warehouse
warehouse copied to clipboard
Adding badges / indicators for Trusted Publishers
Context: the new trusted publishers method rocks, you all rock, and I want as many prominent pypi projects to adopt this as possible.
What's the problem this feature will solve?
- Improve discoverability of the Trusted Publishers method
- Incentivize projects to migrate to Trusted Publishers
- Make it easier for people doing OSS supply chain assessments to see, at a glance, that a project is using Trusted Publishers
Describe the solution you'd like Now that hydra-zen is using trusted publishers, I want my little pypi badge to display some kind of shield, letting my users know about the enhanced security / advertising to other projects that this is a thing
(gimme a shield with, like, some fierce looking snake on it!)
It would also be nice if hydra-zen's pypi page featured some Trusted Publishers checkmark. Namely, when I am doing a supply chain review, it would be great to see if a project is utilizing this at a glance.
Additional context Love this new capability! Awesome work!