Tags

2fa

• 2FA Enforcement for New User Registrations
• 2FA Enforcement for TestPyPI
• 2FA Required for PyPI
• 2FA Requirement for PyPI begins 2024-01-01
• Enforcement of 2FA for upload.pypi.org begins today
• Incident Report: Unauthorized User Accounts Access
• Incident Report: User Account Takeover
• Securing PyPI accounts via Two-Factor Authentication

blogs-about-blogs

• Welcome to the PyPI Blog

compliance

• PyPI was subpoenaed

deprecation

• Deprecation of bdist_egg uploads to PyPI

hiring

• Announcing a PyPI Support Specialist
• Announcing the PyPI Safety & Security Engineer role
• PyPI hires a Safety & Security Engineer

infrastructure

• Security Audit Remediation: cabotage

integrations

• GitHub now scans public issues for PyPI secrets
• Malware Reporting Evolved

meta

• Welcome to the PyPI Blog

oidc

• Expanding Trusted Publisher Support
• Introducing 'Trusted Publishers'
• PyPI now supports digital attestations

organizations

• Introducing PyPI Organizations

policies

• Introducing our new Terms of Service

publishing

• Expanding Trusted Publisher Support
• Introducing 'Trusted Publishers'
• PyPI now supports digital attestations

security

• 2FA Enforcement for New User Registrations
• 2FA Enforcement for TestPyPI
• 2FA Required for PyPI
• 2FA Requirement for PyPI begins 2024-01-01
• Announcing the PyPI Safety & Security Engineer role
• Announcing the launch of PyPI Malware Reporting and Response project
• Enforcement of 2FA for upload.pypi.org begins today
• Expanding Trusted Publisher Support
• GitHub now scans public issues for PyPI secrets
• Inbound Malware Volume Report
• Incident Report: Leaked GitHub Personal Access Token
• Incident Report: Organizations Team privileges
• Incident Report: Unauthorized User Accounts Access
• Incident Report: User Account Takeover
• Introducing 'Trusted Publishers'
• Malware Distribution and Domain Abuse
• Malware Package Analysis: aiocpa
• Malware Reporting Evolved
• Prohibiting Outlook email domains
• Project Quarantine
• PyPI Now Supports Project Archival
• PyPI has completed its first security audit
• PyPI now supports digital attestations
• Reducing Stored IP Data in PyPI
• Removing PGP from PyPI
• Safety & Security Engineer: First Year in Review
• Securing PyPI accounts via Two-Factor Authentication
• Security Audit Remediation: Warehouse
• Security Audit Remediation: cabotage
• Supply-chain attack analysis: Ultralytics

support

• Announcing a PyPI Support Specialist

sustainability

• Introducing PyPI Organizations

transparency

• Inbound Malware Volume Report
• Incident Report: Leaked GitHub Personal Access Token
• Incident Report: Organizations Team privileges
• Incident Report: Unauthorized User Accounts Access
• Incident Report: User Account Takeover
• Introducing our new Terms of Service
• Malware Distribution and Domain Abuse
• Malware Package Analysis: aiocpa
• Prohibiting Outlook email domains
• PyPI has completed its first security audit
• PyPI was subpoenaed
• Reducing Stored IP Data in PyPI
• Safety & Security Engineer: First Year in Review
• Security Audit Remediation: Warehouse
• Security Audit Remediation: cabotage

welcome

• Welcome to the PyPI Blog