This is an interesting development: [image] Trusted publishing: a new benchmark for packaging security Read the official announcement on the PyPI blog as well! For the past year, we’ve worked with the Python Package Index to add a new, more secure authentication method called “trusted p…

PyPI: Trusted publishing

Aidan (Aidan Heerdegen, ACCESS-NRI Release Team Lead) 24 May 2023 00:03 1

This is an interesting development:

For anyone publishing packages to PyPI it seems like a no-brainer to move to this trusted publishing model. It is likely that this will be more widely adopted as it seems to address a lot of the current issues with authenticating to services like this with CI/CD workflows.

1 Like

Topic		Replies	Views
pyOpenSci will review your package Technical python , packaging , standards , code-review	0	201	22 February 2023
Tea, a new frictionless paradigm in software packaging Technical software	1	237	30 November 2022
Favourite Github Action for building/publishing a conda package Technical conda , github , workflow , ci	5	367	10 May 2023
Over 450 pypi packages infected with malware Technical python , security , pypi	0	148	16 February 2023
Poster: Connecting evaluation tools across the LSM community: ME.org Client + HPCPy Workshop Posters python , workshop , model-evaluation , land , hpc , senior , poster , workshop-2024	11	71	5 September 2024

PyPI: Trusted publishing

Related topics