GitHub is hardening npm publishing rules but the underlying lessons can be applied by all developers: WebAuthn for writes, OIDC, and short-lived least-privilege credentials.
The post Security Lessons For All From GitHub’s Hardened Package Publication For npm appeared first on Security Boulevard.
