Automatic Trusted Publishing with PyPI

Overview

Explore the concept of "Trusted Publishing" introduced by PyPI in this 26-minute conference talk from EuroPython 2024. Learn how package maintainers can create releases directly from GitHub Actions pipelines without managing tokens, enhancing security against supply chain attacks. Discover the inner workings of this feature, understand how to implement it with minimal changes to existing setups, and get insights into the ongoing efforts to expand support for other publishers like GitLab, Google, and ActiveState.

Syllabus

Automatic trusted publishing with PyPI — Facundo Tuesca

Taught by

EuroPython Conference

Reviews

Start your review of Automatic Trusted Publishing with PyPI

Coursera Cuts Jobs Despite $100M Revenue Milestone

Most common

Popular subjects

Popular courses

Automatic Trusted Publishing with PyPI

Overview

Syllabus

Taught by

Reviews

Coursera Cuts Jobs Despite $100M Revenue Milestone

Taught by

Trusted Publishing: Lessons from PyPI

PEP 458 - A Solution Not Only for PyPI

PEP 740 and PyPI - Bootstrapping Provenance for the Python Ecosystem

Implementing PEP 458 to Secure PyPI Downloads

Secure Python Packaging and Release Using Continuous Deployment

Making Python Safer Than Ever

10 Best Python Courses for 2024: Charming the Snake

Never Stop Learning.