Introducing npm package provenance

19 April 2023

Starting today, when you build your npm projects on GitHub Actions, you can publish provenance alongside your package by including the flag. This provenance data gives consumers a verifiable way to link a package back to its source repository and the specific build instructions used to publish it (see example on npmjs.com).

Read full article on Github

Date:

19 April 2023

Categorie(s):

NEWS

Tag(s):

Github, GitHub Actions, IT, Open Source Hosting, Open Source Software

Ex-Cybersecurity Consultant Jailed For Trading Confidential Data4 May 2024
Microsoft plans to lock down Windows DNS like never before. Here’s how.4 May 2024
Kaspersky hits back at claims its AI helped Russia develop military drone systems4 May 2024
Kaspersky hits back at claims it helped Russia develop military drone systems3 May 2024
Smoke and (screen) mirrors: A strange signed backdoor3 May 2024