The official blog of the Python Package Index| blog.pypi.org
Project compromises have common root causes we can mitigate: phishing, control handoff, and unsafe GitHub Actions triggers.| words.filippo.io