Introducing npm package provenance

19 April 2023

Starting today, when you build your npm projects on GitHub Actions, you can publish provenance alongside your package by including the flag. This provenance data gives consumers a verifiable way to link a package back to its source repository and the specific build instructions used to publish it (see example on npmjs.com).

Read full article on Github

Date:

19 April 2023

Categorie(s):

NEWS

Tag(s):

Github, GitHub Actions, IT, Open Source Hosting, Open Source Software

Harnessing the Power of Data and AI – Sivan Tehila – FS #15 November 2024
A Kansas pig butchering: CEO who defrauded bank, church, friends gets 24 years5 November 2024
Canada Arrests Suspected Hacker Linked to Snowflake Data Breaches5 November 2024
Amazon Inspector suppression rules best practices for AWS Organizations5 November 2024
Building Cybersecurity Resilience: Strategies, Technologies, and Best Practices from Industry Leaders5 November 2024