all InfoSec news
Trusted publishing: a new benchmark for packaging security
Malware Analysis, News and Indicators - Latest topics malware.news
Read the official announcement on the PyPI blog as well!
For the past year, we’ve worked with the Python Package Index to add a new, more secure authentication method called “trusted publishing.” Trusted publishing eliminates the need for long-lived API tokens and passwords, reducing the risk of supply chain attacks and credential leaks while also streamlining release workflows. Critical packages on PyPI are already using trusted publishing to make their release processes more secure.
If you publish packages to PyPI, …
announcement api attacks authentication benchmark blog called credential official package packaging passwords publishing pypi python python package python package index risk security supply supply chain supply chain attacks tokens