PEP 740 ("Index support for digital attestations" introduces digital attestations which links the PyPI package to the GitHub repo, and helps users verify the source and authenticity of packages.
PyPI is still implementing support, but we can already start using it, which should also help them test out.
PEP 740 ("Index support for digital attestations" introduces digital attestations which links the PyPI package to the GitHub repo, and helps users verify the source and authenticity of packages.
PyPI is still implementing support, but we can already start using it, which should also help them test out.