PyPI: Expanding Trusted Publisher Support(blog.pypi.org)
blog.pypi.org
PyPI: Expanding Trusted Publisher Support
https://blog.pypi.org/posts/2024-04-17-expanding-trusted-publisher-support/
2 comments
[deleted]
https://blog.pypi.org/posts/2024-04-17-expanding-trusted-publisher-support/
Now developers just need to make sure they secure their code at the pipeline level. Pipeline compromise = package compromise.