Posts tagged as "pypi"

Attest build provenance for a Python package in GitHub actions

As you may have noticed, supply chain attacks ae on the rise. These attacks usually target a small piece of software infrastructure that the…