agriyakhetarpal/hugo-python-distributions

Security

agriyakhetarpal opened this issue a year ago · 1 comments

agriyakhetarpal commented a year ago

Security disclaimers in the documentation
GPG-sign binaries (or use sigstore) when publishing to PyPI
Add some guidelines for users for verifiability of downloaded wheels

See #70.

agriyakhetarpal commented a year ago

Additional: look into security policies for Hugo, Chocolatey, Homebrew, MacPorts, and finally, pip