Introducing 'Trusted Publishers'
Starting today, PyPI package maintainers can adopt a new, more secure publishing method that does not require long-lived passwords or API tokens to be shared with external systems.
Starting today, PyPI package maintainers can adopt a new, more secure publishing method that does not require long-lived passwords or API tokens to be shared with external systems.
Today, we're excited to launch blog.pypi.org, the official blog of the Python Package Index.
One of the most common refrains I hear from Python community members, irrespective of if they have been around for days or years, is "I didn't realize that PyPI...". Followed by something along the lines of: