic event. nine0003

Conclusion

Open source has made it easy to add features to your applications. Part of that simplicity is speed. Speed ​​and simplicity means less “friction” (friction). Long ago, before open source as we know it today, before the internet, and before package management, there was implicit friction in the system that gave us time to evaluate and analyze. Developers of the past generation, in my opinion, were better versed in change management. They recognized the discipline and rigor required to reduce risk. With all the benefits of modern technology, and the speed and simplicity we get with it, it's more important than ever to use risk mitigation techniques like the ones we've discussed in this article, because if it's easier for us to do good things, then so too are we. it is easier for attackers to turn their dirty deeds. Strong protection and risk mitigation are not free. One of the most insidious negative side effects of free open source is the expectation that things that used to have a price no longer have a price. Keep this in mind the next time you introduce the package into your environment. If your organization is regulated by SOX, HIPAA, FINRA, PCI, etc., and you meet these requirements, then you will not let this happen. nine0003

Tonight at OTUS there will be an open lesson "Magic words async / await" , where we will analyze the mechanism hidden under the async / await keywords. We will also look at the correct use of these keywords and some other aspects of asynchronous programming in C#. Registration via the link.

Baby food storage: terms and requirements for storing baby food

nine0184 09/23/2019