Overview
Explore secure Python packaging and release processes using continuous deployment in this comprehensive tutorial. Learn about the security improvements aimed for in Python open source projects and understand the security features of GitHub and GitLab. Discover the importance of build reproducibility and how to implement it effectively. Master the setup of automated deployment to PyPI using GitHub and GitLab. Delve into the process of signing and verifying releases using Sigstore. Gain valuable insights from industry experts Martin Vrachev from VMware and Jussi Kukkonen from Google as they address common security vulnerabilities in Python package release processes and demonstrate best practices for maintaining the integrity of your projects.
Syllabus
Secure Python Packaging & Release Using Continuous Deployment - Martin Vrachev & Jussi Kukkonen
Taught by
Linux Foundation