Read the official announcement on the PyPI blog as well! For the past year, we’ve worked with the Python Package Index (PyPI) on a new security feature for the Python ecosystem: index-hosted digital attestations, as specified in PEP 740. These attestations improve on traditional PGP signatures (which have been disabled on PyPI) by providing key…
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2024/11/attestations-a-new-generation-of-signatures-on-pypi/
