|
|
|
|
|
|
by matt_kantor
43 days ago
|
|
|
> The whole idea of trusting the cloud to manage credentials on your behalf seems like a mistake. Isn't this what the "trusted" in "trusted publishing" implies? Maybe you're saying that trusted publishing itself seems like a mistake, but if so you don't need to use it: you can publish your packages the old-fashioned way and npm will make you go through the 2fa flow. |
|
|