Y
Hacker News
new
|
ask
|
show
|
jobs
by
AtNightWeCode
280 days ago
The problem is that it is even possible to push builds from dev machines.
1 comments
madeofpalk
280 days ago
With NPM now supporting OIDC, you can just turn this off now
https://docs.npmjs.com/trusted-publishers
link