Y
Hacker News
new
|
ask
|
show
|
jobs
by
bakkoting
276 days ago
It doesn't require 2FA in general, but it does for people with publish rights for popular packages, which covers most or all of the recent security incidents.
https://github.blog/changelog/2022-11-01-high-impact-package...