|
|
|
|
|
|
by woodruffw
1148 days ago
|
|
|
It’s not directly related to SLSA, although SLSA is an adjacent effort to improve package security! I think provenance would be misleading in this context, since it’s mostly a side effect of the intended behavior (i.e., publishing without needing to manually configure a shared credential). |
|
|