sethmlarson.dev

Archives
Log in
Subscribe
January 9, 2024

Starting 2024 off strong for securing Python (SBOM, provenance, macOS build repro, software IDs, oh my!)

2024 has only just begun and there's already so much to talk about. Here's a summary of topics in the first weekly report for 2024 from the Security Developer-in-Residence role:

  • Publish provenance on PyPI using Trusted Publishers

  • Software Bill-of-Materials for CPython available sooner than 3.13.0

  • Diffoscope support for XAR format useful for macOS build reproducibility

  • Discussion of Software Identifiers, mainly Package URLs and why they're great.

Read more: https://sethmlarson.dev/security-developer-in-residence-weekly-report-24

Don't miss what's next. Subscribe to sethmlarson.dev:
← Newer New article: urllib3 is fundraising for HTTP/2 support! Older → New article: 2023 year in review

Add a comment:

You're not signed in. Posting this comment will subscribe you to this newsletter with the email address you enter below.
Share this email:
Share on Hacker News Share on Reddit Share via email Share on Mastodon Share on Bluesky
sethmlarson.dev
Bluesky
Mastodon
Powered by Buttondown, the easiest way to start and grow your newsletter.