Open woodruffw opened 1 year ago
All of our PyPI-packaged projects should use trusted publishing, rather than a manually configured API token.
Example trusted publishing workflow:
https://github.com/trailofbits/blight/blob/master/.github/workflows/release.yml
Resources:
Marking as "help wanted" due to maintenance status.
NB: A third-party contributor interested in working on this should ping me directly, as you'll need to coordinate with me to complete it.
Can I work on this issue
All of our PyPI-packaged projects should use trusted publishing, rather than a manually configured API token.
Example trusted publishing workflow:
https://github.com/trailofbits/blight/blob/master/.github/workflows/release.yml
Resources:
Marking as "help wanted" due to maintenance status.