Automatic Trusted Publishing with PyPI

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!

Grab it

Explore the concept of "Trusted Publishing" introduced by PyPI in this 26-minute conference talk from EuroPython 2024. Learn how package maintainers can create releases directly from GitHub Actions pipelines without managing tokens, enhancing security against supply chain attacks. Discover the inner workings of this feature, understand how to implement it with minimal changes to existing setups, and get insights into the ongoing efforts to expand support for other publishers like GitLab, Google, and ActiveState.

Syllabus

Automatic trusted publishing with PyPI — Facundo Tuesca

Taught by

EuroPython Conference

Reviews

Start your review of Automatic Trusted Publishing with PyPI

Taught by

Trusted Publishing: Lessons from PyPI

PEP 458 - A Solution Not Only for PyPI

Implementing PEP 458 to Secure PyPI Downloads

PEP 740 and PyPI - Bootstrapping Provenance for the Python Ecosystem

Secure Python Packaging and Release Using Continuous Deployment

Making Python Safer Than Ever

10 Best Python Courses for 2024: Charming the Snake

Never Stop Learning.