anti-social.online is one of the many independent Mastodon servers you can use to participate in the fediverse.
We are a LGBTQIA+ (and allies) social instance of Mastodon. Pretty chill. We love gaming (gayming), tech (mostly), art, and meaningful discussions.

Administered by:

Server stats:

10
active users

#pythonpackaging

1 post1 participant1 post today

🚨 Quick Ways to Secure Your Python PyPI Publishing Workflow! 🚨

🔒 Want to keep your package safe? Follow these 3 key security steps:

✅ Use GitHub Environments to restrict your publishing workflows
✅ Set up PyPI Trusted Publisher instead of API tokens
✅ Scan your workflows with zizmor (on PyPI) to identify security flaws

Read more in our latest blog post:
🔗 pyopensci.org/blog/python-pack

Whenever Python's packaging ecosystem gets you down, stop for a moment, and think about going to random websites to download a separate .exe installation wizard per-package, manually resolving your dependencies; or modifying distutils so that it doesn't remove manifests from DLLs as you build them...

Stop, and and thank the people who have, and are still, making it _so much_ better than it was.