Lobsters
- Trusted publishing: a new benchmark for packaging security https://blog.trailofbits.com/2023/05/23/trusted-publishing-a-new-benchmark-for-packaging-security/ 7 comments python , security
Linking pages
- Adding build provenance to Homebrew | Trail of Bits Blog https://blog.trailofbits.com/2023/11/06/adding-build-provenance-to-homebrew/ 46 comments
- Attestations: A new generation of signatures on PyPI | Trail of Bits Blog https://blog.trailofbits.com/2024/11/14/attestations-a-new-generation-of-signatures-on-pypi/ 8 comments
Linked pages
- https://crates.io 912 comments
- PyPI · The Python Package Index https://pypi.org 269 comments
- npm | Home https://www.npmjs.com/ 238 comments
- Getting 2FA Right in 2019 | Trail of Bits Blog https://blog.trailofbits.com/2019/06/20/getting-2fa-right-in-2019/ 230 comments
- JSON Web Tokens - jwt.io http://jwt.io 221 comments
- Raising the bar for software security: GitHub 2FA begins March 13 - The GitHub Blog https://github.blog/2023-03-09-raising-the-bar-for-software-security-github-2fa-begins-march-13/ 161 comments
- RubyGems.org | your community gem host https://rubygems.org/ 115 comments
- Introducing 'Trusted Publishers' - The Python Package Index https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/ 93 comments
- We sign code now | Trail of Bits Blog https://blog.trailofbits.com/2022/11/08/sigstore-code-signing-verification-software-supply-chain/ 65 comments
- JSON Web Token Introduction - jwt.io https://jwt.io/introduction 62 comments
- Flask · PyPI https://pypi.org/project/Flask/#history 59 comments
- GitHub - sigstore/sigstore-python: A Sigstore client in Python https://github.com/sigstore/sigstore-python 7 comments
- OpenID Connect | OpenID http://openid.net/connect/ 4 comments
- Using environments for deployment - GitHub Docs https://docs.github.com/en/actions/deployment/targeting-different-environments/using-environments-for-deployment 4 comments
- About security hardening with OpenID Connect - GitHub Docs https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect 3 comments
- GitHub Actions: Secure cloud deployments with OpenID Connect | GitHub Changelog https://github.blog/changelog/2021-10-27-github-actions-secure-cloud-deployments-with-openid-connect/ 0 comments
Would you like to stay up to date with Python? Checkout Python
Weekly.
Related searches:
Search whole site: site:blog.trailofbits.com
Search title: Trusted publishing: a new benchmark for packaging security | Trail of Bits Blog
See how to search.