Overview
Explore the implementation of PEP 458 for securing Python packages on PyPI and its broader applications in a 29-minute conference talk from EuroPython 2023. Discover how the PEP 458 design inspired the Repository Service for TUF (RSTUF), an OpenSSF sandbox project aimed at enhancing software supply chain security. Learn about the potential of RSTUF to benefit PyPI's vast package ecosystem and its adaptability for organizations of various scales. Gain insights into the workings of PEP 458 and The Update Framework (TUF), understanding their roles in fortifying software repositories against potential attacks.
Syllabus
PEP 458 a solution not only for PyPI — Kairo de Araujo, Martin Vrachev
Taught by
EuroPython Conference