|
|
|
|
|
|
by Macha
35 days ago
|
|
|
In some ways the push towards trusted publishing has made these attacks more likely as the credentials are sitting in a standardized, always on CI system, rather than in a locked down corporate CI system for big packages or a developers machine or developers head for smaller open source packages. |
|
|