136 lines
965 B
Markdown
136 lines
965 B
Markdown
---
|
||
title: Linuxcat周刊(第22期)
|
||
tags:
|
||
- Python
|
||
categories:
|
||
- Linuxcat周刊
|
||
index_img: /img/weekly/2024/22/
|
||
banner_img: /img/weekly/2024/22/
|
||
permalink: /weekly/2024-22/index.html
|
||
date: 2024-12-01 14:26:09
|
||
---
|
||
|
||
## 乐子
|
||
### 1 Python软件包存储库PyPI上线数字认证功能,以增强软件供应链安全性
|
||
Python Package Index (PyPI) 现在支持数字认证,这是为了提高项目供应链安全的可信度。数字认证是一种签名形式,与PGP签名相比,它通过Open ID Connect (OIDC) 身份验证,提供了与上游源代码库的可验证链接,并确保上传时证明的可验证性。此外,PyPI 提供了新的API和网页界面,以便用户查看和验证文件的数字认证。
|
||
> 消息来源: [PyPI Blog](https://blog.pypi.org/posts/2024-11-14-pypi-now-supports-digital-attestations/)
|
||
|
||
### 2
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|