Isolating risk in the CPython release process
Today’s report for the Security Developer-in-Residence role includes:
Modifying the CPython release process in GitHub Actions to isolate the source artifacts from additional risk.
Recordings for my talk and tabletop session at SOSS Community Day NA 2024.
Update on mentoring for Google Summer of Code 2024 to add hardened compiler options to CPython.
Windows SBOMs are coming with the next CPython releases. 🥳
Don't miss what's next. Subscribe to sethmlarson.dev:
Start the conversation: