Signed HTTP Exchanges (SXG) & Web Bundles weren't yet finalized (could be used to secure WASM packages); from https://web.dev/web-bundles/ :
HTTP resources in a Web Bundle are indexed by request URLs, and can optionally come with signatures that vouch for the resources. Signatures allow browsers to understand and verify where each resource came from, and treats each as coming from its true origin. This is similar to how Signed HTTP Exchanges, a feature for signing a single HTTP resource, are handled.
noarch
packages can be installed with emscriptenforge without modification.
https://github.com/pyodide/pyodide/issues/795#issuecomment-1250084898 :
EmscriptenForge
https://github.com/emscripten-forge/empack
https://github.com/emscripten-forge/recipes
https://github.com/emscripten-forge/recipes/blob/main/.github/workflows/build_recipes.yaml
https://github.com/emscripten-forge/recipes/blob/main/recipes/recipes_emscripten/python/recipe.yaml
https://github.com/mamba-org/picomamba/
https://github.com/mamba-org/picomamba/blob/d15420d2a2cf1cabf19da42e4c7a1734a5c4c46b/python/module/picomamba/picomamba.py#L176-L189
EmscriptenForge, CondaForge, Pyodide package SECurity and PERFormance