Explore the implementation of PEP 458 for securing Python packages on PyPI and its broader applications in a 29-minute conference talk from EuroPython 2023. Discover how the PEP 458 design inspired the Repository Service for TUF (RSTUF), an OpenSSF sandbox project aimed at enhancing software supply chain security. Learn about the potential of RSTUF to benefit PyPI's vast package ecosystem and its adaptability for organizations of various scales. Gain insights into the workings of PEP 458 and The Update Framework (TUF), understanding their roles in fortifying software repositories against potential attacks.
Overview
Syllabus
PEP 458 a solution not only for PyPI — Kairo de Araujo, Martin Vrachev
Taught by
EuroPython Conference
Related Courses
-
Implementing PEP 458 to Secure PyPI Downloads
-
TUF Joins PyPI - Securing Package Delivery with The Update Framework
-
PEP 740 and PyPI - Bootstrapping Provenance for the Python Ecosystem
-
Securing Content Distribution with RSTUF, an Incubating OpenSSF Project
-
Securing Python Projects Supply Chain
-
Improving Package Repository Security - From White Papers to Practice
