This is an interesting development: [image] Trusted publishing: a new benchmark for packaging security Read the official announcement on the PyPI blog as well! For the past year, we’ve worked with the Python Package Index to add a new, more secure authentication method called “trusted p…

PyPI: Trusted publishing

Aidan (Aidan Heerdegen, ACCESS-NRI Release Team Lead) 24 May 2023 00:03 1

This is an interesting development:

For anyone publishing packages to PyPI it seems like a no-brainer to move to this trusted publishing model. It is likely that this will be more widely adopted as it seems to address a lot of the current issues with authenticating to services like this with CI/CD workflows.

1 Like

Topic		Replies	Views
pyOpenSci will review your package Technical python , packaging , standards , code-review	0	171	22 February 2023
Tea, a new frictionless paradigm in software packaging Technical software	1	212	30 November 2022
Favourite Github Action for building/publishing a conda package Technical conda , github , workflow , ci	5	186	10 May 2023
Over 450 pypi packages infected with malware Technical python , security , pypi	0	121	16 February 2023
Nextflow adds support for spack spack spack , nextflow	0	172	20 February 2023

PyPI: Trusted publishing

Related Topics