Publishing provenance possibly prevents problems
Developers who use GitHub Actions to build software packages for the npm registry can now add a command flag that will publish details about the code’s origin.…
This article has been indexed from The Register – Security
Read the original article: